devploit / Xorpass
Licence: gpl-3.0
Encoder to bypass WAF filters using XOR operations
Stars: ✭ 134
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Xorpass
Aggressor scripts
A collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-5.97%)
Mutual labels: pentesting
Evil Winrm
The ultimate WinRM shell for hacking/pentesting
Stars: ✭ 2,251 (+1579.85%)
Mutual labels: pentesting
Trigmap
A wrapper for Nmap to quickly run network scans
Stars: ✭ 132 (-1.49%)
Mutual labels: pentesting
Reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-2.24%)
Mutual labels: pentesting
Pidrila
Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-6.72%)
Mutual labels: pentesting
Awesome Csirt
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-1.49%)
Mutual labels: pentesting
Pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Stars: ✭ 2,213 (+1551.49%)
Mutual labels: pentesting
Dnstricker
A simple dns resolver of dns-record and web-record log server for pentesting
Stars: ✭ 128 (-4.48%)
Mutual labels: pentesting
Poc T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+1185.07%)
Mutual labels: pentesting
Jsonp
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-2.24%)
Mutual labels: pentesting
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1270.9%)
Mutual labels: pentesting
Cr3dov3r
Know the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+1168.66%)
Mutual labels: pentesting
Asnip
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-5.97%)
Mutual labels: pentesting
Learn Web Hacking
Study Notes For Web Hacking / Web安全学习笔记
Stars: ✭ 2,326 (+1635.82%)
Mutual labels: pentesting
Archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+1244.78%)
Mutual labels: pentesting
XORpass is an encoder to bypass WAF filters using XOR operations.
Installation & Usage
git clone https://github.com/devploit/XORpass
cd XORpass
$ python3 xorpass.py -h
Example of bypass:
Using clear PHP function:
Using XOR bypass of that function:
$ python3 xorpass.py -e "system(ls)"
Why does PHP treat our payload as a string?
The ^ is the exclusive or operator, which means that we're in reality working with binary values. So lets break down what happens.
The XOR operator on binary values will return 1 where just one of the bits were 1, otherwise it returns 0 (0^0 = 0, 0^1 = 1, 1^0 = 1, 1^1 = 0). When you use XOR on characters, you're using their ASCII values. These ASCII values are integers, so we need to convert those to binary to see what's actually going on.
A = 65 = 1000001
S = 83 = 1010011
B = 66 = 1000010
A 1000001
^
S 1010011
^
B 1000010
----------------
result 1010000 = 80 = P
A^S^B = P
If we do an 'echo "A"^"S"^"B";' PHP will return us a P as we see.
Contributors
Contact
Telegram: @devploit
Twitter: @devploit
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].