0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: Shaquib Izhar
January 27, 2018

Advance phishing with IDN Homograph Attack

By: Shaquib Izhar
January 27, 2018
By: Shaquib Izhar
January 27, 2018

 
What is IDN Homograph Attack? 
An IDN Homograph Attack is a technique of spoofing a domain name with similar looking character using UNICODE character. For example http://ĝoogle.com -- ĝ not g , http://ḃing.com -- ḃ not b, http://asĸ.com 
 -- ĸ not k 
 
Steps for the Attack 
  • Clone in to the following github URL : https://github.com/UndeadSec/EvilURL.git 

  • Move to your EvilURL directory and type "python evilurl.py"

 
  •  In Insert name options insert your target site name for example i am going to use Google ,and in domain level insert what level of domain you want to spoof as i am choosing .com

  •  Now we got our Homograph URL

 Above you can see domain name has been spoof with different characters.In MORE EXTENSIVE URL we can see more character has replaced with Unicode characters, let see what happens if i type this URL in my browser. 
So first I will choose a Unicode URL and will paste it to my browser and see what happens
 

 
  And now as you can see when i paste to browser it converted to punycode which is a encoding method for converting Unicode character to ASCII.

 
 

 
You can now use any of these spoofed url for a phishing attack by registering them .
You can mitigate them by using punycode and be extra careful by clicking a URL 

Do you like to write about your infosec knowledge, skills, opinions, or exploits?

Blog Icon

Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry

Create Free Account