Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Bypassing of web filters by using ASCII
From: Balazs Attila-Mihaly (Cd-MaN) (x_at_y_or_zyahoo.com)
Date: Sat Jun 24 2006 - 13:57:39 CDT
Tested with Mosaic 3.00 (the last publicly available), and it crashes (then again, it crashes on almost all websites)
----- Original Message ----
From: Amit Klein (AKsecurity) <aksecurityhotpop.com>
To: Vincent Archer <varcherdenyall.com>
Cc: bugtraqsecurityfocus.com; k.huwigiku-ag.de
Sent: Friday, 23 June, 2006 6:12:13 PM
Subject: Re: Bypassing of web filters by using ASCII
On 23 Jun 2006 at 10:35, Vincent Archer wrote:
> On Fri, Jun 23, 2006 at 12:08:56AM +0200, Amit Klein (AKsecurity) wrote:
> > So what I don't understand now is why IE's "solution" is any better than Opera/Firefox?
> > Why is modifying the data (msb) any better than modifying the data-description (charset)?
> The same problem did exist in RFC821, which specified the data path as
> being 7-bit, with the MSB set to 0. The venerable ancestor sendmail did
> enforce that, by and-ing each and every byte with 0x7F, which means that
> the IE solution is "slightly better", due to historical precedent.
If we're into precedences, does anyone know what Mosaic 1.0 used to do in such case? after
all, it was probably the first widely used browser (see
http://www.livinginternet.com/w/wi_browse.htm), and it made some sense (in the early 90s)
to conform to its de-facto browser standard.
> Not that it's good anyway.