republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Danger - Phishing ahead » Don't trust the Lock icon either!
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:

Googled
Yay, I have FIOS

join:2001-08-13
Orchard Park, NY
·VoicePulse

Re: Don't trust the Lock icon either!

I was thinking some more about this bug and I came up with an even scarier usage.

Using the Apache "Redirect" directive you can phish an entire site! Just put this into your httpd.conf!


Redirect /test "http://www.domainyouwant.com^A@www.domainyouhave.com"


Now anyone who visits www.domainyouhave.com/test will be redirected to the phished site! Doing this makes IE automatically modify EVERY link on the page to a phished version!

--
DirecWay DW3000 DRS, SatMex 5 1170 gateway 164, P3-533/256 MB, AOL+ 7.0 4114.10712 on 98SE w/ICS,shared to 2 x 2K Pro, 1 x Redhat Linux 7.3, 1 x Netgear 802.11b
permalink · 2003-12-12 17:43:22 · Print · Reply to this

justin
Australian
join:1999-05-28
Brooklyn, NY

Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech

Re: Don't trust the Lock icon either!

thats cute. I figured there would be creative use of redirectors.

I mean - you could post one of those "Special offer" links, the ones that nobody expects to look correct because they are long and have affiliate pay-on-click codes in them? - and then redirect to a phished version of SBC DSL signup page and keep them within it. Then collect credit card numbers for days before the victims noticed.
permalink · 2003-12-12 17:48:59 · Reply to this
Forums » Danger - Phishing ahead

Friday, 04-Dec 21:32:47 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [145] Avast Antivirus Has Gone Mad
· [126] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [83] FCC Ponders Moving From PSTN To IP Voice
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [74] Sprint Defuses GPS Privacy Media Bomb
· [70] Baltimore To Ban Lazy Cable Installs
· [64] Broadband Killed The Game Console
Most people now reading
· False positive in Avast! or is it real? [Security]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Farewell [Bell Canada]
· Windows 7 boot manager editing questions [Microsoft Help]
· [Unlock] TUTORIAL: VONAGE WRTP54G/RTP300 WITH 5.01.04 [VOIP Tech Chat]
· Evading throttling with uTP / uTorrent 1.9a [TekSavvy]
· ZR1 VS The USN Blue Angels! [56k Lookout (Broadband Heavy)]
· Disconnections on new account roughly every 5-10 minutes [TekSavvy]
· [Rant] Disrespect of PTO [Rants, Raves, and Praise]
· I finally jumped off the Windows ship! [All Things Macintosh]