From bf6ea35145d1cb0e328ec5b1e744299d499e0ab5 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 15 Apr 2011 13:41:50 +0000 Subject: [PATCH] adding new tool safe2bin for decoding safe encoded values --- extra/safe2bin/README.txt | 17 ++++++++ extra/safe2bin/safe2bin.py | 83 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100755 extra/safe2bin/README.txt create mode 100755 extra/safe2bin/safe2bin.py diff --git a/extra/safe2bin/README.txt b/extra/safe2bin/README.txt new file mode 100755 index 000000000..49d0fc700 --- /dev/null +++ b/extra/safe2bin/README.txt @@ -0,0 +1,17 @@ +To use safe2bin.py you need to pass it the original file, +and optionally the output file name. + +Example: + +$ python ./safe2bin.py -i output.txt -o output.txt.bin + +This will create an binary decoded file output.txt.bin. For example, +if the content of output.txt is: "\ttest\t\x32\x33\x34\nnewline" it will +be decoded to: " test 234 +newline" + +If you skip the output file name, general rule is that the binary +file names are suffixed with the string '.bin'. So, that means that +the upper example can also be written in the following form: + +$ python ./safe2bin.py -i output.txt diff --git a/extra/safe2bin/safe2bin.py b/extra/safe2bin/safe2bin.py new file mode 100755 index 000000000..129cc4a61 --- /dev/null +++ b/extra/safe2bin/safe2bin.py @@ -0,0 +1,83 @@ +#!/usr/bin/env python + +""" +$Id$ + +safe2bin.py - Simple safe(hex) to binary format converter + +Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/) +See the file 'doc/COPYING' for copying permission +""" + +import binascii +import re +import os +import sys + +from optparse import OptionError +from optparse import OptionParser + +# Regex used for recognition of hex encoded characters +HEX_ENCODED_CHAR_REGEX = r"(?P\\x[0-9A-Fa-f]{2})" + +# Raw chars that will be safe encoded to their slash (\) representations (e.g. newline to \n) +SAFE_ENCODE_SLASH_REPLACEMENTS = "\\\t\n\r\x0b\x0c" + +def safechardecode(value): + """ + Decode safe(hex) encoded values + """ + + retVal = value + if isinstance(value, basestring): + regex = re.compile(HEX_ENCODED_CHAR_REGEX) + + while True: + match = regex.search(retVal) + if match: + retVal = retVal.replace(match.group("result"), binascii.unhexlify(match.group("result").lstrip('\\x'))) + else: + break + + for char in SAFE_ENCODE_SLASH_REPLACEMENTS[::-1]: + retVal = retVal.replace(repr(char).strip('\''), char) + + elif isinstance(value, (list, tuple)): + for i in xrange(len(value)): + retVal[i] = safechardecode(value[i]) + + return retVal + +def main(): + usage = '%s -i [-o ]' % sys.argv[0] + parser = OptionParser(usage=usage, version='0.1') + + try: + parser.add_option('-i', dest='inputFile', help='Input file') + parser.add_option('-o', dest='outputFile', help='Output file') + + (args, _) = parser.parse_args() + + if not args.inputFile: + parser.error('Missing the input file, -h for help') + + except (OptionError, TypeError), e: + parser.error(e) + + if not os.path.isfile(args.inputFile): + print 'ERROR: the provided input file \'%s\' is not a regular file' % args.inputFile + sys.exit(1) + + f = open(args.inputFile, 'r') + data = f.read() + f.close() + + if not args.outputFile: + args.outputFile = args.inputFile + '.bin' + + f = open(args.outputFile, 'wb') + f.write(safechardecode(data)) + f.close() + +if __name__ == '__main__': + main()