[TriLUG] OT: how can this URL resolve?
Christopher J. Knowles
chrisk at trilug.org
Fri Feb 3 15:47:50 EST 2006
This makes sense... I did try windows and Linux... neither worked, and by not
worked, they all gave a browser error.
But I don't have an unpatched IE to work with... and neither should YOU. :)
CJK
On Friday 03 February 2006 15:36, Brian Henning wrote:
> I believe it works in certain unpatched versions of IE.. I remember
> seeing a patch come along addressing the "dotless URL vulnerability"
> some time ago.
>
> ~B
>
> Christopher J. Knowles wrote:
> > I'm more interested in which browser this worked in... I've tried it in
> > IE, Mozilla-Firefox, Mozilla, and Konqueror, none of them worked.
> >
> > CJK
> >
> > On Friday 03 February 2006 15:16, Christopher L Merrill wrote:
> >>I didn't think this was a legal URL without a top-level domain:
> >> http://3400329509/
> >>but it worked in my browser
> >>(the whole URL was http://3400329509/paypal.com/us/cgi-bin/index.php,
> >>the site for a paypal scammer in Indonesia)
> >>
> >>pinging 3400329509, much to my suprise, resolved to
> >> 202.172.233.37
> >>
> >>nslookup resulted in:
> >> $ nslookup 3400329509
> >> Server: rlghnc-dns-cac-06.nc.rr.com
> >> Address: 24.25.5.51
> >> *** rlghnc-dns-cac-06.nc.rr.com can't find 3400329509: Non-existent
> >>domain
> >>
> >>Also, a whois lookup fails...so I'm assuming there is some numeric
> >>decoding applied by the network stack to turn it into an IP address...
> >>anyone know what that decoding is?
> >>
> >>--
> >>-------------------------------------------------------------------------
> >>Chris Merrill | http://www.webperformance.com
> >>Web Performance Inc.
> >>
> >>Website Load Testing and Stress Testing Software
> >>-------------------------------------------------------------------------
>
> --
> ----------------
> Brian A. Henning
> strutmasters.com
> 336.597.2397x238
> ----------------
More information about the TriLUG
mailing list