adriann54 Posted August 8, 2011 Report Posted August 8, 2011 Download : AdF.ly - shrink your URLs and get paid!java -jar Encoder.jarSursaimport javax.swing.*;import java.awt.event.*;/* * Author: blixna_waka */public class Encoder {JComboBox types;JTextArea source; public static void main(String[] args) { Main body = new Main(); body.setUpGui(); }public void setUpGui(){String[] typeStrings = {"Hex-URL", "Hex-HTML","Dec-HTML", "Base64"}; JFrame frame = new JFrame("Blixna's XSS Encoder"); JPanel panel = new JPanel(); JButton go = new JButton("Encode!"); types = new JComboBox(typeStrings); source = new JTextArea(10, 30); source.setLineWrap(true); JScrollPane pane = new JScrollPane(source); pane.setHorizontalScrollBarPolicy(JScrollPane.HORIZONTAL_SCROLLBAR_NEVER); pane.setVerticalScrollBarPolicy(JScrollPane.VERTICAL_SCROLLBAR_AS_NEEDED); panel.add(pane); panel.add(types); panel.add(go); go.addActionListener(new encodeHandler()); frame.getContentPane().add(panel); frame.setSize(360, 220); frame.setResizable(false); frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); frame.setVisible(true);} static public String hexUrlEncode(String str) { return encode(str, hexUrlEncode); } static public String hexHtmlEncode(String str) { return encode(str, hexHtmlEncode); } static public String decimalHtmlEncode(String str) { return encode(str, decimalHtmlEncode); } static public String base64Encode(String str) {byte[] buf = str.getBytes(); String encoded = new sun.misc.BASE64Encoder().encode(buf); return encoded; } static private String encode(String str, CharEncoder encoder) { StringBuilder buff = new StringBuilder(); for ( int i = 0; i < str.length(); i++) encoder.encode(str.charAt(i), buff); return ""+buff; } private static class CharEncoder { String prefix, suffix; int radix; public CharEncoder(String prefix, String suffix, int radix) { this.prefix = prefix; this.suffix = suffix; this.radix = radix; } void encode(char c, StringBuilder buff) { buff.append(prefix).append(Integer.toString(c, radix)).append(suffix); } } static final CharEncoder hexUrlEncode = new CharEncoder("%","",16); static final CharEncoder hexHtmlEncode = new CharEncoder("",";",16); static final CharEncoder decimalHtmlEncode = new CharEncoder("","",10);public class encodeHandler implements ActionListener { public void actionPerformed(ActionEvent e) {//hex-urlif(types.getSelectedIndex() == 0){String sourceString = source.getText(); String encodedString = hexUrlEncode(sourceString); source.setText(encodedString);}//hex-htmlif(types.getSelectedIndex() == 1){String sourceString = source.getText(); String encodedString = hexHtmlEncode(sourceString); source.setText(encodedString);}//dec-htmlif(types.getSelectedIndex() == 2){String sourceString = source.getText(); String encodedString = decimalHtmlEncode(sourceString); source.setText(encodedString);}//base64if(types.getSelectedIndex() == 3){String sourceString = source.getText();byte[] b64Buffer = sourceString.getBytes(); String encodedString = base64Encode(sourceString); source.setText(encodedString);}}}Compilejavac Encoder.javaRun (daca nu e .jar):java EncoderNu este al meu sau creat de mine... Quote
michee Posted August 12, 2011 Report Posted August 12, 2011 mie-mi da:Exception in thread "main" java.lang.RuntimeException: Uncompilable source code - cannot find symbol symbol: class Main location: class Encoder at Encoder.main(Encoder.java:10)Java Result: 1ca nu gaseste clasa Main();sorry, sunt beginner la java. Asta pe langa faptul c-am mai adaugat o '}' la sfarsit.Mai trebuie importat ceva? definita vreo clasa? Quote
M2G Posted August 12, 2011 Report Posted August 12, 2011 mie-mi da:Exception in thread "main" java.lang.RuntimeException: Uncompilable source code - cannot find symbol symbol: class Main location: class Encoder at Encoder.main(Encoder.java:10)Java Result: 1ca nu gaseste clasa Main();sorry, sunt beginner la java. Asta pe langa faptul c-am mai adaugat o '}' la sfarsit.Mai trebuie importat ceva? definita vreo clasa?Daca ai luat sursa sa o compilezi intr-un IDE cum e NetBeans sau Eclipse trebuie doar sa adaugi sursa sa selectezi fisierul cu click dreapta si alegi "Run File" Quote
michee Posted August 13, 2011 Report Posted August 13, 2011 exact asta am facut. si din Netbeans si din linie de comanda apoi.Pana la urma care e clasa Main? unde e definita?Mersi. Quote
