Offensive Thinking

Internet Thoughtcrime

New github release: Enc

Posted: 2010-04-09

I’ve added a new github repository to my account: Enc. It’s a module containing a variety of encoders, mainly for string encoding. Yes, I know. Please don’t envy me for being so creative with the name. It’s a gift.

Its intended use is for web application fuzzing and the like, but you can of course also use it for whatever string encoding purposes you have. The main reasons why I started to write Enc are that I’m forgetful and I don’t like to repeat myself. I always wrote the same little one- or two-liners again and again, or, worse, I repeatedly searched for them on the net (how do I XOR two strings in Ruby again?). I finally got fed up and started to collect these little snippets in a, hopefully useful, module. My plan is to add new encoders as I need them or think they may be useful someday.

The module includes a very basic command line tool which reads from stdin and writes to stdout. Run the module file with -h to see the currently available encoders:

        
        ./enc.rb -h
        
        Available Encoders
        ------------------
        HTML::dec
        HTML::hex
        HTML::html
        MSSQL::char
        MySQL::char
        MySQL::comment
        Std::b64
        Std::hex
        Std::md5
        Std::rand_upcase
        Std::sha1
        Std::url
        Std::xor
        UTF8::bin
        UTF8::utf8
        
        Usage: ./enc.rb <encoder> [params] <string from stdin>
        
        Examples:
        ./enc.rb Std::url <<< '<script>'
        ./enc.rb Std::url true <<< '<script>'
        
        Please see the YARD documentation for available parameters.
        
        

The YARD documentation ist available online at http://courts.github.com/enc, if you don’t want to build it yourself. It has a more detailed description of the different encoders.