exploit which takes advantage of IDN to spoof sites for both "PayPal
http":http://www.pаypal.com and "PayPal https":https://www.pаypal.com
The links above should take you to "PayPal". Original "Shmoo
Example":http://www.shmoo.com/idn/ and
"explanation":http://www.shmoo.com/idn/homograph.txt Using firefox and
setting "network.enableIDN" to false in about:config, will prevent
firefox from following the link, but the error is non-descriptive
resulting in a "[Translated Name] site could not be found, please check
the name and try again"
Update: I should mention that it does not work in IE by default, as
apparently IDN translation code is only available as a plugin.
No comments:
Post a Comment