1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import string
import urllib
def help():
print("1.数字异或")
print("2.所有标点集异或")
def XOR_1():
payload = input("payload:")
strlist = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, \
20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 35, 36, 37, 38, \
40, 41, 42, 43, 44, 45, 46, 47, 58, 59, 60, 61, 62, 63, 64, 91, 93, 94, 95, 96, 123, 124, 125, 126, 127]
# strlist是ascii表中所有非字母数字的字符十进制
str1,str2 = '',''
for char in payload:
for i in strlist:
for j in strlist:
if(i ^ j == ord(char)):
i = '%{:0>2}'.format(hex(i)[2:])
j = '%{:0>2}'.format(hex(j)[2:])
print("('{0}'^'{1}')".format(i,j),end=".")
break
else:
continue
break
def XOR_2():
char = string.printable
# 返回所有标点集,数字,ascii_letters和空格
# 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&'()*+, -./:;<=>?@[\]^_`{|}~
payload = input("payload:")
tmp1,tmp2 = '',''
for res in payload:
for i in char:
for j in char:
if(ord(i)^ord(j) == ord(res)):
tmp1 += i
tmp2 += j
break
else:
continue
break
print("('{}'^'{}')".format(tmp1,tmp2))
if "__main__" == __name__:
def demo(argv):
if len(argv)<1:
help()
sys.exit()
try:
if(sys.argv[1] == "1"):
XOR_1()
elif(sys.argv[1] == "2"):
XOR_2()
else:
pass
except:
sys.exit()
demo(sys.argv[1:])
|
main1o