Example #1
0
def recognise_payload(payload):
    if "usleep" in payload:
        if not settings.TAMPER_SCRIPTS['sleep2usleep']:
            if menu.options.tamper:
                menu.options.tamper = menu.options.tamper + ",sleep2usleep"
            else:
                menu.options.tamper = "sleep2usleep"
        from src.core.tamper import sleep2usleep
        payload = sleep2usleep.transform(payload)

    elif "timeout" in payload:
        if not settings.TAMPER_SCRIPTS['sleep2timeout']:
            if menu.options.tamper:
                menu.options.tamper = menu.options.tamper + ",sleep2timeout"
            else:
                menu.options.tamper = "sleep2timeout"
        from src.core.tamper import sleep2timeout
        payload = sleep2timeout.transform(payload)

    is_decoded = False
    if (len(payload) % 4 == 0) and \
      re.match(settings.BASE64_RECOGNITION_REGEX, payload) and \
      not re.match(settings.HEX_RECOGNITION_REGEX, payload):
        is_decoded = True
        settings.MULTI_ENCODED_PAYLOAD.append("base64encode")
        decoded_payload = base64.b64decode(payload)
        if re.match(settings.HEX_RECOGNITION_REGEX, payload):
            settings.MULTI_ENCODED_PAYLOAD.append("hexencode")
            decoded_payload = decoded_payload.decode("hex")

    elif re.match(settings.HEX_RECOGNITION_REGEX, payload):
        is_decoded = True
        settings.MULTI_ENCODED_PAYLOAD.append("hexencode")
        decoded_payload = payload.decode("hex")
        if (len(payload) % 4 == 0) and \
          re.match(settings.BASE64_RECOGNITION_REGEX, decoded_payload) and \
          not re.match(settings.HEX_RECOGNITION_REGEX, decoded_payload):
            settings.MULTI_ENCODED_PAYLOAD.append("base64encode")
            decoded_payload = base64.b64decode(decoded_payload)

    for encode_type in settings.MULTI_ENCODED_PAYLOAD:
        # Encode payload to base64 format.
        if encode_type == 'base64encode':
            base64_output(payload)
        # Encode payload to hex format.
        if encode_type == 'hexencode':
            hex_output(payload)

    if is_decoded:
        return urllib.quote(decoded_payload)
    else:
        return payload
Example #2
0
def perform_payload_modification(payload):
    for encode_type in list(set(settings.MULTI_ENCODED_PAYLOAD[::-1])):
        # sleep to usleep
        if encode_type == 'sleep2timeout':
            from src.core.tamper import sleep2timeout
            payload = sleep2timeout.transform(payload)
        # sleep to usleep
        if encode_type == 'sleep2usleep':
            from src.core.tamper import sleep2usleep
            payload = sleep2usleep.transform(payload)
        # Add single quotes.
        if encode_type == 'singlequotes':
            from src.core.tamper import singlequotes
            payload = singlequotes.transform(payload)
        # Add caret symbol.
        elif encode_type == 'backslashes':
            from src.core.tamper import backslashes
            payload = backslashes.transform(payload)
        # Add caret symbol.
        elif encode_type == 'caret':
            from src.core.tamper import caret
            payload = caret.transform(payload)
        # Transfomation to nested command
        elif encode_type == 'nested':
            from src.core.tamper import nested
            payload = nested.transform(payload)

    for encode_type in list(set(settings.MULTI_ENCODED_PAYLOAD[::-1])):
        # Encode payload to hex format.
        if encode_type == 'base64encode':
            from src.core.tamper import base64encode
            payload = base64encode.encode(payload)
        # Encode payload to hex format.
        if encode_type == 'hexencode':
            from src.core.tamper import hexencode
            payload = hexencode.encode(payload)

    return payload