Strange values in Accept-Language header?
Alan Kennedy
alanmk at hotmail.com
Tue Sep 24 12:40:04 EDT 2002
Alan Kennedy:
>> Accept-Language: en-us,x-ns1rDGeT4e2FpA,x-ns2f67971hgDw1
>> Accept-Language: x-ns13V8cN8S1Xz9,x-ns2T329gfxKa7d
>>
>> I have no idea what these could mean (I've changed the actual
values
>> BTW, on the remote off-chance that somebody's highly personal
>> information was coded in there)
Jeff Davis:
> I really don't know what those extra characters mean. Do you think it might
> have to do with some related preference like fonts or the screen or
> something?
I should have mentioned: although I changed the value, I didn't change
the first four characters, so the "x-ns1" and "x-ns2" at the beginning
of each string are original. To me, that indicates some form of
identifier structure, like a URN, for example......
However, if it is a crack attempt, perhaps the "x-ns1" and "x-ns2" are
keys in some dictionary/hashmap that are vulnerable in some server?
Jeff Davis:
> Perhaps if you posted the secret info someone else might notice something.
Yes, I think I'm being too squeamish by not posting the values. Here's
two of the headers, unmodified
Accept-Language: x-ns16W5tM7A2Nh6,x-ns2U210btwUq5f
Accept-Language: en-us,x-ns1jZKcD2t3NhQ,x-ns2r3509OnmPe2
If it was some form of request modifier for custom
clients/proxies/servers, then why not simply use a custom HTTP header,
like
X-Custom-Header: x-ns16W5tM7A2Nh6,x-ns2U210btwUq5f
Odd.
Alan.
More information about the Python-list
mailing list