magine that you want to check a small configuration file for malicious manipulations. Let’s further assume that the file is very small (only 5 non-comment lines) and that you know the expected contents of the configuration file very well. Doesn’t it sound like a really easy task to find out whether there is a backdoor in the configuration file or not? Well, it may have been a simple task until Linux distributions started to enable Unicode in the default installation. Today things are a little bit different and it is entirely possible to make a malicious manipulation to a simple configuration file which can’t be seen when viewing the file in a terminal with cat, less or a text editor using a Unicode homoglyph attack .
more here.........http://www.jakoblell.com/blog/2014/05/07/hacking-contest-invisible-configuration-file-backdooring-with-unicode-homoglyphs/
more here.........http://www.jakoblell.com/blog/2014/05/07/hacking-contest-invisible-configuration-file-backdooring-with-unicode-homoglyphs/