ummm, it doesn't seem that is the case. the entire reason for the %01@ is to hide the name of the site that you're actually on. In my example of [EMAIL PROTECTED] if you click on that link, then look in the address bar, it looks like you're on www.microsoft.com but you're really on www.linux.org .
that is what's stated in the original post. Exibar ----- Original Message ----- From: "VeNoMouS" <[EMAIL PROTECTED]> To: "S G Masood" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, December 10, 2003 3:27 AM Subject: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing vulnerability > pft sif i read the orignal posts > ----- Original Message ----- > From: "S G Masood" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, December 10, 2003 8:06 PM > Subject: Re: [Full-Disclosure] RE: FWD: Internet Explorer URL parsing > vulnerability > > > > > > --- VeNoMouS <[EMAIL PROTECTED]> wrote: > > > > >umm tested this you dont need %01 > > > either btw. > > > > > > [EMAIL PROTECTED] > > > > > > What is your point? Have you read the original post? > > > > > > Apart from this, does anyone have a "lowlevel" > > explanation why the %01 trick works? > > > > > > -- > > iNt27~ > > > > > > > > > > > > __________________________________ > > Do you Yahoo!? > > Free Pop-Up Blocker - Get it now > > http://companion.yahoo.com/ > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
