{"id":4549,"date":"2012-11-30T22:50:05","date_gmt":"2012-11-30T21:50:05","guid":{"rendered":"http:\/\/daniel.haxx.se\/blog\/?p=4549"},"modified":"2012-11-30T22:50:05","modified_gmt":"2012-11-30T21:50:05","slug":"haking","status":"publish","type":"post","link":"https:\/\/daniel.haxx.se\/blog\/2012\/11\/30\/haking\/","title":{"rendered":"“haking”"},"content":{"rendered":"

(This is an authentic email we received at Haxx<\/a> the other day. Names, emails and URLs are replaced in this excerpt to save the innocent)<\/p>\n

Date: Thu, 29 Nov 2012 14:59:25
\nSubject: haking<\/p>\n

hello, can you tell me how to hack into web site:
\n[FIRST URL]
\nso it is showing:<\/p>\n

[OTHER URL]
\nwhen you click on a link in google results?<\/p>\n

for example if you click on a google result:
\n[URL to a google.rs search for something on the FIRST URL site]<\/p>\n

the point is i would like to protect my web site form that kind of attack so please let me know how to do that<\/p>\n

how did i found you? there is your address at [FIRST URL]\/coockies.txt so i think you did it, but was polite enough to leave address.. please help me.<\/p><\/blockquote>\n

Of course I was curious enough to check the “coockies.txt” file, and the beginning of that file looked like this:<\/p>\n

# Netscape HTTP Cookie File\r\n# http:\/\/curlm.haxx.se\/rfc\/cookie_spec.html\r\n# This file was generated by libcurl<\/a>! Edit at your own risk.\r\n[FIRST URL] FALSE\t\/\tFALSE\t0\tPHPSESSID\tdfn1a5ll0hs8odpfh3p2qtlcj3<\/pre>\n
This tells us a few trivial things, all of which might not be obvious to the untrained eye:<\/p>\n