[Full-disclosure] NUL Character Evasion
3APA3A
3APA3A at SECURITY.NNOV.RU
Fri Sep 16 14:16:42 BST 2005
Dear Steffen Kluge,
This is old news reported long time ago by ben moeckel (ben.moeckel at
online.de), see http://www.security.nnov.ru/advisories/content.asp
9. Bypassing filters with special characters
There are some characters client application may ignore silently. For
Example, for HTML browsers:
0, 9, 10, 13, 173 for Opera
13, 10, 9, 0 for Internet Explorer
by inserting characters with this codes into document it's possible to
hide some dangerous tags from content filter.
Reported by ben.moeckel at online.de
--Friday, September 16, 2005, 10:25:06 AM, you wrote to full-disclosure at lists.grok.org.uk:
SK> On Tue, 2005-09-13 at 23:24 +0200, ju at heisec.de wrote:
>> Internet Explorer ignores NUL characters
>> -- i.e. ascii characters with the value 0x00 -- most
>> security software does not.
SK> Interesting. Did you test this with Outlook as well?
SK> Cheers
SK> Steffen.
--
~/ZARAZA
Есть там версии Отелло, где Дездемона душит Мавра. (Лем)
Full-Disclosure is hosted and sponsored by Secunia.