We have many ways to encode hidden messages within a string of characters of a normal text files, or even send a whole txt file disguised as a normal photo.
Hiding a secret message within a strings of characters known as Zero-Width-Character, this method commonly used to prevent people from leaking news or important documents as you send the document to each one of your team along with their names as the hidden message, so whoever leak the important document it will be leaked along with their name inside it.
There is very good tool we can use to hide the messages in the text files, download it from this LINK:
git clone https://github.com/vedhavyas/zwfp.git and then navigate to the directory /root/zwfp/cmd/zwfp/
To see how it works write ./zwfp
Now let’s say we want to hide a message “Hacker!!!” inside the normal message “This is Top Secret Document” and the file is Secret.txt
The command for this will be:
./zwfp “This is Top Secret Document” “Hacker” > Secret.txt
Now as you can see if we use “cat Secret.txt” all we can see is the normal message “This is Top Secret Document”, but if you want to reveal the hidden message it will be like this:
cat Secret.txt | xargs -0 ./zwfp
The output is in two parts, the Cover Text: This is Top Secret Document, which is the normal message we wrote, the second part is the hidden message which is Payload: Hacker.
But let copy this massage in test it in different applications, i tried WPS Office and the result was this:
The letters came separated with spaces between them, making this message a bit suspicious, also pasted the message in note++ and changed the Encoding to ANSI and looked like this:
Which again a bit suspicious as it shouldn’t change if it’s a normal letters.