We have tried to play with this trick to see if it is usable for spam or
phishing via email. Unfortunately most browsers display the punycoded
address in the address bar like you will see if you click the link here:
http://www.Ñ?imon.com/index2.html
But with a frontpage containing a meta refresh tag with the UTF-8
encoded domain name like this:
<META HTTP-EQUIV=Refresh content="0;
URL=http://www.ѕimon.com/index2.html">
the address bar will also show the UTF-8 encoded text.
Punycoded address bar:
http://www.Ñ?imon.com/index2.html
UTF-8 address bar for phishers:
http://www.Ñ?imon.com/
--
Simon Ã?stengaard
GCUX, LPIC-2
simon (at) ostengaard (dot) dk [email concealed]
and
Mikael Grotrian
It is a book about a Spanish guy called Manual. You should read it.
-- Dilbert
phishing via email. Unfortunately most browsers display the punycoded
address in the address bar like you will see if you click the link here:
http://www.Ñ?imon.com/index2.html
But with a frontpage containing a meta refresh tag with the UTF-8
encoded domain name like this:
<META HTTP-EQUIV=Refresh content="0;
URL=http://www.ѕimon.com/index2.html">
the address bar will also show the UTF-8 encoded text.
Punycoded address bar:
http://www.Ñ?imon.com/index2.html
UTF-8 address bar for phishers:
http://www.Ñ?imon.com/
--
Simon Ã?stengaard
GCUX, LPIC-2
simon (at) ostengaard (dot) dk [email concealed]
and
Mikael Grotrian
It is a book about a Spanish guy called Manual. You should read it.
-- Dilbert
[ reply ]