XssEncode
Converts characters from one encoding to another using a transformation.
Details
Installs
- Total 5K
- Win 4K
- Mac 641
- Linux 308
Nov 10 | Nov 9 | Nov 8 | Nov 7 | Nov 6 | Nov 5 | Nov 4 | Nov 3 | Nov 2 | Nov 1 | Oct 31 | Oct 30 | Oct 29 | Oct 28 | Oct 27 | Oct 26 | Oct 25 | Oct 24 | Oct 23 | Oct 22 | Oct 21 | Oct 20 | Oct 19 | Oct 18 | Oct 17 | Oct 16 | Oct 15 | Oct 14 | Oct 13 | Oct 12 | Oct 11 | Oct 10 | Oct 9 | Oct 8 | Oct 7 | Oct 6 | Oct 5 | Oct 4 | Oct 3 | Oct 2 | Oct 1 | Sep 30 | Sep 29 | Sep 28 | Sep 27 | Sep 26 | |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Windows | 1 | 0 | 75 | 76 | 67 | 65 | 25 | 2 | 3 | 2 | 30 | 18 | 12 | 13 | 1 | 1 | 9 | 15 | 22 | 6 | 2 | 2 | 2 | 4 | 8 | 12 | 5 | 4 | 4 | 4 | 13 | 6 | 10 | 3 | 4 | 3 | 0 | 7 | 1 | 4 | 10 | 3 | 1 | 3 | 5 | 9 |
Mac | 0 | 0 | 1 | 1 | 1 | 0 | 1 | 0 | 0 | 0 | 2 | 1 | 2 | 1 | 0 | 0 | 2 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Linux | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Readme
- Source
- raw.githubusercontent.com
Sublime XssEncode
Converts characters from one encoding to another using a transformation. This tool will help you encode payloads in testing sql injections, XSS holes and site security.
Convert the region you selected or convert all characters.
XssEncode supports both Sublime Text 2 and 3.
Installation
Using Package Control to find, install and upgrade XssEncode is the recommended method to install this plug-in.
Otherwise, you can use the following steps manually install:
Open the Sublime Text Packages folder
- OS X: ~/Library/Application Support/Sublime Text 3/Packages/
- Windows: %APPDATA%/Sublime Text 3/Packages/
- Linux: ~/.Sublime Text 3/Packages/ or ~/.config/sublime-text-3/Packages
clone this repo
git clone https://github.com/Medicean/SublimeXssEncode.git
Rename the new folder to xssencode
ChangeLog
See more at ChangeLog
Example Commands
You can type the Command HotKeys(Win:
ctrl+shift+p
, OSX: Command+shift+p),typexssencode
and choice your action。Otherwise, click the menu bartools
=>XssEncode
and choice your action.
html_escape
Converts characters to their HTML entity.
eg:
a1@&
=>a1@&
html10_encode
Converts characters to html entity with decimal.
eg:
a1@&
=>a1@&
html16_encode
Converts characters to html entity with hexadecimal.
eg:
a1@&
=>a1@&
html_unescape
Converts html entity to characters.
eg:
aaa&
=>aaa&
base64_encode
Uses base64 to encode into base64
eg:
a1@&
=>YTFAJg==
base64_decode
eg:
YTFAJg==
=>a1@&
url_encode
eg:
alert(/xss/);
=>alert%28/xss/%29%3B
url_decode
eg:
alert%28/xss/%29%3B
=>alert(/xss/);
string_from_char_code
eg:
alert(/xss/);
=>String.fromCharCode(97,108,101,114,116,40,47,120,115,115,47,41,59)
mysql_char
eg:
123
=>CHAR(49,50,51)
You can excute the sql commands below.
select 123;
select CHAR(49,50,51);
oracle_chr
eg:
123
=>CHR(49)||CHR(50)||CHR(51)
You can excute the sql commands below.
select 123;
select CHR(49)||CHR(50)||CHR(51);
php_chr
Convert characters with function chr.
eg:
Support we have a php backdoor, and the content is
<?php @eval($_REQUEST[cmd]);?>
if you want to execute some commands which includes special chars, you can convert it.
ls -al
=>CHR(108).CHR(115).CHR(32).CHR(45).CHR(97).CHR(108)
now you can request the url below:
http://127.0.0.1/backdoor.php?cmd=system(CHR(108).CHR(115).CHR(32).CHR(45).CHR(97).CHR(108));
string_to_hex
Convert string to hexadecimal, it's more useful for sql injection.
eg:
root
=>726f6f74
now you can excute the sql commands below.
SELECT user from mysql.user where user='root';
SELECT user from mysql.user where user=0x726f6f74;
hex_to_string
eg:
726f6f74
=>root
unicode_decode
eg:
测试
=>\u6d4b\u8bd5
unicode_encode
eg:
\u6d4b\u8bd5
=>测试
md5_encode
eg:
1
=>c4ca4238a0b923820dcc509a6f75849b