mailing list archives
Re: Apple Safari: idn urlbar spoofing
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 25 Jun 2007 23:22:34 +0200 (CEST)
On Mon, 25 Jun 2007, Larry Seltzer wrote:
It looks different on my system: http://www.larryseltzer.com/safe2.png
Safari 3.0.2 on XPSP2
Looks simply like a difference in system fonts used on your machines. The
attack relies on padding the hostname with Unicode characters that, for
the typeface used, are rendered as white spaces.
Whether Safari devs are to blame here exclusively, I'm not sure - IDN
concept is by itself pretty evil, and this can be viewed simply a clever
take on homograph attacks.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/