spoofing....

Saw this on the phpbb forums and thought it was interesting:
http://www.phpbb.com/phpBB/viewtopic.php?t=158824

Shows you one more patch Mr Gates is going to need :p

link doesn't work for me...

Here is the thread:
[quote]Demonstration:

For Both Mozilla & Internet Explorer:
This link actually goes to area51.phpbb.com


Effects:
The link is in the form http://www.microsoft.com...some_special_characters...@area51.phpbb.com and clearly leads to area51.phpbb.com. Both Browsers will only display www.microsoft.com in the status bar when hovering the link. When opening the link Mozilla will show the true (i.e. full url) in the adress bar, however IE is even worse in that it will www.microsoft.com even in the adress bar of the opened page.

Currently there is no easy workaround in IE (except for inspecting each link). With mozilla you can use your user-defined stylesheet to change the cursor to a question mark when hovering over such abusive links. Add the following lines to your usercontent.css in the %appdata%/somepath/chrome/ directoy:

Code:
:link[href*="%00"], :visited[href*="%00"], :link[href*="%01"], :visited[href*="%01"] {
cursor: help;
}

See here for finding and editing the file:
http://texturizer.net/firebird/edit.html[/quote]

But it doesnt show the link working so here is a sample:

Microsoft.com


So if you look in the url display error when you mouse over it shows a legit url, but when you click on it, it goes somewhere else.

Kind of handy for those people who are trying to get your cc #'s and pw's on sites like ebay and hotmail, etc..... You could just encode your entire url after the microsoft.com.

And from furthur reading - apparently in IE6 the link shows fine in the url on top and bottom.... lol.... Microsoft *holds head down in disgust* most (un)Secure oS on the market.

[bs]Why did it come back here ?? :confused:[/bs]