What is homograph & idn homograph attack | Spoofed URL Attack


A homograph attack is based on standards of modern Internet that allow to create (and display in web browsers) URLs with characters from various language sets (with non-ASCII letters). Different languages may contain different but very similar characters.

Attackers can register their own domain names that are similar to the existing web addresses. Then they can create their own websites that are, again, the same or very similar to the existing original sites (that usually belong to banks, corporations, email or news services). The phony websites are used for stealing data from users who happened to visit them.


Phishing with IDN Homograph Attack


English is written in Latin script but I am going to buy this domain "T??hTrick.in"(The e and c are not in Latin, I have replaced them with Cyrillic characters). So our TechTrick.in is different than the original TechTrick.in.


  • Latin: A B C D E F G H I J K L M N O P Q R S T U
  • Cyrillic: ? ? ? ? ? ? ? ? ? ? ? ?

Let Start Punycode stuff/Phishing with IDN Homograph Attack

Firstly, you have to generate a Phonycode Stuff


Click here to generate a fake phishing name.

What is homograph & idn homograph attack | Spoofed URL Attack


What is homograph & idn homograph attack | Spoofed URL Attack


What is homograph & idn homograph attack | Spoofed URL Attack


What is homograph & idn homograph attack | Spoofed URL Attack


What is homograph & idn homograph attack | Spoofed URL Attack

Different languages with characters encoded in a different way, may contain some letters that look the same or at least very similar. Therefore it is possible to create URLs that consist of different characters but are indistinguishable to the human eye.


you are looking above example of Phonycode stuff/Phishing with IDN Homograph Attack with the both name are same.But actually are not same one is in Latin and a another one is Cyrillic.

You can copy and paste both the words in a browser.

Note :-This Homograph attack now is not working on chrome and firefox because they will updated own version and working to protect from it. if your browser is not a updated version ,it might be not redirect to original name and you not easity identify the fake one.


If you Still have some Confusion with our Post

So Please Leave a Comment below.We Reply you as Soon as Possible



Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Stay Connected

Popular Posts

Get Latest Stuff Through Email


Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..