Skip to Main Content
Phishing Exposed
book

Phishing Exposed

by Lance James, Dave Jevans
November 2005
Intermediate to advanced content levelIntermediate to advanced
450 pages
11h 24m
English
Syngress
Content preview from Phishing Exposed
When we do our GET request, we get a response that says:
HTTP/1.x 302 Moved Temporarily
Content-Length: 0
Location: http://www.ebay.com/
That’s easy, but what happens if instead of the Location URL we add a set of
control characters, such as CRLF, represented as 0d (CR) 0a (LF) in hexadecimal.
We use CRLF because according to the RFC, it’s required after every new
header and plays a significant role in regard to interpretation by the HTTP
server. When we feed this into the query parameter, our outcome is:
[Our URL]
http://ebay.doubleclick.net/clk;16822042;11392512;s%3f%0d%0a
[Client Request Headers]
GET /clk;16822042;11392512;s%3f%0d%0a HTTP/1.1
Host: ebay.doubleclick.net ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

A Machine-Learning Approach to Phishing Detection and Defense

A Machine-Learning Approach to Phishing Detection and Defense

O.A. Akanbi, Iraj Sadegh Amiri, E. Fazeldehkordi
Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

Robin Dreeke, Michele Fincher, Christopher Hadnagy
Ransomware

Ransomware

Allan Liska, Timothy Gallo

Publisher Resources

ISBN: 9781597490306