Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Apple Safari: idn urlbar spoofing
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 25 Jun 2007 23:22:34 +0200 (CEST)

On Mon, 25 Jun 2007, Larry Seltzer wrote:

It looks different on my system: http://www.larryseltzer.com/safe2.png
Safari 3.0.2 on XPSP2

Looks simply like a difference in system fonts used on your machines. The
attack relies on padding the hostname with Unicode characters that, for
the typeface used, are rendered as white spaces.

Whether Safari devs are to blame here exclusively, I'm not sure - IDN
concept is by itself pretty evil, and this can be viewed simply a clever
take on homograph attacks.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]