103 matches found
EvilURL - An Unicode Domain Phishing Generator for IDN Homograph Attack
An unicode domain phishing generator for IDN Homograph Attack. VIDEO DEMO CLONE git clone https://github.com/UndeadSec/EvilURL.git RUNNING cd EvilURL python evilurl.py PREREQUISITES python 2.7 TESTED ON Kali Linux - ROLLING EDITION Download EvilURL...
Google Busy Removing More Malicious Chrome Extensions from Web Store
Google scrambled this week to remove a malicious Chrome extension from its store and users’ machines after a popular Twitter account disclosed the issue publicly. The incident ramped up again one day later when the developers were able to get two other shady plugins past Google’s defenses before...
A week in security (October 02 – October 08)
Last week, we gave you some tips for National Cybersecurity Awareness Month, walked through an exploration of a small adware file, and explored the complicated world of the Homograph attack. Here's what else happened in security. VB2017 Many of our team members attended VB2017 in Madrid, one of t...
HackerOne: Homograph fix Bypass
Hello Hackerone! I have possibly found a way to bypass your current Homograph Attack Fix. Lets look at two HACKERONE Redirect URL: CASE 1: https://hackerone.com/redirect?signature=829727b4188c43dcf394fd841fd19a8b7f391bd1&url=https%3A%2F%2Fwww.yelp.com%2F Got the above link generated by posting...
Brave Software: Homograph Attack Bypass [ Tested on Linux & Windows ]
Summary: at 175286 you has been patched, and i try it work, but i've another way to bypass it. when we add a site to our Homepage with @, it's not validate a url properly, make sure it's display the punycode. Products affected: Brave 0.18.36 Linux & Windows Steps To Reproduce: 1. In browser add...
GSA Bounty: Homo graphs attack
Hi there, Greeting for the day, hope you are doing good, In Federa localhost i found homograph attack, Here i made homograph for the ebay.com, when see this link its look like normal simple text link but no its not, however, when you click on this particular link you might be think that you are...
IDN Homograph Attack Spreading Betabot Backdoor
An IDN homograph attack leveraging Adobe’s brand has been discovered, with the malicious site spreading the Betabot backdoor and ultimately infecting compromised machines with cryptocurrency-mining and data-stealing malware. Attacks using internationalized domain name homographs rely on users...
Whole-script confusable domain label spoofing
Posted by Xudong Zheng Before I explain the details of the vulnerability, you should take a look at the proof-of-concept. Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. Fo...
This Phishing Attack is Almost Impossible to Detect On Chrome, Firefox and Opera
A Chinese infosec researcher has reported about an "almost impossible to detect" phishing attack that can be used to trick even the most careful users on the Internet. He warned, hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names...
Brave Software: homograph-attack (unicode vuln)
Hi team Summary: Affacted product appears identicaly different websites domains attacker uses unicode to register domains that look identical to real domains ,These fake domains can be used to fool users into signing into a fake website, thereby handing over their login credentials to an...
Brave Software: Homograph attack
Summary: when we add a site to our Homepage, it's not validate a url properly, make sure it's display the punycode. Products affected: Brave 0.12.4 Tested on mac os Steps To Reproduce: In browser add homepage with IDN http://ebаy.com/ now close and open browser again you can see it's redirect to...
Yelp: IDNs displayed in unicode in messages/about/talk sections (Homograph Attack)
Hello Yelp, Please refer https://en.wikipedia.org/wiki/Internationalizeddomainname to know more about IDNs. The IDN Internationalized Domain Name : http://ebаy.com/ is a homograph for the latin ebay.com. if you click that first link, you might think that you are going to ebay.com but in fact, you...
HackerOne: Homograph attack in escalate report
Hi There, i think i found issue lead to forced the victim user to open malicious site: http://ebаy.com/ please open this: http://ebаy.com/ after that you will see external link warning page and you will see the real site: http://xn--eby-7cd.com/ and that's the way you protected users from this...
HackerOne: Fake URL + Additional vectors for homograph attack
Hello! I would like to report about a new issue based on "@" character in URL. It shows user real URL but when he clicks "Proceed", he is redirected to another website. For example, it seems as normal HackerOne URL:...
HackerOne: Homograph attack
Hi, I would like to report an incomplete fix of 58612 is. In short, backslash is not taken in consideration. PoC \http://ebay.com http://ebay.com...
HackerOne: Homograph Attack
Hello HackerOne, Fix of Report 29491 and 58612 is incomplete. I found another way to to replicate homograph attack using Hex Code: www.%00ebаy.com www.%01ebаy.com www.%02ebаy.com www.%03ebаy.com www.%04ebаy.com www.%05ebаy.com www.%06ebаy.com www.%07ebаy.com www.%08ebаy.com www.%0Bebаy.com...
HackerOne: Homograph attack
Hello! I would like to report that fix of report 29491 is incomplete. There is another way to reproduce homograph attack: or IDNs are displayed in unicode and there is no encoding into Punycode on external link warning page Thanks! - Matvejs...
X (Formerly Twitter): Homograph attack.
In the report 31193 cmiller said "Twitter does warn if the user tries to visit a malicious URL while passing through our t.co URL shortening service. Thanks!" URL redirection warning not given for punny code URL. ATTACK: I mainly envision using this as an attack against admins of programs that us...
HackerOne: homograph attack. IDNs displayed in unicode in bug reports and on external link warning page
the IDN: http://ebаy.com/ is a homograph for the latin ebay.com. if you click that first link, youm might think that you are going to ebay.com. in fact, you are going to a homograph url http://xn--eby-7cd.com/ more info http://www.chromium.org/developers/design-documents/idn-in-google-chrome more...
CVE-2009-0652
The Internationalized Domain Names IDN blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by...