By | February 4, 2020
freelearningtech

You have been previously told about Facebook hacking about HomoGraph Attack. It is also called phishing url. In Homograph / Homoglyph attack, hacker can make his own fake url just like any website’s url.

A Hacker uses some techniques to do this. It is also used a lot in Facebook hacking. As we know phishing url is detected. In this case, Homograph attack is used.

If the url itself is phishing, it becomes difficult to detect the real and fake website. Hacker uses Homograph attack in many ways. The hacker url is formed in another language to attack a homograph.

Just like real url is apple.com, in such a language hacker becomes apple.com in another language. Also, using ssl can also make the url as real. As such, updated versions of Chrome browser detect such urls. But firefox doesn’t detect it.

Also Read

Session Hijacking

What is Dark Web, Surface Web and Deep Web?

How to do Homograph attack ?

The hacker uses some websites to conduct a homograph attack. Where the hacker comes to know in which language the url can be created on the same URL as real. Something like this

Website Link

From here Phishing url is made to attack this website through Homograph. All this can also be done using kali linux, this is also being told to you in this article.

You can see as soon as the name of a website is filled here. This website makes you suggest words. After this, url like url of targeted website is found in these words.

freelearningtech

You have been told this as an example of Homograph attack. Because it takes a little time to create a phishing url from here and find the proper word. You will get a link to the website, you can try it yourself. After doing all this something is done in this way.

freelearningtech

You can see here that in setup DNS it becomes a phishing url. If you register a domain with this name, in that way that url will show you like our website. Now anything can happen in the website. Some kind of phishing site or some kind of virus.

We would like to show you some real examples which have been made for Homograph attack. You will also get their links as well. But be aware that these links are detected in the updated Browser.

In this way, you can also create a url for homograph attack by using the evilurl tool, first of all you have to run this tool, this tool runs in front of you in this way. https://github.com/UndeadSec/EvilURL .

After running the tool, you can remove unicodes using this tool, in such a way you can generate homograph links in different unicodes of the same domain, here you can see in the image

Homograph Attack Examples

Homograph attack

You can see apple.com both url are same but the content of website is different. The phishing url is not detected when we open it in firefox. This is detected when you open Chrome.

Homograph attack

You can see in this way the links made for Homograph attack are updated in the updated Browser. To give you another example. To be safe from all this, the browser should always be updated.

Homograph attack

You can see the url is the same but the content is different in both. This is also a live website. In this way, the homograph attack is used by hackers. You can hack any type of social media accounts using this attack.

Real Website

Fake Website

To avoid this attack, Browsers should always be kept updated and when opening any website, then open by typing itself.

The Conclusion

I hope you know how this attack is done and how it works. This attack is used in many places. A hacker can copy any url with the help of Homoglyph.

It is also used in Facebook hacking, Whatsapp Hack, website hacking. To attack this, hackers should have good knowledge of phishing pages website banane.

If you have any kind of question, you can ask in the comment. If you like this article of ours, then do share it, so to subscribe to this blog to read our posts first.

Sharing is Caring

Thankyou

Share This:

2 Replies to “How to do Homograph attack for hack facebook ?”

Leave a Reply

Your email address will not be published. Required fields are marked *