Hosting Provided By

Re: Apple Safari: idn urlbar spoofing

From: Robert Swiecki <jagger(at)swiecki.net>
Date: Mon Jun 25 2007 - 16:33:19 EDT

With a specially crafted web page, an attacker can redirect a www browser to the page, which URL (on the address bar) resembles an arbitrary domain choosen by the attacker.

It is possible due to the fact, that apple safari supports IDNs - http://en.wikipedia.org/wiki/Internationalized_domain_name - and some of the UTF8 font glyphs embedded in the safari, could be used to create an URL which contains whitespaces.

http://alt.swiecki.net/saft1.html

The picture taken on my system:
http://alt.swiecki.net/idn.png

Tested with Apple Safari 3.0.2 (522.13.1) on MS Windows 2003 SE SP2

-- 
Robert Swiecki
http://www.swiecki.net

Received on Mon Jun 25 16:53:50 2007

This message: [ Message body ]
Next message: Michal Zalewski: "Re: [Full-disclosure] Apple Safari: idn urlbar spoofing"
Previous message: securityresearch(at)netvigilance.com: "Calendarix version 0.7. 20070307 Multiple SQL Injection Vulnerabilities"
Next in thread: Larry Seltzer: "RE: [Full-disclosure] Apple Safari: idn urlbar spoofing"
Reply: Larry Seltzer: "RE: [Full-disclosure] Apple Safari: idn urlbar spoofing"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Mon Jun 25 2007 - 17:00:03 EDT