Sam Stelfox

Thoughts from a software engineer, systems hacker and Linux gubernāre.

Homoglyph Attacks

A homoglyph attack is making use of common UTF-8 high order characters that look virtually identical to different ASCII characters. For example decimal character 1029 looks like an uppercase S. Demonstrated in the following snippet:


The first character is actually the unicode version. It is very easy to verify this in a ruby interpreter shell by issueing the following commands:

[1] pry(main)> 1029.chr('UTF-8')
=> "Ѕ"
[2] pry(main)> _.ord
=> 1029