Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: 123Next
Current Page: 1 of 3
Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: December 02, 2007 04:52AM

Here I'd like to store any feature requests for Hackvertor. So far I've got the following on my list todo:-

1. Fix bug in IE7 *Fixed* thanks to /nophun for reporting
2. Fix regular expression to allow the same tags to be used multiple times e.g. <@hex><@hex>Test<@/hex><@/hex>
3. Javascript API.
4. Web service to enable users to share and create their own tags and applications.

Any other suggestions welcome and I hope this tool becomes a great free security utility to make our lives easier :)

Recent improvements
-------------------
1. Added JS2STR tag (under convert group), it's now possible to run various conversions and then evaluate the result as javascript. Here's an example of this tag:-
<@js2str><@d_hex>&#x73&#x74&#x72&#x20&#x3D&#x27&#x68&#x65&#x6C&#x6C&#x6F&#x27&#x3B&#x66&#x6F&#x72&#x28&#x69&#x3D&#x30&#x3B&#x69&#x3C&#x31&#x30&#x3B&#x69&#x2B&#x2B&#x29&#x7B&#x20&#x73&#x74&#x72&#x2B&#x3D&#x20&#x27&#x6F&#x27&#x20&#x7D<@/d_hex><@/js2str>

2. Added tag params! This is awesome and enables stuff like:-
<@repeat(10)><@replace(#,123)><@hex>test<@/hex><@/replace><@/repeat>

Here highlights the obvious advantage of using a tag based system.

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 7 time(s). Last edit at 02/14/2008 09:44AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: nophun
Date: December 06, 2007 03:36PM

Cool works great in
IE:6/7
FF:2.0
Opera:9

One small feature requests,Just because I am a lazy lazy person.

add something like ...
Quote

<input type="button" value="highlight" onClick="javascript:this.form.output.focus();this.form.output.select();">

that might be off a bit but you get the idea.

... I told you I am lazy ;)

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: December 06, 2007 04:48PM

Good suggestion! Added. :) thx

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: nophun
Date: December 06, 2007 05:14PM

Niffty!!

Have you thought of adding .mario's xss DB ?
It it is released under Creative Commons (cc) if my memory is correct,
And I am guess he would not mind.

Having to type your own vectors is way too much work. :p
Like I stated above I am lazy.

BTW megafileupload sucks.
I am currently waiting on some hardware, Once it gets here I would be happy
to host your demo videos.( should be next week sometime ).

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: December 07, 2007 03:21AM

Yeah I did have the XSSDB vectors on there but I wanted the ability to add custom payloads etc but the XSSDB made it difficult to do. I've been talking with Mario about creating a DTD for vectors which will enable sites to share and use them more effectively.

Yeah you're right Megafileupload sucks, that would be great if you wouldn't mind hosting them! Thanks :)

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: nophun
Date: December 07, 2007 03:41PM

May I ask why are you choosing DTD over XSD ?

I have interest in working on something like this if you guys have interest
in having me .

I will send shell account once every thing is here and tested.
how much space would you need ? I was thinking 50 mb, but I am willing to go much
higher as long as you don't use it for anything shady.

/nophun

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Anonymous User
Date: December 08, 2007 01:53AM

@Gareth: I can host your stuff if you want

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: December 08, 2007 05:57AM

Thanks Mario yeah please I just need some videos hosting because Youtube etc doesn't have good enough quality to show all the detail. Cheers :)

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 03, 2008 06:56AM

New version now online
-Improved layout
-Removed unneeded features
-Added new tags
-Add clear tags option

http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 03, 2008 08:31AM

Added SQL injection stuff now :D

<@sqlcomment>SELECT<@/sqlcomment> <@sqlchar>Username<@/sqlchar> FROM Table

/**/S/**/E/**/L/**/E/**/C/**/T CHAR(0x55)+CHAR(0x73)+CHAR(0x65)+CHAR(0x72)+CHAR(0x6e)+CHAR(0x61)+CHAR(0x6d)+CHAR(0x65) FROM Table

Anymore SQL vector suggestions are welcome

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Anonymous User
Date: January 03, 2008 10:18AM

<@hex>value</@hex> would be nice!

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 03, 2008 10:30AM

Your wish is my command :)

http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PEBzcWxoZXg%2BdmFsdWU8QC9zcWxoZXg%2B

Hackvertor accepts input as URL's now as well, can anyone XSS me?

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 01/03/2008 10:32AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 14, 2008 10:52AM

I've added a minor change to the DOM object browser, it now allows you to browse an object by id. Here's how to do it:-

1. Enter <img id=x> into the output window.
2. Click test in HTML.
3. Change the object browser to ID mode from object mode.
4. Enter z in the dom object box.

This works with any DOM object, it's useful for examining the properties of any object.

Update...
Now browses the entire object

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 01/15/2008 10:25AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 16, 2008 12:29PM

I've done a complete tidy up of Hackvertor to make way for some major features in future. Here is a summary of the changes:-

1. Modified layout to allow more room for input/output windows.
2. DOM browser now hidden and available on demand.
3. Created tag object to store tag information.
4. Recoded most tags to be String prototypes for easy reuse.

