XssEncode
Converts characters from one encoding to another using a transformation.
Details
Installs
- Total 5K
- Win 4K
- Mac 656
- Linux 309
| Apr 2 | Apr 1 | Mar 31 | Mar 30 | Mar 29 | Mar 28 | Mar 27 | Mar 26 | Mar 25 | Mar 24 | Mar 23 | Mar 22 | Mar 21 | Mar 20 | Mar 19 | Mar 18 | Mar 17 | Mar 16 | Mar 15 | Mar 14 | Mar 13 | Mar 12 | Mar 11 | Mar 10 | Mar 9 | Mar 8 | Mar 7 | Mar 6 | Mar 5 | Mar 4 | Mar 3 | Mar 2 | Mar 1 | Feb 28 | Feb 27 | Feb 26 | Feb 25 | Feb 24 | Feb 23 | Feb 22 | Feb 21 | Feb 20 | Feb 19 | Feb 18 | Feb 17 | Feb 16 | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Windows | 0 | 19 | 11 | 1 | 0 | 6 | 16 | 13 | 13 | 14 | 2 | 2 | 11 | 7 | 12 | 9 | 14 | 3 | 12 | 8 | 13 | 7 | 14 | 8 | 1 | 1 | 3 | 8 | 17 | 4 | 10 | 1 | 5 | 5 | 11 | 21 | 7 | 8 | 3 | 2 | 6 | 6 | 6 | 10 | 8 | 3 |
| Mac | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |
| Linux | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Readme
- Source
- raw.githubusercontent.com
Sublime XssEncode
Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security.
Convert the region you selected or convert all characters.
XssEncode supports both Sublime Text 2 and 3.
Installation
Using Package Control to find, install and upgrade XssEncode is the recommended method to install this plug-in.
Otherwise, you can use the following steps manually install:
Open the Sublime Text Packages folder
- OS X: ~/Library/Application Support/Sublime Text 3/Packages/
- Windows: %APPDATA%/Sublime Text 3/Packages/
- Linux: ~/.Sublime Text 3/Packages/ or ~/.config/sublime-text-3/Packages
clone this repo
git clone https://github.com/Medicean/SublimeXssEncode.git
Rename the new folder to xssencode
ChangeLog
See more at ChangeLog
Example Commands
You can type the Command HotKeys(Win:
ctrl+shift+p, OSX: Command+shift+p),typexssencodeand choice your action。Otherwise, click the menu bartools=>XssEncodeand choice your action.
html_escapeConverts characters to their HTML entity.
eg:
a1@&=>a1@&html10_encodeConverts characters to html entity with decimal.
eg:
a1@&=>a1@&html16_encodeConverts characters to html entity with hexadecimal.
eg:
a1@&=>a1@&html_unescapeConverts html entity to characters.
eg:
aaa&=>aaa&base64_encodeUses base64 to encode into base64
eg:
a1@&=>YTFAJg==base64_decodeeg:
YTFAJg===>a1@&url_encodeeg:
alert(/xss/);=>alert%28/xss/%29%3Burl_decodeeg:
alert%28/xss/%29%3B=>alert(/xss/);string_from_char_codeeg:
alert(/xss/);=>String.fromCharCode(97,108,101,114,116,40,47,120,115,115,47,41,59)mysql_chareg:
123=>CHAR(49,50,51)You can excute the sql commands below.
select 123;select CHAR(49,50,51);oracle_chreg:
123=>CHR(49)||CHR(50)||CHR(51)You can excute the sql commands below.
select 123;select CHR(49)||CHR(50)||CHR(51);php_chrConvert characters with function chr.
eg:
Support we have a php backdoor, and the content is
<?php @eval($_REQUEST[cmd]);?>if you want to execute some commands which includes special chars, you can convert it.
ls -al=>CHR(108).CHR(115).CHR(32).CHR(45).CHR(97).CHR(108)now you can request the url below:
http://127.0.0.1/backdoor.php?cmd=system(CHR(108).CHR(115).CHR(32).CHR(45).CHR(97).CHR(108));string_to_hexConvert string to hexadecimal, it's more useful for sql injection.
eg:
root=>726f6f74now you can excute the sql commands below.
SELECT user from mysql.user where user='root';SELECT user from mysql.user where user=0x726f6f74;hex_to_stringeg:
726f6f74=>rootunicode_decodeeg:
测试=>\u6d4b\u8bd5unicode_encodeeg:
\u6d4b\u8bd5=>测试md5_encodeeg:
1=>c4ca4238a0b923820dcc509a6f75849b