

‫‬‏‮txet lanoitcerid-iB - mquandalle
https://en.wikipedia.org/wiki/Bi-directional_text#Unicode_support

======
jakub_g
You can exploit this trick to some extent to name a file in a way that spoofs
its real extension. E.g. name an .exe file such that it looks like if it was
.doc (and give the exe an icon associated often with .doc to be even more
convincing).

~~~
13
Works on URLs too.

‮[http://myspace.com/#/segami/moc.koobecaf//:sptth](http://myspace.com/#/segami/moc.koobecaf//:sptth)

~~~
joelthelion
Pretty dangerous, but at least my browser corrects it in the address bar.

------
hayksaakian
The URL is on the left of the submission title.

Is this somehow related?

~~~
13
The submission title is actually "txet lanoitcerid-iB", with a Right To Left
Override control character at the front. The whole line is in reverse it just
doesn't look like it when rendered in your browser. There's a variety of
control characters in unicode which let you stack, reverse, raise and lower
individual pieces of text as you desire.

‮.ekil skool yllaer ti tahw ees ll'uoy dna enil siht gnitsap dna ypoc yrT

~~~
hayksaakian
Interesting, I viewedmthe source of the page, and some of the tags are
reversed too.

Is this an exploit/attack vector?

~~~
cbd1984
Anything that can confuse a person is a potential exploit vector.

That said, I don't know of any specific exploits which rely on this behavior.

------
rwmj
Nice - confuses XFCE as well:
[http://oirase.annexia.org/tmp/hackernews.png](http://oirase.annexia.org/tmp/hackernews.png)

~~~
jaachan
Chrome tab has the title inverted as well

------
im3w1l
You can do the same with sourcecode too.

    
    
        System.out.println("Do ‮live‭"); // not ‬doog
    

Right-left-override is fun, but to see it really shine you have to combine it
with some pop-directional-formatting.