cmiN Posted August 13, 2011 Report Posted August 13, 2011 Codul e futut, iar clasa principala e Encoder, oricum foloseste jarul daca vrei sa-ti mearga ceva, am impresia ca merge dezarhivat si poti vedea sursa cum trebuie inclusiv si manifestul. Quote
michee Posted August 13, 2011 Report Posted August 13, 2011 hai ca l-am si fixat cu skill-urile mele de newbie in java.inlocuitiMain body = new Main();cuEncoder body = new Encoder (); Quote
M2G Posted August 13, 2011 Report Posted August 13, 2011 Da, nu mergea din cauza ca nu exista o clasa main si prin linia Main body = new Main(); asta se cerea defapt. Codul probabil a fost luat din cele trei clase si pus in una singura sub forma de clase interioare. Un program Java, atunci cand ruleaza are nevoie de functia Main() (La fel ca la c/c++). Deoarece se instatia o clasa care nu exista nu avea cum sa compileze si zicea ca nu gaseste fucntia Main().dupa cum se vede functia Main() se afla in clasa Encoder. De aceea trebuie instantiata cu Encoder body = new Encoder (); (dupa cum zicea si michee).Oricum am decriptat jar-ul si am postat mai jos sursa ca sa nu mai fie probleme.Clasa Main$encodeHandler:import java.awt.event.ActionEvent;import java.awt.event.ActionListener;import javax.swing.JComboBox;import javax.swing.JTextArea;public class Main$encodeHandler implements ActionListener{ public Main$encodeHandler(Main paramMain) { } public void actionPerformed(ActionEvent e) { if (this.this$0.types.getSelectedIndex() == 0) { String sourceString = this.this$0.source.getText(); String encodedString = Main.hexUrlEncode(sourceString); this.this$0.source.setText(encodedString); } if (this.this$0.types.getSelectedIndex() == 1) { String sourceString = this.this$0.source.getText(); String encodedString = Main.hexHtmlEncode(sourceString); this.this$0.source.setText(encodedString); } if (this.this$0.types.getSelectedIndex() == 2) { String sourceString = this.this$0.source.getText(); String encodedString = Main.decimalHtmlEncode(sourceString); this.this$0.source.setText(encodedString); } if (this.this$0.types.getSelectedIndex() == 3) { String sourceString = this.this$0.source.getText(); byte[] b64Buffer = sourceString.getBytes(); String encodedString = Main.base64Encode(sourceString); this.this$0.source.setText(encodedString); } }}Clasa Main$CharEncoder:class Main$CharEncoder{ String prefix; String suffix; int radix; public Main$CharEncoder(String prefix, String suffix, int radix) { this.prefix = prefix; this.suffix = suffix; this.radix = radix; } void encode(char c, StringBuilder buff) { buff.append(this.prefix).append(Integer.toString(c, this.radix)).append(this.suffix); }}Clasa Main: import java.awt.Container;import java.awt.event.ActionEvent;import java.awt.event.ActionListener;import javax.swing.JButton;import javax.swing.JComboBox;import javax.swing.JFrame;import javax.swing.JPanel;import javax.swing.JScrollPane;import javax.swing.JTextArea;import sun.misc.BASE64Encoder;public class Main{ JComboBox types; JTextArea source; static final CharEncoder hexUrlEncoder = new CharEncoder("%", "", 16); static final CharEncoder hexHtmlEncoder = new CharEncoder("", ";", 16); static final CharEncoder decimalHtmlEncoder = new CharEncoder("", "", 10); public static void main(String[] args) { Main body = new Main(); body.setUpGui(); } public void setUpGui() { String[] typeStrings = { "Hex-URL", "Hex-HTML", "Dec-HTML", "Base64" }; JFrame frame = new JFrame("Blixna's XSS Encoder"); JPanel panel = new JPanel(); JButton go = new JButton("Encode!"); this.types = new JComboBox(typeStrings); this.source = new JTextArea(10, 30); this.source.setLineWrap(true); JScrollPane pane = new JScrollPane(this.source); pane.setHorizontalScrollBarPolicy(31); pane.setVerticalScrollBarPolicy(20); panel.add(pane); panel.add(this.types); panel.add(go); go.addActionListener(new encodeHandler()); frame.getContentPane().add(panel); frame.setSize(360, 220); frame.setResizable(false); frame.setDefaultCloseOperation(3); frame.setVisible(true); } public static String hexUrlEncode(String str) { return encode(str, hexUrlEncoder); } public static String hexHtmlEncode(String str) { return encode(str, hexHtmlEncoder); } public static String decimalHtmlEncode(String str) { return encode(str, decimalHtmlEncoder); } public static String base64Encode(String str) { byte[] buf = str.getBytes(); String encoded = new BASE64Encoder().encode(buf); return encoded; } private static String encode(String str, CharEncoder encoder) { StringBuilder buff = new StringBuilder(); for (int i = 0; i < str.length(); i++) encoder.encode(str.charAt(i), buff); return "" + buff; } public class encodeHandler implements ActionListener { public encodeHandler() { } public void actionPerformed(ActionEvent e) { if (Main.this.types.getSelectedIndex() == 0) { String sourceString = Main.this.source.getText(); String encodedString = Main.hexUrlEncode(sourceString); Main.this.source.setText(encodedString); } if (Main.this.types.getSelectedIndex() == 1) { String sourceString = Main.this.source.getText(); String encodedString = Main.hexHtmlEncode(sourceString); Main.this.source.setText(encodedString); } if (Main.this.types.getSelectedIndex() == 2) { String sourceString = Main.this.source.getText(); String encodedString = Main.decimalHtmlEncode(sourceString); Main.this.source.setText(encodedString); } if (Main.this.types.getSelectedIndex() == 3) { String sourceString = Main.this.source.getText(); byte[] b64Buffer = sourceString.getBytes(); String encodedString = Main.base64Encode(sourceString); Main.this.source.setText(encodedString); } } } private static class CharEncoder { String prefix; String suffix; int radix; public CharEncoder(String prefix, String suffix, int radix) { this.prefix = prefix; this.suffix = suffix; this.radix = radix; } void encode(char c, StringBuilder buff) { buff.append(this.prefix).append(Integer.toString(c, this.radix)).append(this.suffix); } }} Quote
BGS Posted August 13, 2011 Report Posted August 13, 2011 Nu am reusit sa compilez sursa si nici sa rulez jar-ul asa ca mi-am facut propria versiune enjoy !'''Python XSS payload encoderAuthor: BGS (rstcenter.com)Contributor cmiN (rstcenter.com)Date: 13 August 2011Version: Python 2.7'''#!/usr/bin/env pythonimport timeimport sysimport urllib2 import base64def main(): try: if sys.argv[1] == "help": print '[-]'+time.ctime() print'''[-]Instructions: encoder.py <encoding type> "<string>" Available encodings: ascii b64 hex url[-]Exiting... ''' elif sys.argv[1] == "b64": b64_encode() elif sys.argv[1] == "ascii": ascii_encode() elif sys.argv[1] == "hex": hex_encode() elif sys.argv[1] == "url": url_encode() else: sys.exit(1) except Exception, e: print 'Type "encoder.py help" for instructions! ' sys.exit(1)def b64_encode(): payload = sys.argv[2] encoded = base64.standard_b64encode(payload) print ' ################## B64 String #######################' print '' print 'String:' + encoded print '' print "#################### >>EOF<< #########################"def ascii_encode(): payload = sys.argv[2] string = '' for w in payload: string += str(ord(w)) + "," print ' ################## ASCII String #####################' print '' print 'string.fromCharCode(' + string.strip(",") +')' print '' print "#################### >>EOF<< #########################"def hex_encode(): payload = sys.argv[2] encoded = payload.encode('hex') print ' ################## HEX String #######################' print '' print 'String:' + encoded print '' print "#################### >>EOF<< #########################"def url_encode(): payload = sys.argv[2] encoded = urllib2.quote(payload.encode("utf8")) print ' ################## URL String #######################' print '' print 'String:' + encoded print '' print "#################### >>EOF<< #########################"if __name__ == '__main__': main() Quote
michee Posted August 13, 2011 Report Posted August 13, 2011 cum sa nu reusesti sa rulezi jar-ul?.....ala n-are nici un motiv sa nu mearga.De asemeni nici sursa n-are motiv sa nu mearga, dupa ce faci modificarea mentzionata mai sus. Quote
BGS Posted August 13, 2011 Report Posted August 13, 2011 Dude bag java -jar cacat_de_encoder.jar imi deschide fereastra si nu pot baga input in el nu merge textarea unde trebuie sa bag ala sa mil encodeze . Quote
michee Posted August 13, 2011 Report Posted August 13, 2011 nush cum dracu nu-ti merge tie....in fine. Quote
BGS Posted August 13, 2011 Report Posted August 13, 2011 Credema nu am nevoie de encodere l-am facut pentru exercitiu si asta o sa fac cu fiecare script scris in alt limbaj daca voi sti si voi putea voi face o versiune pentru py .Si nu imi merge pur si simplu ce vrei poate in linux o fi dand rateuri desi ma indoiesc . daca nu ma crezi te invit sa intri cu team viewer sa te convingi =) . Quote
michee Posted August 13, 2011 Report Posted August 13, 2011 asa o fi ma nu zic nu....nici io nu-s expert in java, sunt bagat de curand in el, da' sunt fascinat de ce poate. Quote
