Advertisement
opexxx

url_decode.py

May 2nd, 2014
340
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.58 KB | None | 0 0
  1. #!/usr/bin/env python
  2. '''
  3. This script takes a line or file and decodes the HTML encoded values - if after the HTML decoding
  4. there is a match for character substitution then it coverts them to their character representation
  5. as well as a check for basic Base64 encoding.
  6.  
  7. From:
  8. "/some/sites/page%29%20AND%202=%28SELECT%20UPPER%28
  9. %28CHR%2860%29%7C%7CCHR%2858%29%7C%7CCHR%2898%29%7C%7CCHR%28101%29%7C%7CCHR%28115%29%7C%7CCHR
  10. %2858%29%7C%7C%28SELECT%20%28CASE%20WHEN%20%282=2%29%20THEN%201%20ELSE%200%20END%29%20FROM%20DUAL%29
  11. %7C%7CCHR%2858%29%7C%7CCHR%28100%29%7C%7CCHR%28110%29%7C%7CCHR%28104%29%7C%7CCHR%2858%29%7C%7CCHR%28
  12. 62%29%29%29%20FROM%20DUAL%29%20AND%20%281=1"
  13.  
  14. To:
  15. [-] HTML Decoded version:
  16. /some/sites/page) AND 2=(SELECT UPPER((CHR(60)||CHR(58)||CHR(98)||CHR(101)||CHR(115)||CHR(58)
  17. ||(SELECT (CASE WHEN (2=2) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(100)||CHR(110)||CHR(104)||CHR
  18. (58)||CHR(62))) FROM DUAL) AND (1=1
  19.  
  20. To:
  21. [-] HTML & CHR values Decoded version:
  22. /some/sites/page) AND 2=(SELECT UPPER((<||:||b||e||s||:||(SELECT (CASE WHEN (2=2) THEN 1 ELSE
  23. 0 END) FROM DUAL)||:||d||n||h||:||>)) FROM DUAL) AND (1=1
  24. '''
  25. # url_decode.py was created by Glenn P. Edwards Jr.
  26. #       http://hiddenillusion.blogspot.com
  27. #               @hiddenillusion
  28. # Version 0.2.1
  29. # Date: 12-10-2012
  30.  
  31. import os
  32. import sys
  33. import re
  34. import urllib as ul
  35. import base64
  36.  
  37. def main():
  38.     # Get program args
  39.     if not len(sys.argv) > 1:
  40.         print "This file decodes HTML urls to view them as they normally are before being encoded."
  41.         sys.exit()
  42.     else:
  43.         input = sys.argv[1]
  44.         chr_regex = re.compile('CHR\\((\\d+)\\)')
  45.         b64_regex = re.compile('(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$')
  46.  
  47.     def pretty(line):
  48.         """
  49.        Performing/returning this on every line regardless just to provide what it looks like decoded
  50.        & because once it's decoded it may match another encoding scheme which then needs to be decoded.
  51.        """
  52.         return ul.unquote_plus(line)
  53.  
  54.     def chr_replace(match):
  55.         char_number = match.group(1)
  56.         return (chr(int(char_number)))
  57.  
  58.     def html_chr_decode(line):
  59.         return chr_regex.sub(chr_replace, line)
  60.  
  61.     def html_b64_decode(line):
  62.         # lazy little validator to try and at least strip off characters to valid beginning of Base64 so it can be decoded properly
  63.         b64_cleaner = re.sub('^[^A-Za-z0-9+]*', '', line)
  64.         return base64.b64decode(b64_cleaner)
  65.  
  66.     # Verify supplied path exists or die
  67.     if os.path.isfile(input):
  68.         if not os.path.exists(input):
  69.             print "[!] I need a file to process."
  70.             sys.exit()
  71.         else:
  72.             c = 1
  73.             with open(input, 'r') as f:
  74.                 for line in f:
  75.                     if not line.strip(): continue
  76.                     else:
  77.                         print "[+] Line (%d)" % c
  78.                         print ('-' * 15)
  79.                         print "[-] HTML Decoded version:"
  80.                         print pretty(line)
  81.                         if re.search(chr_regex, pretty(line)):
  82.                             print "[-] HTML & CHR values Decoded version:"
  83.                             try:
  84.                                 print chr_regex.sub(chr_replace, pretty(line))
  85.                             except Exception, msg:
  86.                                 print "[!] ERROR:",msg
  87.                         if re.search(b64_regex, pretty(line)):
  88.                             print "[-] HTML & Base64 Decoded version:"
  89.                             try:
  90.                                 print html_b64_decode(pretty(line))
  91.                             except Exception, msg:
  92.                                 print "[!] ERROR:",msg
  93.                         c += 1
  94.     else:
  95.         """
  96.        This is meant to be used if a single line is just passed/pasted to this script so not
  97.        keeping track of empty lines or line count
  98.        """
  99.         print
  100.         print "[-] HTML Decoded version:"
  101.         print pretty(input)
  102.         if re.search(chr_regex, pretty(input)):
  103.             print
  104.             print "[-] HTML & CHR values Decoded version:"
  105.             try:
  106.                 print html_chr_decode(pretty(input))
  107.             except Exception, msg:
  108.                 print "[!] ERROR:",msg
  109.         if re.search(b64_regex, pretty(input)):
  110.             print
  111.             print "[-] HTML & Base64 Decoded version:"
  112.             try:
  113.                 print html_b64_decode(pretty(input))
  114.             except Exception, msg:
  115.                 print "[!] ERROR:",msg
  116.  
  117. if __name__ == "__main__":
  118.     main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement