Unicode exploit defeats eyes-on-the-code by visually rearranging characters using unicode

University of Cambridge discovered a unicode exploit that allows you to rearrange the order in which characters are displayed using nothing but unicode so what you see isn’t the order in which the characters are interpretted by shell, a compiler, daemon, ect.

3 Likes

RedHat made a diagnostic script to see if your code contains the BiDi characters which enable this exploit:

Credit to: Ask Noah Show Episode 257: Supply Chain Attacks for the heads up

1 Like

Now, that is pretty sneaky. Good find !!!

1 Like