Ready to Start Your Career?

Advance phishing with IDN Homograph Attack

Shaquib Izhar's profile image

By: Shaquib Izhar

January 27, 2018

 
What is IDN Homograph Attack? 
An IDN Homograph Attack is a technique of spoofing a domain name with similar looking character using UNICODE character. For example http://ĝoogle.com -- ĝ not g , http://ḃing.com -- ḃ not b, http://asĸ.com 
 -- ĸ not k 
 
Steps for the Attack 
  • Clone in to the following github URL : https://github.com/UndeadSec/EvilURL.git 

  • Move to your EvilURL directory and type "python evilurl.py"

 
  •  In Insert name options insert your target site name for example i am going to use Google ,and in domain level insert what level of domain you want to spoof as i am choosing .com

  •  Now we got our Homograph URL

 Above you can see domain name has been spoof with different characters.In MORE EXTENSIVE URL we can see more character has replaced with Unicode characters, let see what happens if i type this URL in my browser. 
So first I will choose a Unicode URL and will paste it to my browser and see what happens
 

 
  And now as you can see when i paste to browser it converted to punycode which is a encoding method for converting Unicode character to ASCII.

 
 

 
You can now use any of these spoofed url for a phishing attack by registering them .
You can mitigate them by using punycode and be extra careful by clicking a URL 
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry