[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Twitter URL spoofing still exploitable
- To: Benji <me@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Twitter URL spoofing still exploitable
- From: Pablo Ximenes <pablo@xxxxxxxx>
- Date: Tue, 27 Sep 2011 15:49:37 -0300
Aparently twitter is back to normal, t.co isn't showing in place of
every URL anymore.
This was indeed temporary while they were fixing things as mentioned.
Att,
Pablo Ximenes
http://ximen.es/
http://twitter.com/pabloximenes
2011/9/27 Benji <me@xxxxxxxxx>:
> If you hover over the t.co links the alt= tag holds the real url.
>
> On Tue, Sep 27, 2011 at 4:11 PM, dave bl <db.pub.mail@xxxxxxxxx> wrote:
>>
>> On 28 September 2011 01:00, Mario Vilas <mvilas@xxxxxxxxx> wrote:
>> > On Tue, Sep 27, 2011 at 3:26 PM, Dan Kaminsky <dan@xxxxxxxxxxx> wrote:
>> >>>
>> >>> Ok, now nobody can spoof a URL, but how come a user will tell good
>> >>> URLs and bad ones apart? Oh boy!
>> >>>
>> >>
>> >> Wherever did you get the idea that users can do this?
>> >
>> > Jokes apart, I do find it annoying that URLs aren't expanded
>> > automatically
>> > anymore. But I don't expect this situation to be permanent.
>>
>> Agreed.
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/