ExtensionSpoofer: A Practical Guide to Spoof File Extensions
What is ExtensionSpoofer?
ExtensionSpoofer is a versatile tool designed for anyone who wants to spoof file extensions in a creative (and sometimes deceptive) way. Using a clever technique with the right-to-left override character (U+202E), this software allows you to make files appear with different extensions while maintaining their original functionality. This is particularly useful for disguising file types, making them look like something they’re not. Whether you’re trying to make an executable file look like an image or simply change its icon to throw people off, ExtensionSpoofer makes the process simple and effective.
For example, instead of seeing a file named:
myfile.png
You could trick the system into showing:
myfileexe.png
The file may appear to be an innocent image at first glance, but in reality, it’s still an executable file ready to run. That’s the magic of ExtensionSpoofer—giving you control over how a file presents itself without actually changing its underlying format.
How to Spoof File Extensions with ExtensionSpoofer
ExtensionSpoofer leverages a little-known character called the right-to-left override character (U+202E). When placed in a file name, this character mirrors the characters that come after it. As a result, you can make file extensions appear out of order, tricking people into thinking they’re dealing with a completely different file type.
For example:
test_application[U+202E]gnp.exe
This gets displayed as:
test_applicationexe.png
So, even though the file remains an executable, it looks like a PNG file to the unsuspecting user. Along with this extension trick, ExtensionSpoofer also lets you swap icons, making the fake extension even more convincing.
Supported File Extensions
ExtensionSpoofer allows you to swap between .exe, .com, and .scr extensions—all of which behave similarly to executable files. While many users are aware of .exe, fewer are familiar with the other two, making them excellent candidates for disguise. It’s important to note, however, that icon changes aren’t supported for .com files, so keep that in mind when creating your spoofed files.
Getting Started: Download & Setup
Getting up and running with ExtensionSpoofer is straightforward:
- Download the pre-compiled executable and the Win10Icons folder. You’ll need the folder of icons for the program to work as intended (https://github.com/henriksb/ExtensionSpoofer).
- Extract both the executable and icon folder to a location on your computer. Make sure they’re in the same directory for smooth operation.
The software is now ready to use!
Pro Tip: Want to add new icons? It’s as easy as adding a new icon file to the icons folder. Just name the icon according to the extension type you want to spoof (e.g., name the file exe.ico if you want it to represent an executable), and ExtensionSpoofer will recognize and use it.
Usage Walkthrough
Once the program is open:
- Select the file you want to spoof.
- Choose the extension you want it to appear as: .exe, .scr, or .com.
- Pick an icon to complete the illusion. For example, you could make a .exe file look like a .png by choosing a .png icon and making the extension appear as .png (thanks to the right-to-left trick).
Your file will now look like something it’s not, without changing its true identity.
Important Notice
Be aware that sometimes Windows Defender might not appreciate your creative approach to file extensions. It may flag ExtensionSpoofer as a potential risk and rename the program with a .tmp extension. If that happens, you have two options:
Whitelist the program in Windows Defender to prevent interruptions.
Or, if you’re feeling adventurous, temporarily disable Defender to proceed without interference.
Conclusion
ExtensionSpoofer is a handy tool that puts a lot of control in your hands when it comes to manipulating how files are presented. Whether you’re using it for testing, pranks, or research, the possibilities are vast. Just remember—it’s all in how you use it! Happy spoofing!
If you want to learn more about extension spoofing check out Zaid’s Learn Social Engineering From Scratch 2024 Course.