Penetration Testing mailing list archives
utf-8 legal and illegal encoding generator
From: Chan Fook Sheng <chanfooksheng () pacific net sg>
Date: Fri, 07 May 2004 16:27:19 +0800
HiAs you may know, one of the method used in PT is malicious url encoding, which includes illegal unicode encoding.
an example will be the "/" character is 47 in decimal, 2F in hex in ASCII. It can be represented in UTF-8 format as: 1 byte: still 2F (legal) 2 bytes: C0 AF (illegal) 3 bytes: E0 80 AF (illegal)So in PT, I think it would be convenient if there is a tool that will generate the 1, 2 and 3 byte utf-8 encoding for an given ASCII character.
does this kind of tools exists? can anyone direct me to some links? fook sheng ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- utf-8 legal and illegal encoding generator Chan Fook Sheng (May 07)