Violate SOP (Same-Origin Policy) Universally on a Site By Taking Advantage of an "URLinURL" Parsing Web Server with a CGI Module Acting as an Open Proxy

gistfile1.txt

Derek@UFO MSYS ~
$ telnet www.bing.com. 80
Trying 204.79.197.200...
Connected to www.bing.com..
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.bing.com

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 0
Content-Type: text/html
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Set-Cookie: _FS=NU=1; domain=.bing.com; path=/
Set-Cookie: _SS=SID=619CF09A50F5444BB7A5358698A3BCBD; domain=.bing.com; path=/
Set-Cookie: SRCHD=AF=NOFORM; expires=Tue, 15-Aug-2017 05:25:44 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHUID=V=2&GUID=81CE555A59DE4C2B9F136A99D98F59F7; expires=Tue, 15-Aug-2017 05:25:44 GMT; path=/
Set-Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150816; expires=Tue, 15-Aug-2017 05:25:44 GMT; domain=.bing.com; path=/
Edge-control: no-store
X-MSEdge-Ref: Ref A: B75DB4568C6144EABF380E2ABB7801D3 Ref B: 77D505F2735B26D2269433FD510A9BCD Ref C: Sat Aug 15 22:25:44 2015 PST
Set-Cookie: _EDGE_S=F=1&SID=0A36E8E506386DA517C2E0E007D46CCC; path=/; httponly; domain=bing.com
Set-Cookie: _EDGE_V=1; path=/; httponly; expires=Tue, 15-Aug-2017 05:25:44 GMT; domain=bing.com
Set-Cookie: MUID=3EA60EF34F5C6D6B258C06F64EB06CC3; path=/; expires=Tue, 15-Aug-2017 05:25:44 GMT; domain=bing.com
Set-Cookie: MUIDB=3EA60EF34F5C6D6B258C06F64EB06CC3; path=/; httponly; expires=Tue, 15-Aug-2017 05:25:44 GMT
Date: Sun, 16 Aug 2015 05:25:44 GMT


telnet> c
Connection closed.

Derek@UFO MSYS ~
$ telnet www.bing.com.80bola.com. 80
Trying 130.211.94.181...
Connected to www.bing.com.80bola.com..
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.bing.com

HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Sun, 16 Aug 2015 05:26:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.11

Connection closed by foreign host.

Derek@UFO MSYS ~
$ telnet www.bing.com.80bola.com. 80
Trying 130.211.94.181...
Connected to www.bing.com.80bola.com..
Escape character is '^]'.
HEAD / HTTP/1.1
Host: www.bing.com.80bola.com.

HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Sun, 16 Aug 2015 05:26:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.11


HEAD / HTTP/1.1
Host: www.bing.com.80bola.com

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.11
Cache-Control: max-age=0, private
content-length: 0
Date: Sun, 16 Aug 2015 05:26:58 GMT
Edge-control: no-store
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Server: Microsoft-IIS/8.5
Set-Cookie: _FS=NU=1; domain=.bing.com; path=/
Set-Cookie: _SS=SID=BC8950DBBD124F60ACD9BAE4F8549B7A; domain=.bing.com; path=/
Set-Cookie: SRCHD=AF=NOFORM; expires=Tue, 15-Aug-2017 05:26:58 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHUID=V=2&GUID=913F5D4251A549F48DC9401698F6879E; expires=Tue, 15-Aug-2017 05:26:58 GMT; path=/
Set-Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150816; expires=Tue, 15-Aug-2017 05:26:58 GMT; domain=.bing.com; path=/
Set-Cookie: _EDGE_S=F=1&SID=0E8ABA84655C6C01253BB28164646D26; path=/; httponly; domain=bing.com
Set-Cookie: _EDGE_V=1; path=/; httponly; expires=Tue, 15-Aug-2017 05:26:58 GMT; domain=bing.com
Set-Cookie: MUID=284438395AAF62CF02ED303C5B9763FE; path=/; expires=Tue, 15-Aug-2017 05:26:58 GMT; domain=bing.com
Set-Cookie: MUIDB=284438395AAF62CF02ED303C5B9763FE; path=/; httponly; expires=Tue, 15-Aug-2017 05:26:58 GMT
Vary: Accept-Encoding
X-MSEdge-Ref: Ref A: 7F7F78A0DD034E1E997C31CD2A8E69F4 Ref B: B49129E8B14932A421BDC4A8B0ED0AB6 Ref C: Sat Aug 15 22:26:58 2015 PST

Connection closed by foreign host.

Derek@UFO MSYS ~
$