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 17, 2008 07:55AM

I was THAT bored I wrote my own UTF-7 encode/decode functions in Javascript :)
They are now available as tags in Hackvertor

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: thornmaker
Date: January 17, 2008 09:16AM

Gareth, if you are that bored, perhaps you could try your hand at solving one of the millennium problems: http://www.claymath.org/millennium/



Edited 1 time(s). Last edit at 01/17/2008 09:16AM by thornmaker.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 17, 2008 10:20AM

@thornmaker

LOL I'm not intelligent enough to do that :)

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: thornmaker
Date: January 17, 2008 10:41AM

well, if you're the type of person who finds writing UTF-7 conversion code entertaining, you'll likely find the N years spent learning the background math entertaining as well :)



Edited 1 time(s). Last edit at 01/17/2008 10:42AM by thornmaker.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 17, 2008 02:02PM

I've finally sat down and tried to document the tags on Hackvertor and provide examples, it can be found here:-
http://www.thespanner.co.uk/2008/01/17/hackvertor-update/

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: tx
Date: January 17, 2008 08:51PM

@thornmaker: I've been obsessed with P vs. NP for the past 2 months, I think it will drive me crazy before I could solve. :/

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 01/17/2008 08:52PM by tx.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 18, 2008 04:43AM

Ok this is just plain awesome, I know it's my tool but c'mon how cool is this:-
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PEByZXBsYWNlKCcsJywpPjxAZmluZChbMC05XSssZ2ltKT48QG9jdD50ZXN0PEAvb2N0PjxAL2ZpbmQ%2BPEAvcmVwbGFjZT4%3D

You can use a regular expression with other tags making it really powerful.

Update...
Added all the reg exp flags as well now and syntax checking

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 2 time(s). Last edit at 01/18/2008 04:58AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: thornmaker
Date: January 18, 2008 08:49AM

good addition Gareth!

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 18, 2008 09:51AM

@thornmaker

Thanks! :)

I've also just finished auto conversion:-
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PEBoZXhfZW50KDspPk5vdyBhdXRvIGNvbnZlcnRzISEhPEAvaGV4X2VudD4%3D

Almost forgot, I've improved the layout and usability thanks to Mario for the great suggestions!!

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 01/18/2008 09:53AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 18, 2008 10:14AM

Here's a technical challenge if anyone is interested it will help with the development of Hackvertor.....

<script>
str = '<test><test>test1</test>test2</test>';
str.replace(/<\/test>/g, function($1,$2,$3) { alert($1) } )
</script>

The challenge is to match the text "test1" and then "test2" no matter how many tags are added or nested of the same or different type. The only problem is that Javascript reg exp's don't have positive lookbehind :(

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 18, 2008 01:44PM

Here's what I've got so far:-
<script>
str = '<@hex_ent(;)><@hex_ent(;)>test1<@/hex_ent><@/hex_ent><@hex_ent(;)>test2<@/hex_ent>';
str.replace(/<@\/hex_ent>/, 
function($1, $2) {
	var text = RegExp.leftContext;
	var re = new RegExp('(<@hex_ent\(.*\)>)','g')
	re.exec(text);
	var matchStart = re.lastIndex;
	text = RegExp.rightContext;
	var matchEnd = $2;
	alert(text);
});
</script>

Matches the first text ok "test1" but I've not found a way to replace the content because of the duplicate tags.

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: tx
Date: January 18, 2008 03:48PM

I wouldn't bet my life on itbeing foolproof, but this work for me:
<script>
  str = '<test><test>test1</test>test2</test>';
  str.replace(/([\w\d]*)+(?!(?!<[/]?\w*>)*([\w\d]*)(?!<[/]?\w*>))/g, function($1,$2,$3) { if($1)alert($1) } )
</script>


A similar variation for the <@hex_ent(;)>
/([\w\d]*)+(?!(?!<@[/]?hex_ent[\(.*\)]?>)*([\w\d]*)(?!<@[/]?hex_ent[\(.*\)]?>))/g

EDIT:
/([\w\d]*)+(?!(?!<@?[/]?[\w]+[\(.*\)]?>)*([\w\d]*)(?!<@?[/]?[\w]+[\(.*\)]?>))/ig
works for both test strings.

