XORpass : Encoder To Bypass WAF Filters Using XOR Operations

XORpass is an encoder to bypass WAF filters using XOR operations.

Installation & Usage

git clone https://github.com/devploit/XORpass
cd XORpass

$ php encode.php STRING
$ php decode.php “XORed STRING”

Example of bypass

Using clear PHP function:

Also Read – JSONBee : A Ready To Use JSONP Endpoints/Payloads To Help Bypass Content Security Policy Of Different Websites

Using XOR bypass of that function:

$ php encode.php system # return A
$ php encode.php ls # return B

payload == A(B)

Why does PHP treat our payload as a string?

The ^ is the exclusive or operator, which means that we’re in reality working with binary values. So lets break down what happens.

The XOR operator on binary values will return 1 where just one of the bits were 1, otherwise it returns 0 (0^0 = 0, 0^1 = 1, 1^0 = 1, 1^1 = 0). When you use XOR on characters, you’re using their ASCII values. These ASCII values are integers, so we need to convert those to binary to see what’s actually going on.

A = 65 = 1000001
S = 83 = 1010011
B = 66 = 1000010

A 1000001
^
S 1010011
^
B 1000010
——————————
result 0010010 = 80 = P

A^S^B = P

If we do an ‘echo “A”^”S”^”B”;’ PHP will return us a P as we see.

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

12 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

14 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

16 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

16 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

16 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago