RedTeam
Others
Bypass
Unicode

What is Unicode

Unicode characters are characters that represent virtually all written languages used in the world today. They include alphabets, symbols, emojis, and special characters from different scripts and writing systems.

In hacking, Unicode characters can be used in several ways:

  1. Unicode-based attacks: Hackers might use Unicode characters to evade detection or manipulate data. For example, they might use visually similar characters to bypass input validation filters or disguise malicious code.
  2. Unicode injection: Similar to SQL injection, hackers might attempt to exploit vulnerabilities in systems by injecting Unicode characters into input fields to execute unauthorized commands or gain access to sensitive data.
  3. Unicode encoding: Hackers might encode malicious payloads or commands using Unicode encoding schemes to obfuscate them and bypass security measures. This technique can help conceal the true nature of the payload from detection mechanisms.
  4. Unicode exploits: In some cases, vulnerabilities in software or systems can be exploited using specially crafted Unicode characters or sequences to trigger unexpected behavior or execute arbitrary code.

Type of Unicode

RTLO

The Unicode RTLO character (U+202E) is employed deceptively in attacks, flipping text direction to disguise file types or URLs.

# File Vulnerability (Windows)
Annexe.txt.exe  Using RTLO ---> Ann[RTLO Unicode]txt.exe = Annexe.txt (Executable) 

Fake Dot

The Unicode Dot character (U+022E) is often used deceptively in Linux attacks, such as naming a file SOMETHING(UNICODE U+022E)PDF and marking it executable. When zipped, this file appears as a .pdf but isn't a valid PDF due to the fake dot and can be executable.

# File Renaming (Linux)
Annexe.pdf  ---> Using Fake DOT + Executable Status = Annexe․pdf (Executable)