The only problem is it doesn't match text after tags ie
str = '<test><test>test1</test>test2</test>this text doesn't match';
I can't really think of how to match that text too without making it absurdly complex

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 01/18/2008 03:51PM by tx.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 18, 2008 04:07PM

@tx

Awesome stuff man! :)

I'll see if I can improve it to match the other text I doubt it though, cool stuff again

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 1 time(s). Last edit at 01/18/2008 04:43PM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 21, 2008 05:40AM

Keyboard shortcuts added
------------------------

CTL+SHIFT+Backspace
Clear Hackvertor

CTL+SHIFT+B
DOM Browser

CTL+SHIFT+C
Convert

CTL+SHIFT+E
Execute output

CTL+SHIFT+H
Test in HTML

CTL+SHIFT+I
Select input

CTL+SHIFT+O
Select output

CTL+SHIFT+S
Swap intput/output

CTL+SHIFT+T
Clear tags

CTL+SHIFT+U
Create URL

Base65
------
I've also added base64 support for other browsers now

Real time toggle
----------------
Added real time conversion toggle button

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 2 time(s). Last edit at 01/21/2008 08:51AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Gareth Heyes
Date: January 23, 2008 05:21AM

I've added full width and half width unicode conversion, check this for a demo:-

http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=Ly8gSGl0IHRoZSBleGVjdXRlIG91dHB1dCBidXR0b24gZm9yIGEgZGVtbwphbGVydCgnPEB1bmlfaHdmdz48c2NyaXB0PmFsZXJ0KDEpPC9zY3JpcHQ%2BPEAvdW5pX2h3Znc%2BJyk%3D

Any characters outside the allowed range will be converted but they won't be relevant, I may add a simple check in future but I don't think anyone will want to convert outside of normal characters like A-Z etc anyway.

Custom unicode prefixes are also now possible, enabling easy creation of unicode urlencoding or javascript escapes:-

http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PEB1bmlfaHdmdyglKT48PEAvdW5pX2h3Znc%2Bc2NyaXB0PmFsZXJ0KDEpPC9zY3JpcHQ%2B

I've modified the prefixes to allow entities as well :)
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PCEtLSBIaXQgSFRNTCBUZXN0IGJ1dHRvbiBmb3IgZGVtbyAtLT4KPEB1bmlfaHdmdygmI3gpPmphdmFzY3JpcHQ8QC91bmlfaHdmdz4%3D

It annoyed me that you couldn't directly convert the characters as well so...
http://www.businessinfo.co.uk/labs/hackvertor/hackvertor.php?input=PEB1bmlfaHdmd19jaGFycz4iPjxzY3JpcHQ%2BYWxlcnQoMSk8L3NjcmlwdD48QC91bmlfaHdmd19jaGFycz4%3D

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 3 time(s). Last edit at 01/23/2008 10:30AM by Gareth Heyes.

Options: ReplyQuote
Re: Hackvertor - Feature requests & bugs please post here
Posted by: Anonymous User
Date: February 09, 2008 08:55AM

Hi!

I am having problems with the base64 input and IE6/7 - I didn't check the sources but I assume you use atob()/btoa() for conversion.

Here's a method to do this natively - shamelessly borrowed from CAL9000:

/*
 * Converts Encoded Base64 to Plaintext.
 */
function decodeBase64(source) {

	var b64Str = '';
	var b64Convert = 0;
	var binResult = '';
	var remainder = 0;
	var binConvert = '';
	var decResult = 0;
	var plainResult = '';

	if ((source != '') && (typeof source != typeof undefined)) {
		// Very basic check to see if a valid Base64 hash.
		if ((source.length % 4) != 0) {
			displayMessage('Not a Base64 Hash');
			return document.ENCODE.plain.value;
		}
	
		source = altB64Dec(source);
		
		// Remove padding at end of input string.
		b64Str = source.replace(/\=/g, '');
		var b64Len = b64Str.length;
	
		for (var i=0; i < b64Len; i++) {
			// Get the index of the Base64 character from the array above.
			if (base64Chars.indexOf) { 
				b64Convert = base64Chars.indexOf(b64Str.charAt(i));
			} else {
				// Some browsers cannot process "indexOf" function.
				b64Convert = base64CharsXindexOf(b64Str.charAt(i));
			}
	
			// Convert index value to 6-bit binary string.
			for (var j=0; j < 6; j++) {
				if (b64Convert >= Math.pow(2,5-j)) {
					binResult += '1';
					b64Convert -= Math.pow(2,5-j);
				} else {
					binResult += '0';
				}
			}
		}
		// Check if binary string is a multiple of 8.
		remainder = (binResult.length % 8);
		
		// Remove trailing zeros until binary string is a multiple of 8.
		while (remainder != 0) {
			binResult = binResult.substring(0, (binResult.length-1));
			remainder = (binResult.length % 8);
		}
	
		while (binResult.length > 0) {
			// Process resulting binary string 8 bits at a time.
			binConvert = binResult.substr(0,8);
	
			// Convert each 8-bit binary string to its decimal equivalent.
			for (var k=0; k<8; k++) {
				if (binConvert.charAt(k) == '1') {
					decResult = (decResult + Math.pow(2,(7-k)));
				} 
			}
			// Convert decimal to plaintext and append to result.
			plainResult += String.fromCharCode(decResult);
		
			// Reset decimal result.
			decResult = 0;
			// Shave off 8-bit chunk we processed above.
			binResult = binResult.substring(8, binResult.length);
		}
 	}
 	return plainResult;
}

Options: ReplyQuote
Pages: 123Next
Current Page: 1 of 3


Sorry, only registered users may post in this forum.