Spoofing file extensions — Ethical Hacking

This content originally appeared on Level Up Coding - Medium and was authored by Gourav Dhar

Spoofing File Extensions — Ethical Hacking

File extension spoofing is a handy trick when creating trojans. In this blog, I will be spoofing the ‘.exe’ extension to the ‘.jpg’ extension. But this method can be extended to spoof any extension type.

I have a file named trojan.exe whose name I will change to sports_complexe.jpg by the end of this blog.

I will use a right-to-left-override character to spoof the extension .exe and replace it with .jpg . Let me tell you how.

Current file name -> trojan.exe

Desired extension -> .jpg

To remove the .exe from extension, I will use a right-to-left-override character to make the file name read from right to left after the right-to-left-override is placed.

Right-to-left of .jpg would be gpj.

To get the right-to-left-override character open the characters application in Ubuntu and search for the right-to-left-override character. You can follow the steps shown in the pictures below.

Rename trojan.exe to trojangpj.exe . Paste the right-to-left-override character at the 7th position after trojan. All the characters after the right-to-left-override character will be flipped i.e. read right to left.

The filename now looks like trojanexe.jpg

To make the executable look more realistic, since the image icon contained in the file is of a sports complex I will replace trojan in the name with sports_compl so that the file name reads sports_complexe.jpg

And tada! , the file extension spoofing was successful. Some recent browsers remove the right-to-left-override before downloading. So it is a good idea to zip the file and send it over.

To get updates on more such interesting topics follow me here. Feel free to comment and share your experiences and thoughts. Don’t forget to checkout my website at https://gourav-dhar.com for more hacking related blogs.

Spoofing file extensions — Ethical Hacking was originally published in Level Up Coding on Medium, where people are continuing the conversation by highlighting and responding to this story.

This content originally appeared on Level Up Coding - Medium and was authored by Gourav Dhar

Print Share Comment Cite Upload Translate Updates

APA

Gourav Dhar | Sciencx (2022-03-07T03:21:09+00:00) Spoofing file extensions — Ethical Hacking. Retrieved from https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/

MLA

" » Spoofing file extensions — Ethical Hacking." Gourav Dhar | Sciencx - Monday March 7, 2022, https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/

HARVARD

Gourav Dhar | Sciencx Monday March 7, 2022 » Spoofing file extensions — Ethical Hacking., viewed ,<https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/>

VANCOUVER

Gourav Dhar | Sciencx - » Spoofing file extensions — Ethical Hacking. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/

CHICAGO

" » Spoofing file extensions — Ethical Hacking." Gourav Dhar | Sciencx - Accessed . https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/

IEEE

" » Spoofing file extensions — Ethical Hacking." Gourav Dhar | Sciencx [Online]. Available: https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/. [Accessed: ]

rf:citation

» Spoofing file extensions — Ethical Hacking | Gourav Dhar | Sciencx | https://www.scien.cx/2022/03/07/spoofing-file-extensions-ethical-hacking/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.