Class: Unisec::CLI::Commands::Bidi::Spoof

Inherits:

Dry::CLI::Command

• Object
• Dry::CLI::Command
• Unisec::CLI::Commands::Bidi::Spoof

Defined in:

lib/unisec/cli/bidi.rb

Overview

Command unisec bidi spoof

Example:

$ unisec bidi spoof noraj
Target string: noraj
Spoof payload (display) ⚠: ‮jaron‬
Spoof string 🛈: jaron
Spoof payload (hex): e280ae6a61726f6ee280ac
Spoof payload (hex, escaped): \xe2\x80\xae\x6a\x61\x72\x6f\x6e\xe2\x80\xac
Spoof payload (base64): 4oCuamFyb27igKw=
Spoof payload (urlencode): %E2%80%AEjaron%E2%80%AC
Spoof payload (code points): U+202E U+006A U+0061 U+0072 U+006F U+006E U+202C



⚠: for the spoof payload to display correctly, be sure your VTE has RTL support, e.g. see https://wiki.archlinux.org/title/Bidirectional_text#Terminal.
🛈: Does not contain the BiDi character (e.g. RtLO).

$ unisec bidi spoof 'document_annexe.txt' --prefix '' --suffix '' --infix-bidi $'\U202E' --infix-pos 12 --light=true
document_ann‮txt.exe

Instance Method Summary

• #call(input: nil, **options) ⇒ Object

  Craft a payload for BiDi attacks.

Instance Method Details

#call(input: nil, **options) ⇒ Object

Craft a payload for BiDi attacks

Parameters:

• input (String) (defaults to: nil) —

  Input string to spoof

• options (Hash) —

  optional parameters, see Bidi::Spoof.bidi_affix

# File 'lib/unisec/cli/bidi.rb', line 51

def call(input: nil, **options)
  to_bool = ->(str) { ['true', true].include?(str) }
  light = to_bool.call(options.fetch(:light))
  infix_pos = options[:infix_pos].to_i unless options[:infix_pos].nil?
  puts Unisec::Bidi::Spoof.new(input, prefix: options[:prefix], suffix: options[:suffix],
                                      infix_bidi: options[:infix_bidi],
                                      infix_pos: infix_pos).display(light: light)
end