Re: [SM-USERS] Unsafe image protection defeated by spammer!

[stephen tan]

> A spam message arrived today, and I opened it in SquirrelMail (so I could
> report it to SpamCop). Imagine my surprise when I saw unsafe images
> (images linked to remote sites) automatically display, even though I had
> not clicked the "View Unsafe Images" link.
>
> Curious, I examined the full html source of the message and discovered
> that this spammer has found a method to defeat SquirrelMail's unsafe image
> protection: all external URLs are encoded using hex entities.
>
> Instead of the true URL of <img
> src="http://www.1stspots.com/images/business.jpg";>, this spammer inserted
> <img
> src="http://www.1stspots.com/images/business.jpg";>
>

heh, pretty sneaky...the line immediately above is supposed to be "hexed
up" but it was automatically "converted" to normal plaintext here.

"what" is doing this "conversion"? php? apache? the browser?

i've seen this 'old' technique and simple to encode/hide plaintext inside
a textfile with chr(65) - which is "A" - where the programmer 'hides' a
message string (amongst other normal coding) he wanted displayed - such as
copyright - but don't want any casual examination to 'reveal' (or remove)
it.

> Apparently SquirrelMail's unsafe image protection doesn't recognize the
> encoded URL as an external URL, so the external images displayed
> immediately.
>




----------------------------------------------
This email was sent from Hock Seng Lee Berhad.
http://www.hsl.com.my


-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users