-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.html
71 lines (64 loc) · 2.79 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>IDN Homograph Attack Example</title>
<link type="text/css" href="styles.css" media="screen" rel="Stylesheet" />
</head>
<body>
<span id="forkongithub">
<a href="https://github.com/SoftwareAddictionShow/IDN-homograph-attack">Fork me on GitHub</a>
</span>
<h1>IDN Homograph Attack Example</h1>
<p>
An IDN Homograph Attack is using unicode to make a domain name that
looks similar to another domain name. These threats can be mitigated
by using <a href="https://en.wikipedia.org/wiki/IDN_homograph_attack#Defending_against_the_attack">Punycode</a>
and by being more careful of clicking on URLS.
</p>
<h2>Examples:</h2>
<p>
<a href="http://ĝoogle.com">http://ĝoogle.com</a> -- ĝ not g
</p>
<p>
<a href="http://ḃing.com">http://ḃing.com</a> -- ḃ not b
</p>
<p>
<a href="http://asĸ.com">http://asĸ.com</a> -- ĸ not k
</p>
<h2>Unprotected Software:</h2>
<p>
Please keep this list updated! These programs do not escape these unsafe URLs:<br />
<ol>
<li>
<a href="https://www.mozilla.org/en-US/firefox/products/">Mozilla Firefox</a>(43.0.4) partial protection as of January 25th 2016.
Bug reports:
<a href="https://wiki.mozilla.org/IDN_Display_Algorithm">0</a>,
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=722299">1</a>,
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=idn">2</a>,
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=punycode">3</a>,
</li>
<li><a href="https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx">Microsoft Visual Studio Community Edition</a>(14.0.24720.00) no support as of January 25th 2016</li>
<li>
<a href="http://www.icsharpcode.net/opensource/sd/">SharpDevelop</a>(5.1.0, build 5134) no support as of February 25th 2016.
Bug reports:
<a href="https://github.com/icsharpcode/SharpDevelop/issues/749">749</a>
</li>
<li>
<a href="https://www.libreoffice.org/">Libre Office</a>(5.0.4.2) no support as of January 26th 2016,
bug reports:
<a href="https://bugs.documentfoundation.org/show_bug.cgi?id=97438">97438</a>
</li>
<li><a href="https://en.wikipedia.org/wiki/GNOME_Terminal">Gnome Terminal</a>(3.14.1) no support as of January 26th 2016</li>
</ol>
</p>
<h2>References:</h2>
<ol>
<li><a href="https://en.wikipedia.org/wiki/IDN_homograph_attack">https://en.wikipedia.org/wiki/IDN_homograph_attack</a></li>
<li><a href="https://en.wikipedia.org/wiki/Punycode">https://en.wikipedia.org/wiki/Punycode<a/></li>
<li><a href="https://en.wikipedia.org/wiki/List_of_Unicode_characters">https://en.wikipedia.org/wiki/List_of_Unicode_characters</a></li>
</ol>
</body>
<script>
</script>
</html>