Full Disclosure mailing list archives
Re: UTF reverse-writing WYSINWG "feature"
From: "HASEGAWA Yosuke" <yosuke.hasegawa () gmail com>
Date: Fri, 31 Aug 2007 10:21:26 +0900
Hi. On 8/28/07, Tonu Samuel <tonu () jes ee> wrote:
But by concerns are related to security. For example even looking title of this digg.com page with Firefox or Konqueror and you see that browser name is reversed! I looked into source code with Firefox and lot of things are reversed too!
In Japan, this trick -- Visual camouflage usgin Unicode Bidi -- is already known since 2005. By including RLO(U+202E) in the a file name, Visual spoofing of the extension is possible. For example, create a file named such as: "this-(U+202E)txt.exe" And when this file is indicated over theExplorer.exe, it is visible in "this-exe.txt", like as a TEXT file. Although this file is visible to txt file seemingly, but, of course, it operates as exe file. Here is the sample image on Japanese edition of Windows. <http://openmya.hacker.jp/hasegawa/public/20061209/momiji9.png> In Japan, it is already said that the malware which used this trick is distributed through a Winny the most famous P2P software in Japan - network. Execution of malware by this trick can be prevented by restricting execution of the file which contains RLO in a filename,using group (or local) policy. -- HASEGAWA Yosuke yosuke.hasegawa () gmail com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- UTF reverse-writing WYSINWG "feature" Tonu Samuel (Aug 27)
- Re: UTF reverse-writing WYSINWG "feature" scott (Aug 27)
- Re: UTF reverse-writing WYSINWG "feature" Tonu Samuel (Aug 28)
- Re: UTF reverse-writing WYSINWG "feature" Deeþan Chakravarthy (Aug 30)
- Re: UTF reverse-writing WYSINWG "feature" Mark Janssen (Aug 30)
- Re: UTF reverse-writing WYSINWG "feature" HASEGAWA Yosuke (Aug 30)
- Re: UTF reverse-writing WYSINWG "feature" scott (Aug 27)