Brief introduction
urlcrazy对指定域名生成typos域名及变形域名同时检测生成的域名是否能够访问。urlcrazy主要被用作用做对知名站点url劫持、钓鱼等攻击的预检查,主要目的是为了找到可用的typos域名来实施后续的钓鱼、URL劫持等非定向攻击。
Example One
[email protected]:/tmp# urlcrazy ziroom.com
When no parameters are added, Urlcrazy uses the QWERTY keyboard to generate the typos domain name and then detects it.
Typos Domain name
When I enter www.baidu.com, due to the wrong keying will be entered as: www.baudi.com. At this time to visit is another site instead of Baidu, this site may be an advertising site, the fishing site for Baidu, and so on, with different spelling errors will be access to different sites. This is due to the key error generated domain name is typos domain name, typos domain name in large and medium-sized companies are more common, such domain name has the following advantages:
- Increase the number of site visits
- Setting up a fishing site for fishing
There are many types of typos domain names generated by urlcrazy, such as: Character repetition, character exchange, etc., which can be viewed through utlcrazy-h.
Keyboard:qwerty
The output information For example one contains the keyboard type: QWERTY. Urlcrazy, when working, generates typos domainaccording to the different keyboard types According to the error buttons that people often appear. Urlcrazy supports four types of keyboards, described below.
- QWERTY: Domestic computer keyboard, domestic smart phone default keyboard
- Qwertz: German keyboard
- Azerty: French keyboard
- Dvorak: An American invented a keyboard that puts characters commonly used in handy, rarely seen in the country
I only used a QWERTY keyboard for the above keyboard. You can use the-k parameter to specify the corresponding keyboard when locating typos domain names for those countries through Urlcrazy.
Example two: Viewing the popularity of typos sites through Google
# -p参数设置对typos域名进行Google流行度查询。为了获取流行度,需要连入外网[email protected]:/tmp # urlcrazy ziroom.com -p
Popularity statistics are different typos domain names in google search in the frequency rankings, high-ranking typos domain name is more likely to be accessed, can provide the success rate of attack. Because I didn't have xxx, I didn't get the information about Google popularity. In theory we can also get Baidu popularity, but because of Baidu in the presence of bid rankings, so the results are not necessarily accurate, this feature will be expanded in the future.
Example three: Do not DNS query typos domain name
# -r参数设置不做dns查询。做dns查询是为了获取域名的IP地址,目前尚不清楚有什么具体的作用,如果想要了解可以直接查看/usr/share/urlcrazy/目录下的源码[email protected]:/tmp # urlcrazy ziroom.com -r
Since we use the main purpose of Urlcrazy is to determine whether typos domain name can be registered, so, the DNS of a record query is necessary, DNS can not find the corresponding IP domain name is usually for sale of the domain name, may purchase as soon as possible.
Example four: Saving results to a file
# -o 参数用于指定保存结果的文件# -f 参数用来指定数据的保存格式。urlcrazy支持两种格式:human readable 和 CSV,默认为human readable
Results The purpose of saving this function in a file is unclear and does not know how to use it in order to play the role of this function.
Summarize
If you want to use typos domain name to carry out phishing, url hijacking and other attacks, using Urlcrazy bar, you can find a more appropriate typos domain name.
Urlcrazy-View available typos domain names