Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

obfuscate: no validation on file type #107

Closed
jowasp opened this issue Jul 29, 2016 · 1 comment
Closed

obfuscate: no validation on file type #107

jowasp opened this issue Jul 29, 2016 · 1 comment
Labels
answered question

Comments

@jowasp
Copy link
Collaborator

jowasp commented Jul 29, 2016

encoding/obfuscation module should validate the extension of the file to be encoded, allowing encode on files that are not the chosen format

zsc/obfuscate> ruby
filename> 
.DS_Store                 installer.py              sharmincv.c
.gitignore                readme.md                 uninstaller.py
CHANGELOG.md              secret.c                  version
LICENSE.md                sharmin                   zcr_shellcoder_1.0.9.zip
admin.c                   sharminc.c                zsc.py
filename> secret.c
encode> 
base64          base64_rev      simple_hex      simple_hex_rev
encode> base64
[+] file "secret.c" encoded successfully!
@Ali-Razmjoo
Copy link
Collaborator

Hello Johanna, thanks for noticing, files could be in any type to run as ruby, php, python or any other languages.

test:

C:\Users\Ali\Desktop>cat f.c
print 'i\'m .c file but python'
C:\Users\Ali\Desktop>python f.c
i'm .c file but python

C:\Users\Ali\Desktop>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
answered question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jowasp @Ali-Razmjoo