|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.
From: Will Kamishlian (will
will-k.com)
Date: Wed Feb 09 2005 - 09:31:30 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I tested the following browsers against the proof of concept page
(www.shmoo.com/idn):
- dillo (0.8.3)
- lynx (2.8.5)
- konqueror (3.3)
Testing was done on Linux 2.6.9 (generic)
Dillo and lynx handle the links well (dillo returns a DNS error and lynx
reports an invalid URL). Konqueror opens the non-SSL link and displays
the URL as "http://www.paypal.com/". For the SSL page, Konqueror provides
a warning that the IP address does not match the issuer domain. If the
user accepts the certificate, the page is presented showing the URL as
"https//www.paypal.com".
-Will Kamishlian
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]