Chrome Extensions Archive

github.com/mdamien/chrome-extensions-archive

#djghjigfghekidjibckjmhbhhjeomlda

Punycode Alert

9,911

Punycode Alert is a GPLv3 Google Chrome, Chromium, Opera extension that warns users when the URL they are accessing has some Punycode content to prevent them from being cheated and redirected to a different URL. Its source code can be found in https://github.com/i3visio/punycode-alert.
Punycode is a way of representing Unicode characters using only the limited character subset of ASCII supported by the Domain Name System. Think about the following examples: "españa.tld", that has a non-ASCII character ('ñ') is translated into "xn--espaa-rta.tld" for browsers whose default language is not Spanish, but this is not happening for users using them.
Thus, users may find useful to get advised when these URL addresses provided to them contain some characters may look the same but may be encoding letters from different alphabets.
Think about another one such as "hack.tld" and "haсk.tld". Do they look the same, right? However, the first one is linking to the URL you now, while the second one contains the non-ASCII character 'с' which is taken from the Cyrilic alphabet. The real domain would be internally coded as "xn--hak-5ed.tld". Try it!
Do you see the applications that this have on phishing use cases? You can use Punycode Alert as another barrier to protect yourself and, of course, improve it and share it as this is GPL software.

Are you the owner of the extension ?Contact as owner
{
  "aggregateRating.properties.ratingCount": "19",
  "aggregateRating.properties.ratingValue": "4.631578947368421",
  "autogen": "false",
  "available_on_android": "false",
  "by_google": "false",
  "canonical": "true",
  "category": "7_productivity",
  "container": "CHROME",
  "download_link": "https://clients2.google.com/service/update2/crx?response=redirect&os=cros&arch=x86-64&nacl_arch=x86-64&prod=chromiumcrx&prodchannel=unknown&prodversion=9999&x=id%3Ddjghjigfghekidjibckjmhbhhjeomlda%26uc",
  "ext_id": "djghjigfghekidjibckjmhbhhjeomlda",
  "family_unsafe": "false",
  "files": [
    {
      "created": "Mon Apr 17 10:43:26 2017",
      "name": "0.3.1.zip",
      "size": 587346,
      "storage_url": "https://crx.dam.io/files/djghjigfghekidjibckjmhbhhjeomlda/0.3.1.zip"
    },
    {
      "created": "Sat May 14 01:11:27 2016",
      "name": "0.2.0.zip",
      "size": 586645,
      "storage_url": "https://crx.dam.io/files/djghjigfghekidjibckjmhbhhjeomlda/0.2.0.zip"
    }
  ],
  "full_description": "Punycode Alert is a GPLv3 Google Chrome, Chromium, Opera extension that warns users when the URL they are accessing has some Punycode content to prevent them from being cheated and redirected to a different URL. Its source code can be found in https://github.com/i3visio/punycode-alert.\n\nPunycode is a way of representing Unicode characters using only the limited character subset of ASCII supported by the Domain Name System.  Think about the following examples: \"espa\u00f1a.tld\", that has a non-ASCII character ('\u00f1') is translated into \"xn--espaa-rta.tld\" for browsers whose default language is not Spanish, but this is not happening for users using them. \n\nThus, users may find useful to get advised when these URL addresses provided to them contain some characters may look the same but may be encoding letters from different alphabets. \n\nThink about another one such as \"hack.tld\" and \"ha\u0441k.tld\". Do they look the same, right? However, the first one is linking to the URL you now, while the second one contains the non-ASCII character '\u0441' which is taken from the Cyrilic alphabet. The real domain would be internally coded as \"xn--hak-5ed.tld\". Try it! \n\nDo you see the applications that this have on phishing use cases? You can use Punycode Alert as another barrier to protect yourself and, of course, improve it and share it as this is GPL software.",
  "image": "https://lh3.googleusercontent.com/NSGa9EzobYqZ2o5MWkEbU60Mu0PVJwX3csgGp1sNeNRNqRrHF9WfHuGHRNX8d6qw3It1VntY=w128-h128-e365",
  "item_category": "EXTENSION",
  "kiosk": "false",
  "name": "Punycode Alert",
  "not_in_sitemap": false,
  "offers.properties.price": "0",
  "page_lang_safe": "en",
  "payment_type": "free",
  "stars2": "true",
  "stars3": "true",
  "stars4": "true",
  "stars5": "false",
  "supported_regions": "TH,TR,TW,UA,US,VE,VN,ZA,001",
  "url": "https://chrome.google.com/webstore/detail/punycode-alert/djghjigfghekidjibckjmhbhhjeomlda",
  "user_count": "9911",
  "version": "0.3.1",
  "works_offline": "false"
}