Beispiel #1
0
def perform_payload_modification(payload):
    for encode_type in list(set(settings.MULTI_ENCODED_PAYLOAD[::-1])):
        # Add single quotes.
        if encode_type == 'singlequotes':
            from src.core.tamper import singlequotes
            payload = singlequotes.transform(payload)
        # Add caret symbol.
        elif encode_type == 'backslashes':
            from src.core.tamper import backslashes
            payload = backslashes.transform(payload)
        # Add caret symbol.
        elif encode_type == 'caret':
            from src.core.tamper import caret
            payload = caret.transform(payload)
        # Transfomation to nested command
        elif encode_type == 'nested':
            from src.core.tamper import nested
            payload = nested.transform(payload)

    for encode_type in list(set(settings.MULTI_ENCODED_PAYLOAD[::-1])):
        # Encode payload to hex format.
        if encode_type == 'base64encode':
            from src.core.tamper import base64encode
            payload = base64encode.encode(payload)
        # Encode payload to hex format.
        if encode_type == 'hexencode':
            from src.core.tamper import hexencode
            payload = hexencode.encode(payload)

    return payload
Beispiel #2
0
def check_backslashes(payload):
    # Check for single quotes
    if payload.count("\\") >= 15:
        if not settings.TAMPER_SCRIPTS['backslashes']:
            if menu.options.tamper:
                menu.options.tamper = menu.options.tamper + ",backslashes"
            else:
                menu.options.tamper = "backslashes"
        from src.core.tamper import backslashes
        payload = backslashes.transform(payload)