-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Right-to-Left Override (RLO) character in filename #52
Comments
As far as I can tell, the extension will be properly discovered under linux/with python :
So if you have a executable you try to hide as a .doc (and you manage to bypass the mimetype check), the script will try to process the file as an office document, fail, and add DANGEROUS at the beginning and at the end. And I just realized that if you plug the key on a windows box, the LRO character kicks in and you will very probably get your exe file back (I need to try under windows, but it would make sense) Very good point, we need to sanitize all the files containing |
After reading the Why/What section of CIRClean, I didn't find out any information for protection against Right-to-Left Override character.
Is it removed as it is supposed, or not?
The text was updated successfully, but these errors were encountered: