MSN.com Redirect Scan

by StankDawg@hotmail.com (stankdawg.com)

If you visit msn.com (which you may do, as it is the default home page in a lot of circumstances) you may notice that the page may be customized based on your settings.  For example, a Dell system sometimes defaults to the homepage: dellnet.msn.com which uses a custom module in the MSN system to deliver Dell information.   found this both annoying, but at the same time, interesting.

After a little reverse engineering, I discovered that you can either go to these sites directly, or you can be redirected to these sites from: go.msn.com by using the proper URL parameters.  It turns out that it redirects to a specific page customized to a specific company or group based on the parameters passed via the URL.

For example, not only can you type in the direct Dellnet address listed above, but you can also use the redirected go.msn.com address listed below to get to the same place.  I decided to hammer through some patterns and see what other sites offer custom services.

The results are listed below:

URL                          Company/Site
http://go.msn.com/0/0/1.asp  Microsoft - IE5.5 SP1 download (redirects to an apology page) 
http://go.msn.com/0/0/2.asp  Dell 
http://go.msn.com/0/1/0.asp  Dell - "ebar" (error page, apparently this no longer exists)
http://go.msn.com/0/1/1.asp  Microsoft - Hotmail 
http://go.msn.com/0/1/2.asp  Dell 
http://go.msn.com/0/3/1.asp  Dell 
http://go.msn.com/0/3/2.asp  MSN - MSN Member 
http://go.msn.com/0/3/3.asp  MSN - Canadian version
http://go.msn.com/0/3/4.asp  MSN - My MSN (customized page)
http://go.msn.com/0/3/5.asp  Best Buy 
http://go.msn.com/0/3/6.asp  Charter Communications - Broadband ISP Home page
http://go.msn.com/0/3/7.asp  Dell
http://go.msn.com/0/3/8.asp  Disney 
http://go.msn.com/0/3/9.asp  Best Buy
http://go.msn.com/0/3/10.asp Charter Communications - Broadband ISP Home page 
http://go.msn.com/0/3/11.asp Dell 
http://go.msn.com/0/3/12.asp Disney
http://go.msn.com/0/3/13.asp MSN - MSN Member 
http://go.msn.com/0/3/14.asp Qwest 
http://go.msn.com/0/3/15.asp Staples
http://go.msn.com/0/3/16.asp Verizon 
http://go.msn.com/0/3/17.asp Qwest
http://go.msn.com/0/3/18.asp Staples 
http://go.msn.com/0/3/19.asp United Airlines 
http://go.msn.com/0/3/20.asp Verizon 
http://go.msn.com/0/5/1.asp  Verizon - Direct link to MSN Groups 
http://go.msn.com/0/6/1.asp  Verizon - Direct link to MSN Shopping 
http://go.msn.com/0/7/1.asp  Verizon - Direct link to MSN Money Central
http://go.msn.com/0/8/1.asp  Verizon - Direct link to My MSN (customized page)

This was done manually during a training session, where I sat in the back of the class unchallenged and bored to tears.  I only went through some limited ranges in my testing.  It could easily be scripted to check for a larger series of numbers.  A couple of them seemed interesting, such as the "ebar" page.

Maybe there are some other software download pages that could be interesting.  Maybe there are ways to login or access customized systems that weren't intended for public consumption.  Just think of how many other sites may be out there on the web that may work the same way.  See what others you can find!