URL Obfuscation

by LeVoltz on 25. Jul, 2006 in How-To Share

What is it?
URL Obfuscation uses the unspoken, unwritten secrets of the TCP/IP protocol to trick users into viewing a website that they did not intend to visit.

Methods:
Typically, when obfuscating a URL, you must trick someone into viewing a website they did not want to view by tempting them with something they are familiar with.

Let’s take http://example.com (test site that is reserved) as the comfy, known site. Now, we have http://sample.com for the site that we want them to view.

Example.com will resolve to 192.168.1.1 and Sample.com will resolve to 10.0.0.1 (both reserved IPs). We will move from simple to more complex forms of obfuscating. You can skip the first few methods if you are good at them.

@ Exploit
The first thing we could do is use the ‘@’ exploit. Typically, the @ symbol is for a username and password for a website.

If Sample.com needed a username and password, we could login with http://username:password@sample.com.

Now, if a username and password is not required, then it is skipped all together and the browser moves on to sample.com.

Internet Explorer does this (not working as of late). Firefox will warn you. Not sure what Netscape and Opera do, someone investigate it if they care.

Anyhow, this is highly exploitable, because, say Sample.com is just a collection of… questionable pictures… there is no need for a username:password.

This way, we can trick someone into viewing it like this:

http://example.com@sample.com

This will make the user think they are going to go to example.com, when really they are going to sample.com.

Note: This has not been working lately in IE, for me at least.

Confusing Links
This is something short that can further confuse someone.

It helps to make a link like:
<a href=http://example@sample.com>http://example.com</a>

This will show the text of http://example.com but take you to sample.com. As a security note: MAKE SURE EVERY LINK YOU CLICK IS ABSOLUTELY TRUSTED.

Hover over it and look in the bottom left corner of your window to see where it is really taking you.

Hex Encoded URLs

This is really self explanatory. This is for IE. Not sure what Netscape and Opera do.

http://sample.com can be turned into:

http://%73%61%6D%70%6C%65.com

Combined with confusing links and @ exploits, they may fall for it.

Fun With IPs

This is basically altering IP addresses. What is the easiest way to find an IP address of a website?

Either use traceroute or nslookup.

Syntax
tracert http://sample.com

nslookup http://sample.com

This CANNOT be done with subdomains, so stop before you try. :P

Now, it would return 10.0.0.1 for us.

How can we really mess that up? We will use DWORD format. DWORD is a way of making a dotless IP address.

(This is all easier in your calculator in Windows. Accessories->Calculator->Scientific mode)

firstoctet * 256 + secondoctet = * 256 + thirdoctet = * 256 + fourthoctet = your new address!

Example:

http://64.233.187.99/ = http://www.google.com
64 * 256 + 233 = * 256 + 187 = * 256 + 99 = http://1089059683/

Isn’t that useful? We can mess this up even more. We’ll turn it into hex!

http://0x40e9bb63/ = http://1089059683/

To turn your dword IP address into Hex, simply enter it into the calculator of Windows and then hit the radio button saying “Dec” or “Decimal” and changed it to “Hex”.

Enter 0xYOURHEXHERE into your browser, and voila, it will work!

Credits:

http://www.pc-help.org/obscure.htm

http://www.contentverification.com/obfuscation-attacks/index.html

Internets, 4chan, pool’s closed, etc

Also, if you discover anything else, post it and I’ll slap it up here with credit to you, so anyone and everyone can get this information easily.

Related posts:

  1. How To: Load Gmail Faster Hi guys, of late, gmail has been loading very slowly for me. This means that, when ever I...
  2. Recovering a Windows Password Without the Current Password It is possible to change the password of a Windows XP computer even if you do not have...
  3. Login to Windows Xp without a password Honeytech has posted a tutorial which describes how you can log in to Windows Xp without the help...
  4. Web Interaction Using Python Long back we had written an article introducing you to Python. That was fairly basic and just gave...
  5. Mitm, arp poison routing, network sniffing using cain and able Firstly let me get a few things straight: 1. This is not about “what is arp and mitm?”...
  6. Unlimited Free International Calls & SMS With Google Voice Outside US The service mainly benefits the people in US with the help of Google Voice service provider. They can...
  7. [How to]Enabling PUSH Notification for Your iPhone For iPhone users that are in contract with their phone company (like AT&T), enabling the new Push notifications...

Tags:

8 Responses to “URL Obfuscation”

  1. bluesaze 01. Aug, 2006 at 10:06 am #

    Nice stuff……. Though I stopped using IE a long long time ago.. if some webpages dont work properly there is the IETAB Extension

    Reply
  2. infamousjeff 01. Dec, 2008 at 5:06 pm #

    Works the same on Opera as Firefox. In Chrome there is no warning but you can see the real address on the bottom address bar with the latest developer release.

    Reply
  3. Mah Milton 19. Apr, 2009 at 9:48 am #

    Very good post and i have learned a new thing.

    Reply
  4. yim2oh 13. May, 2009 at 11:54 pm #

    yugygu6756 tyu hffdrtd y guyg ug

    Reply
  5. 7x1tlq 11. Jun, 2009 at 5:41 pm #

    dsfsdfs67877 test test

    Reply

Trackbacks/Pingbacks

  1. URL Redirection Attack With Examples « Paralliverse - 23. Jun, 2008

    [...] I forgot to explain how the Google link went into it. That is URL obfuscation. More at here. [...]
  2. Google Chrome Exploit | hacker.com.br - 25. Nov, 2008

    [...] The Indepth Concept of this Vulnerablility. [...]
  3. Google chrome sufre multiples vulnerabilidades II | Hackers Libres - 26. Nov, 2008

    [...] URL Obfuscation [...]

Leave a Reply

Get Adobe Flash playerPlugin by wpburn.com wordpress themes