ZWSP-Tool is a powerful toolkit that allows to manipulate
zero width spaces quickly and easily. ZWSP-Tool allows in
particular to detect, clean, hide, extract and bruteforce
a text containing zero width spaces.
Clone the repository :
$ git clone https://github.com/TwistAtom/ZWSP-Tool.gitMove in the folder :
$ cd ZWSP-ToolAdd the execution right to the installation file :
$ chmod +x install.shFinally, run the installation file :
$ ./install.shAfter installation, you can now launch the ZWSP toolkit from anywhere by typing :
$ zwsp-tool$ cd ZWSP-Tool
$ ./uninstall.sh| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-i,--ignore |
string |
"<char_1>, <char_2>, ..." |
Ignore characters. |
|
-s,--specific |
string |
"<char_1>, <char_2>, ..." |
Clean specific characters. |
| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-i,--ignore |
string |
"<char_1>, <char_2>, ..." |
Ignore characters. |
|
-r,--replace |
string |
{dotted, escaped, named} |
dotted |
Character replacing zero width spaces. |
-s,--search |
string |
"<char_1>, <char_2>, ..." |
Search characters. |
| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-c,--characters |
string |
"<char_1>, <char_2>, ..." |
('\u200b', '\u200c', '\u200d', '\u200e', '\u200f') |
Zero width characters to use to encode the private text. Use the list argument to see some possible characters. |
-e,--encryption |
string |
{AES, RSA, PGP} |
Encryption type. | |
-m,--mask |
string |
<hidden_text> |
Text to hide in another text (public text).RequiredNote: cannot be used with -M, --mfile |
|
-M,--mfile |
string |
<path_to_file> |
Text from a file to hide in another text (public text).RequiredNote: cannot be used with -m, --mask |
|
-s,--space |
boolean |
[[y/yes/true, n/no/false]] |
True |
If enabled, it allows a better discretion by only putting spaces of zero width in existing visible spaces. |
-t,--threshold |
integer |
<number> |
35 |
Size of an encoding string, the larger the number, the more it is possible to encode different characters. However it is best to keep a small size in order to remain discreet. |
-u,--unconstrain |
boolean |
[[y/yes/true, n/no/false]] |
False |
If enabled (enabled by default), hides the masking parameters with the private text in the cover text (public text). In order not to need to remember the parameters at the time of extraction. |
-z,--equalize |
boolean |
[[y/yes/true, n/no/false]] |
True |
If enabled, evenly distribute the zero width spaces, corresponding to the hidden text (private text), on the set of visible spaces of the cover text (public text). |
| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-c,--characters |
string |
"<char_1>, <char_2>, ..." |
('\u200b', '\u200c', '\u200d', '\u200e', '\u200f') |
Zero width characters to use to decode the private text. Use the 'list' argument to see some possible characters. |
-e,--encryption |
string |
{AES, RSA, PGP} |
Encryption type. | |
-t,--threshold |
integer |
<number> |
35 |
Size of an encoding string, the larger the number, the more it is possible to encode different characters. However it is best to keep a small size in order to remain discreet. |
| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-b,--base |
integer |
<base> |
Manually choose a fixed base (e.g : 2 for binary) to force the text. Please note, the base chosen cannot exceed the number of zero width spaces available in the lists. |
|
-c,--characters |
string |
"<char_1>, <char_2>, ..." |
('\u200b', '\u200c', '\u200d', '\u200e', '\u200f') |
Zero width characters to use to decode the private text. |
-d,--demo |
integer |
<preview_size> |
50 |
Size of the preview in number of characters. This allows you to quickly view and analyze bruteforce attempts. |
-e,--encryption |
string |
{AES, RSA, PGP} |
Encryption type. | |
-s,--search |
string |
"<term_1>, <term_2>, ..." |
Specific terms to search for validate a bruteforce attempt. Note: cannot be used with -w, --wily |
|
-t,--threshold |
string |
"<start_range>, <end_range>" |
(10, 38) |
Size of an encoding string, the larger the number, the more it is possible to encode different characters. Select the threshold range to test. |
-w,--wily |
boolean |
[[y/yes/true, n/no/false]] |
True | Intelligent algorithm that only selects attempts that can be interesting to study. Please note that this is largely based on the composition of the latin alphabet. |
| Parameter | Type | Format | Default | Note |
|---|---|---|---|---|
-f,--force |
string |
Overwrite the output file if already existing. |
||
-o,--output |
string |
<output_file> |
File to store the results. | |
-p,--public |
string |
<public_text> |
Visible text to use entered from the command line.RequiredNote: cannot be used with -P, --pfile |
|
-P,--pfile |
string |
<path_to_file> |
Visible text to use from a text file.RequiredNote: cannot be used with -p, --public |
|
-q,--quiet |
boolean |
False |
Disable output verbosity. | |
-v,--verbose |
boolean |
False |
Increase output verbosity. |
1 - Detect zero width characters in text file by displaying them as red dotted markers on standard output :
$ zwsp-tool detect -P path_to_file/suspicious_text.txt2 - Remove zero width characters from a text file :
$ zwsp-tool clean -P path_to_file/suspicious_text.txt3 - Hide private text in cover text with encryption and store the result in an external file :
$ zwsp-tool -o result.txt embed -p "Public text" -m "Private text" -e AES4 - Extract a private text contained in a cover text and display it on standard output :
$ zwsp-tool extract -P path_to_file/text.txt -e AES 5 - Bruteforce a suspicious text containing zero-width characters :
$ zwsp-tool bruteforce -P path_to_file/suspicious_text.txt- add other type of encryption
- improve zero width space detection
- operate the unconstrained mode
Copyright © 2020 TwistAtom
Licensed under the MIT.