Offensive Thinking

New github release: Enc

Posted: 2010-04-09

I’ve added a new github repository to my account: Enc. It’s a module containing a variety of encoders, mainly for string encoding. Yes, I know. Please don’t envy me for being so creative with the name. It’s a gift.

Its intended use is for web application fuzzing and the like, but you can of course also use it for whatever string encoding purposes you have. The main reasons why I started to write Enc are that I’m forgetful and I don’t like to repeat myself. I always wrote the same little one- or two-liners again and again, or, worse, I repeatedly searched for them on the net (how do I XOR two strings in Ruby again?). I finally got fed up and started to collect these little snippets in a, hopefully useful, module. My plan is to add new encoders as I need them or think they may be useful someday.

The module includes a very basic command line tool which reads from stdin and writes to stdout. Run the module file with -h to see the currently available encoders:

./enc.rb -h

Available Encoders
------------------
HTML::dec
HTML::hex
HTML::html
MSSQL::char
MySQL::char
MySQL::comment
Std::b64
Std::hex
Std::md5
Std::rand_upcase
Std::sha1
Std::url
Std::xor
UTF8::bin
UTF8::utf8

Usage: ./enc.rb <encoder> [params] <string from stdin>

Examples:
./enc.rb Std::url <<< '<script>'
./enc.rb Std::url true <<< '<script>'

Please see the YARD documentation for available parameters.

The YARD documentation ist available online at http://courts.github.com/enc, if you don’t want to build it yourself. It has a more detailed description of the different encoders.