Jump to content
BGS

Python XSS encoder

By BGS, in Programare

Recommended Posts

BGS Newbie

BGS

Posted
Posted 

'''
Python XSS payload encoder
Author: BGS (rstcenter.com)
Contributor cmiN (rstcenter.com)
Date: 13 August 2011
Version: Python 2.7
'''
#!/usr/bin/env python

import time
import sys
import urllib2 
import base64




def main():

    try:
        if  sys.argv[1] == "help":
            print '[-]'+time.ctime()
            print'''[-]Instructions:
                encoder.py <encoding type> "<string>"
                Available encodings: ascii b64 hex url
[-]Exiting... 
             '''
        elif sys.argv[1] == "b64":
            b64_encode()
        elif sys.argv[1] == "ascii":
            ascii_encode()
        elif sys.argv[1] == "hex":
            hex_encode()
        elif sys.argv[1] == "url":
            url_encode()

        else:
            sys.exit(1)
    except Exception, e:
        print 'Type "encoder.py help" for instructions! '
        sys.exit(1)


def b64_encode():
    payload = sys.argv[2]
    encoded = base64.standard_b64encode(payload)
    print ' ################## B64 String #######################'
    print ''
    print 'String:' + encoded
    print ''
    print "#################### >>EOF<< #########################"


def ascii_encode():
    payload = sys.argv[2]
    string = ''

    for w in payload:
        string += str(ord(w)) + ","
    print ' ################## ASCII String #####################'
    print ''
    print 'string.fromCharCode(' + string.strip(",") +')' 
    print ''
    print "#################### >>EOF<< #########################"


def hex_encode():
    payload = sys.argv[2]
    encoded = payload.encode('hex')
    print ' ################## HEX String #######################'
    print ''
    print 'String:' + encoded
    print ''
    print "#################### >>EOF<< #########################"




def url_encode():
    payload = sys.argv[2]
    encoded = urllib2.quote(payload.encode("utf8"))   
    print ' ################## URL String #######################'
    print ''
    print 'String:' + encoded
    print ''
    print "#################### >>EOF<< #########################"



if __name__ == '__main__':
    main()

...Java sucks :D

  • Upvote 2
Link to comment
Share on other sites
michee Newbie

michee

Posted
Posted

Java rulezz ba.....ascult-o de la unu care-a trecut prin destule limbaje de scripting : php, python, ruby.....sunt bune si astea ptr scripting...pan' la urma te-ntorci tot la chestiile hardcore gen c/c++/asm si mai nou m-am bagat si pe java care mi se pare similar cu c++ doar ca mai evoluat. parerea mea. In fine nu vreau sa-ncepem un flame war.

Link to comment
Share on other sites
michee Newbie

michee

Posted
Posted

tehnic vorbind cred ca tu l-ai inceput cu "Java sucks":P....

Ceea ce vreau eu sa punctez este, ca sa-nteleaga si altzii:

1) exemplul e mult prea simplu ptr ca ceilaltzi sa treaga o concluzie cu privire la capacitatile fiecarui limbaj de programare(java, python etc).

2)opinia mea de programator care-a trecut prin toate si dupa niste ani a ajung la concluzia de mai sus. Poate o s-ajute niste newbie confuzi sa nu faca aceeasi greseala ca si mine si anume sa acorde o importantza prea mare limbajelor de scripting in defavoarea celor mai grele cen c/c++/asm. S-ar putea sa regrete mai tarziu. Limbajele de scripting sunt ca sa "coci" ceva simplu si rapid in ele.

Repet, e doar opinia mea dupa vrep ~10 ani de programare.

Sorry de off-topic, mi s-a parut important sa mentionez astea.

Link to comment
Share on other sites
devacanta Newbie

devacanta

Posted
Posted

mai nu am lucrat in java .. dar am vazut ca pe partea de web(pc windows), aplicatiile java sunt pe cale de disparitie.. singura ramura de care ma mai lovesc si vad ca o duce java bine sunt terminalele mobile.. dar cred ca cu timpul o sa dispara odata cu cresterea performantelor si migrarea catre sisteme de operare gen win mobile.. si andoid...etc

totusi vad ca programatorii java sunt destul de cautati..

parerea mea personala e ca o sa dispara ..incet dar sigur, pentru ca microsoft are o influenta mai mare cu .net ul lor

@on: bravo bgs

Link to comment
Share on other sites
l3asketballplayer Newbie

l3asketballplayer

Posted
Posted
Java rulezz ba.....ascult-o de la unu care-a trecut prin destule limbaje de scripting : php, python, ruby.....sunt bune si astea ptr scripting...pan' la urma te-ntorci tot la chestiile hardcore gen c/c++/asm si mai nou m-am bagat si pe java care mi se pare similar cu c++ doar ca mai evoluat. parerea mea. In fine nu vreau sa-ncepem un flame war.

On: bravo!

Off: c++ hardcore =))). In viitor poate si python o sa fie hardcore :))

@bgs: java e cel mai folosit limbaj :P

Link to comment
Share on other sites
gigaevil Newbie

gigaevil

Posted
Posted

Off: Sunt de parere ca nu conteaza limbajul in care scrii. De exemplu eu mi-am scris propriul interpretor a unui limbaj de sintaxa gen C si cu conector propriu pentru Prolog(implementat de mine algoritmul de rezolutie si reprezentarea clauzala).

Fiecare limbaj are un avantaj sau dezavantaj(compromisuri)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...