Simple encoding/decoding techniques for Deobfuscating with Python.
helpful libs:
binascii
base64
codecs
base64:
More to come!
helpful libs:
binascii
base64
codecs
base64:
>>> import base64
>>> base64.b64encode('hello, world!')
'aGVsbG8sIHdvcmxkIQ=='
>>> base64.b64decode('aGVsbG8sIHdvcmxkIQ==')
'hello, world!'
hex <--> ascii:
>>> import binascii
>>> binascii.hexlify('hello, world!')
'68656c6c6f2c20776f726c6421'
>>> binascii.unhexlify('68656c6c6f2c20776f726c6421')
'hello, world!'
hex <--> decimal:
>>> hex(10)
'0xa'
>>> 0xa
10
>>> int('0xa',16)
10
ascii codes (int <-> ascii):
>>> chr(99)
'c'
>>> ord('c')
99
reverse string:
>>> '!dlrow ,olleh'[::-1]
'hello, world!'
find/replace:
>>> 'hell0, w0rld!'.replace('0','o')
'hello, world!'
rot13:
>>> import codecs
>>> codecs.encode('uryyb, jbeyq!', 'rot_13')
'hello, world!'
string to list of chars:
>>> list('hello, world!')
['h', 'e', 'l', 'l', 'o', ',', ' ', 'w', 'o', 'r', 'l', 'd', '!']
string to list of substrings:
>>> 'hello, world!'.split('o')
['hell', ', w', 'rld!']
xor:
>>> 0x55 ^ 0x33
102
>>> hex(0x55 ^ 0x33)
'0x66'
mid (vba):
>>> def mid(string, offset, amount):
... return string[offset:offset + amount]
...
>>> mid('hello, world!', 4, 5)
'o, wo'
upper <--> lower:
>>> 'hello, world!'.upper()
'HELLO, WORLD!'
>>> 'HELLO, WORLD!'.lower()
'hello, world!'
string concatenation:
>>> 'hello' + ', ' + 'world!'
'hello, world!'
regex:
>>> import re
>>> re.findall('[a-fA-F0-9]{5,}','tgtgtg68656c6c6f2c20776f726c6421tgtgtgt')
['68656c6c6f2c20776f726c6421']
custom alphabets:
>>> alph = 'abcdefghijklmnopqrstuvwxyz'
>>> indices = '5,14,14'.split(',')
>>> indices = [int(i) for i in indices]
>>> decoded = ''
>>> for index in indices:
... decoded += alph[index]
...
>>> print(decoded)
foo
resolving strings stored as char lists/arrays:
>>> string = ''
>>> list = [99, 109, 100]
>>> for int in list:
... string += chr(int)
...
>>> print(string)
cmd
More to come!
Comments
Post a Comment