当前位置：网站首页>Common coding and encryption in penetration testing

Common coding and encryption in penetration testing

2022-06-24 07:29:00 【Xiaoxiang Xin'an】

Statement ： Most of the official account is from the author's daily notes. , A few articles are also reproduced by authorship of the original author and other official account. , unaccredited , It is strictly prohibited to reprint , If you want to reprint , Contact and talk . Do not use the related technology in the article to engage in illegal testing , Any adverse consequences arising from this are not related to the author and the official account. .

0x01 Preface

We often encounter various kinds of coding and encryption in penetration testing , Here the author sorts out some coding and encryption that I have encountered before , But it must be more than that , In particular, there are too many encryption methods , What I can visually detect is the most common MD5 Ciphertext and encountered , There are also some self writing encryption algorithms , This has to find an encryption algorithm before it can be decrypted .

0x02 Ciphertext recognition

Used to Hash Identifier and hashID All stopped updating , Here are some other recommendations , Using these tools can help us quickly identify ciphertext encryption types , In particular, some uncommon encryption , Up to... Encryption types can be recognized 300+.

https://github.com/noraj/haiti
https://nth.skerritt.blog/（ Online identification ）
https://github.com/HashPals/Name-That-Hash

0x03 Common codes

(1) Unix Time stamp

1218124800

(2) KEYCODE Key code

65 66 67 96 97 98

(3) URL code

%77%77%77%2E%39%30%73%65%63%2E%6F%72%67

(4) ASCII code

119 119 119 46 57 48 115 101 99 46 111 114 103

(5) BASE64 code

d3d3Ljkwc2VjLm9yZw==

(6) HTML Entity encoding

&nbsp;&#160;&lt;&#60;&gt;&#62;&quot;&#34;

(7) Shellcode code

\x54\x68\x65\x7f\x71\x75\x69\x63\x6b\x7f\x62\x72\x6f\x77\x6e\x7f\x66\x6f\x78\x7f\x6a\x75\x6d\x70\x73\x7f\x6f\x76\x65\x72\x7f\x74\x68\x65\x7f\x6c\x61\x7a\x79\x7f\x64\x6f\x67

0xfc,0xe8,0x82,0x00,0x00,0x00,0x60,0x89,0xe5,0x31,0xc0,0x64,0x8b,0x50,0x30,0x8b,0x52,0x0c,0x8b,0x52,0x14,0x8b,0x72,0x28,0x0f

(8) HEX code

HEX（UTF-8）：
0x433A5C696E65747075625C777777726F6F745CE4B8ADE69687E6B58BE8AF955C7368656C6C322E61737078
%43%3a%5c%69%6e%65%74%70%75%62%5c%77%77%77%72%6f%6f%74%5c%e4%b8%ad%e6%96%87%e6%b5%8b%e8%af%95%5c%73%68%65%6c%6c%32%2e%61%73%70%78

HEX（GB2312）：
0x433A5C696E65747075625C777777726F6F745CD6D0CEC4B2E2CAD45C7368656C6C322E61737078
%43%3a%5c%69%6e%65%74%70%75%62%5c%77%77%77%72%6f%6f%74%5c%d6%d0%ce%c4%b2%e2%ca%d4%5c%73%68%65%6c%6c%32%2e%61%73%70%78

(9) Unicode code

Unicode &（10 Base number ）：
&#00057;&#00048;&#00115;&#00101;&#00099;

Unicode &#（16 Base number ）：
&#x0039;&#x0030;&#x0073;&#x0065;&#x0063;

Unicode \u（16 Base number ）：
\u0039\u0030\u0073\u0065\u0063

Unicode \u+（16 Base number ）：
\u+0039\u+0030\u+0073\u+0065\u+0063

Unicode &#x（16 Base number ）：
&#x0039;&#x0030;&#x0073;&#x0065;&#x0063;

0x04 Common encryption

(1) Md5 Ciphertext

16：7a57a5a743894a0e
32：21232f297a57a5a743894a0e4a801fc3
Dede：f297a57a5a743894a0e4
d_Base64：83nq88gxsE3hU0adG+w0Xg==

(2) Unix Ciphertext

$1$ojwqaebp$dLddS8/kz5KKMatc5pzED0

(3) Joomla Ciphertext

6fa7069f6c2b4a7abc376669113acab8:cW2r7QqdGQrp2Rw9sbxCxN85nSek6tlV

(4) phpbb3 Ciphertext

$H$9lhsQ1j9Rt6gMSCYyK08aHzqPcMtRV0

(5) WordPress Ciphertext

$P$B7.PLqdiLRg.Rkh97ToiPcCBAkIopY1

(6) ThinkCFM Ciphertext

###08e3756d043515f77e8de4f5deb00496
###73b13b8b4d767f6c3c2953f123d1a721

(7) BCrypt Ciphertext

salt：eXdimoy4bABQ8EkYB8q8qs1QhyOYhgoq
password：$2a$11$9WTSoQLDXh4mQqGKI1nnsu08epqZ4kWuax4uKXcYrpAmCgexUhSdy

salt：utd5oxxsLzjZdJ4u
password：$2a$11$0MbtX7oUa7y0bkrQlpiLt.Vg9v7OB6ufYjFsaCZEhhw.3IrmdCm3C

(8) SHA-256 Ciphertext

8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92

(9) MySQL Ciphertext

root:*CFEACB746725A1970C2D52AFC1CD3BF655F967E8
root:*04239094E3A4AE0936294517DA2F4C5E1EEECB1A

(10) Linux Ciphertext （User:$Id$Salt$Encrypted）

root:$6$JdEBYrDU$kGnd0v98dZfv6EVm9jkxAdVnPoUmEuizOaNSDpPujIl0L0LGMv.eLet3UesZUbRWCs8AU6qiT35T1p5nKe2xA0:17228:0:99999:7:::
root:$6$AG6Kz2la$bUD3UtDKBjHsiTs8gtWBjTTGntuunxc7007J2/IvnGMbg6mmjaED7IW5DUYpaHA4HfVbmS/v8nwkdkIJRrP5L1:17665:0:99999:7:::

(11) Windows_NTLM Ciphertext （USER:RID:LM-HASH:NT-HASH）

Administrator:500:NO PASSWORD*********************:30B9EFEE7B2580B3E8C7EAEC4225B9FF:::
Administrator:500:12cd0b7dce4721465d91fa7df63b95a6:83377f81ab257fbb81a504c75a60490a:::

What wonderful encryption and coding have we all encountered ？ Welcome to the backstage message ！！！

0x05 Other information

CTF Common encoding and decryption in .pdf

https://www.yuque.com/attachments/yuque/0/2021/pdf/1793901/1624198885865-acc424f6-5f8b-4bdf-b093-260d7c9000b5.pdf

原网站

版权声明
本文为[Xiaoxiang Xin'an]所创，转载请带上原文链接，感谢
https://yzsam.com/2021/07/20210701135731237Z.html