{"id":10582,"date":"2006-11-15T03:27:24","date_gmt":"2006-11-15T00:27:24","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/2006\/11\/15\/typosquatting-hack\/"},"modified":"2006-11-15T03:27:24","modified_gmt":"2006-11-15T00:27:24","slug":"typosquatting-hack","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2006\/11\/15\/typosquatting-hack\/","title":{"rendered":"Typosquatting hack"},"content":{"rendered":"\n

I’ve been hearing a lot about typosquatting<\/a> recently. Typosquattting is a method bad guys use to make money on the Internet. What they do is they get a list of popular domain names, like Google.com and Yahoo.com, then figure out which are the most common ways people mistype these addresses, and then they register those mistyped domain names and use them for making money by displaying advertising banners and redirecting to other web sites.<\/p>\n

If you think about it for a second, there are a few types of typing mistakes which are easier to make. Missing a character, typing a couple of characters in the wrong order (‘teh’ instead of ‘the’), typing a sticky character (‘nn’ instead of ‘n’), or hitting a wrong key on the keyboard (‘u’ instead of ‘i’). All these mistakes are easy to predict and, thus, use for typosquatting.<\/p>\n

While I was thinking about it, I decided to try it out – write a small script that will check how many mistyped domains are there and how many of them are already registered. It turned out, the script was extremely easy to write – I started with it with my morning coffee and finished it before the coffee got cold. It took about altogether about 8 minutes, so don’t jump too hard on it.<\/p>\n

domain_finder.pl<\/a><\/p>\n

Requirements<\/strong><\/p>\n

You won’t need a lot to try it out – perl interpreter, Net::Domain::ExpireDate<\/code> module (get it from CPAN<\/a>), and Internet connection.<\/p>\n

How to use<\/strong><\/p>\n

In the simplest form you can just run the script like this:<\/p>\n

.\/domain_finder.pl google<\/pre>\n
You’ll see a whole bunch of variations on how to mistype “google”, and the status of .com domain for each of these variations.<\/p>\n
For more control, check the script’s source code.  You can easily make it more silent or more verbose, check domains in other TLDs, and create your own rules for typing mistakes.<\/p>\n
How does it work<\/strong><\/p>\n
The script takes a single parameter – the domain that you want to check, without the TLD part.  It then creates all variations of this domain with the following mistakes:<\/p>\n