Hi, my name is Ben and I'm the co-founder and CTO of Mobile Commons in New York City. Did you know that you can specify an IP address in your browser using a base other than base 10? For example, the following are all equivalent representations of 66.102.13.99 (one of Google’s IPs)
- http://0x42.0x66.0x0d.0x63
- http://0x42660d63
- http://1113984355
- http://00000102.00000146.00000015.00000143
From a post on Viruslist:
Now, by itself, this isn’t terribly interesting from a technical perspective; this “feature” of IP specification has been around for quite a while.
What is interesting is that due to the relative obscurity of using such methods to denote an IP or URL, it is quite feasible that existing security products do not correctly identify the URLs as valid or flag them as malicious when they point to existing known bad websites.
In other words, known malicious sites may be able to sneak through web filters because the different representations aren’t recognized.
