[Full-disclosure] Apple Safari: idn urlbar spoofing
lcamtuf at dione.ids.pl
Mon Jun 25 22:22:34 BST 2007
On Mon, 25 Jun 2007, Larry Seltzer wrote:
> It looks different on my system: http://www.larryseltzer.com/safe2.png
> Safari 3.0.2 on XPSP2
Looks simply like a difference in system fonts used on your machines. The
attack relies on padding the hostname with Unicode characters that, for
the typeface used, are rendered as white spaces.
Whether Safari devs are to blame here exclusively, I'm not sure - IDN
concept is by itself pretty evil, and this can be viewed simply a clever
take on homograph attacks.
Full-Disclosure is hosted and sponsored by Secunia.