[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.
- To: Brandon Kovacs <liljoker771@xxxxxxxxx>
- Subject: Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.
- From: Simon Ãstengaard <simon@xxxxxxxxxxxxx>
- Date: Wed, 09 Feb 2005 21:56:08 +0100
We have tried to play with this trick to see if it is usable for spam or
phishing via email. Unfortunately most browsers display the punycoded
address in the address bar like you will see if you click the link here:
http://www.Ñimon.com/index2.html
But with a frontpage containing a meta refresh tag with the UTF-8
encoded domain name like this:
<META HTTP-EQUIV=Refresh content="0;
URL=http://www.ѕimon.com/index2.html">
the address bar will also show the UTF-8 encoded text.
Punycoded address bar:
http://www.Ñimon.com/index2.html
UTF-8 address bar for phishers:
http://www.Ñimon.com/
--
Simon Ãstengaard
GCUX, LPIC-2
simon@xxxxxxxxxxxxx
and
Mikael Grotrian
It is a book about a Spanish guy called Manual. You should read it.
-- Dilbert