So we have found the base64 string “SGVsbG9Xb3JsZCE=” on a locked down workstation and we want to decode. Quite often we don’t have access to tools so here’s a list of ways to decode the string using various languages.
Python
12>>> import base64 >>> base64.b64decode("SGVsbG9Xb3JsZCE=")PowerShell
12PS > [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("SGVsbG9Xb3JsZCE=")) blahblahPerl
12use MIME::Base64; print decode_base64("SGVsbG9Xb3JsZCE=");BASH
1echo SGVsbG9Xb3JsZCE= | base64 --decodephp
1echo base64_decode("SGVsbG9Xb3JsZCE=");C#
12byte[] data = Convert.FromBase64String("SGVsbG9Xb3JsZCE=");… Continue readingSo you’ve got oclHashcat and you want to practice cracking hashes but you’ve got no hashes? Fear not! There are hashes listed below for you to play with or if you would like to generate hashes yourself download my perl module here and have a play with making them and then cracking yourself: svn checkout http://hashcat-passgen.googlecode.com/svn/trunk/ hashcat-passgen Direct link to code here. (Big thanks to atom at hashcat.net for giving… Continue reading
I often find that when I get access to a DB I dont know how to control it, I always end up typing in the wrong commands or having to quickly google what i want to do. Thus, I thought it would make sense to write up a quick cheat sheet, especially when sometimes with SQLi you need to be as careful with your commands as possible. This write up… Continue reading