New type of address encoding

Posted in Technicalon Dec 9, 2006

I got this phishing attach in my inbox.  You know, one of those that look like they are from paypal or someone, but they really aren’t.  They give you links that they ask you to click on, except that the links don’t go to paypal’s server, they go to some other site that looks like paypal and tricks you into providing your login credentials.  None of this is new.

What is new is how they are providing the address in the link.  They provided the IP address in hex.  So if I were to represent the address to my server, it would be: http://0xcf.0×2d.0×41.0×24/

I thought this was very interesting, so I tried it in Firefox and Opera on my mac, and neither were tricked.  Both browser’s didn’t convert the hex to the real IP address, so it didn’t work.   But it makes me wonder if there are browsers out there that might be tricked by such IP address encoding.

Related posts

  1. NBCOlympics gave away my email address
  2. Shrink that URL
  3. BYU’s new website theme fosters identity theft
  4. forum spamming
  5. radioclub server hacked

2 Comments

justin

December 12th, 2006 at 2:06 am

on my windows box, IE 3.0, 4.01, 5.01, 5.5, 6.0, and 7.0; Firefox 1.5.0.8 and 2.0; and Opera 9.02 all work with hex encoded url’s.

interesting…

webguy

December 19th, 2006 at 1:53 am

interesting indeed.

Comment Form

Status Updates

'>
Converted all my SSL apps to Google App Engine. I didn't want to have to pay for my own SSL certificate any more, and App Engine allows for SSL sites with valid and recognized certificates (on their appspot.com domain) for free.
Mar 18, 2010
  • Jacob BYU won their first round game! I'm not sure what to do, this has never happened to me before. Mar 18, 2010
  • 20T? I don't know if I can take any more Mar 18, 2010

    • Categories

    Copyright © 2004-2010 Jacob Brunson. | Log in

    Compositio Theme is created by: Design Disease.