[SURBL-Discuss]
Re: Heads up: new open redirecters and new spammer trick for urls
John Hardin
johnh at aproposretail.com
Mon May 17 11:50:26 CEST 2004
On Sun, 2004-05-16 at 01:46, John Fawcett wrote:
> In order to obtain the 302 code the browser sees
> 2 things are necessary:
> 1. Add a / before the * (That is the correct format for
> yahoo redirection)
> 2. Change the hTtP:\\ to hTtP:// (The mixed case is not a problem)
I think fixing all backslashes to forward slashes in the URL before
processing by SURBL would deal with both cases.
Are (unescaped or unencoded) backslashes even *valid* in URLs?
> Here's the URL. I didn't even munge it, since it should get
> past the filters.
>
> <a
> href="http://eur.rd.yahoo.com/electric\croydon\laity\otherworldly\phonetic\e
> xplicit\mountaineer\integrable\isadore\wangle\zounds\contumacy\embedded\sang
> uine\arrangeable\duane\malarial\bremsstrahlung\freshmen\windup\spoon\accompa
> ny\soldier\throb\boil\harrisburg\quartz\throne\giddap\waistcoat\guzzle\whoop
> \abreast\corral\latrobe\ct\castor\gallup\click\cretinous\alcoa\lysine\wheelc
> hair\levy\embedded\faint\floodlight\elmer\fiesta\pistachio\pulp\suppress\fle
> awort\flick\topcoat\brain\prom\bill\knife\serene\*hTtP:\\7Wv2eg82o19X.zbxra1
> .com/gp/iNdeX.ASP?id=BW"
> target="_blank"><b>hit this</b></a>
--
John Hardin KA7OHZ
Internal Systems Administrator voice: (425) 672-1304
Apropos Retail Management Systems, Inc. fax: (425) 672-0192
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
58 days until Apropos Forum 2004
More information about the Discuss
mailing list