Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Apple Safari: idn urlbar spoofing
From: Robert Swiecki <jagger () swiecki net>
Date: Mon, 25 Jun 2007 22:33:19 +0200

With a specially crafted web page, an attacker can redirect
a www browser to the page, which URL (on the address bar) resembles an
arbitrary domain choosen by the attacker.

It is possible due to the fact, that apple safari supports
IDNs - http://en.wikipedia.org/wiki/Internationalized_domain_name -
and some of the UTF8 font glyphs embedded in the safari, could be used
to create an URL which contains whitespaces.


The picture taken on my system:

Tested with Apple Safari 3.0.2 (522.13.1) on MS Windows 2003 SE SP2

Robert Swiecki

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]