RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
Xorsearch
Jul 20, 2023
Search for a given string in an XOR or ROL encoded binary file
XORSearch is a program to search for a given string in an XOR or ROL encoded binary file. An XOR encoded binary file is a file where some or all bytes have been XORed with a constant value the key. A ROL or ROR encoded file has it bytes rotated by a certain number of bits the key. XOR and ROL/ROR encoding is used by malware programmers to obfuscate strings like URLs.
XORSearch will try all XOR keys 0 to 255 and ROL keys 1 to 7 when searching. I programmed XORSearch to include key 0, because this allows to search in an unencoded binary file X XOR 0 equals X.
If the search string is found, XORSearch will print it until the 0 byte zero is encountered or until 50 characters have been printed, which ever comes first. 50 is the default value, it can be changed with option -l. Unprintable characters are replaced by a dot.
Checkout these related ports:
- Zzuf - Transparent application input fuzzer
- Zlint - X.509 certificate linter
- Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
- Zenmap - GUI frontend for the Nmap scanning utility
- Zeek - System for detecting network intruders in real-time
- Zaproxy - The OWASP zed attack proxy
- Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
- Yubikey-personalization-gui - Graphical YubiKey personalization tool
- Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
- Yubikey-agent - Seamless ssh-agent for YubiKeys
- Yubico-piv-tool - Yubico PIV tool
- Ylva - Command line password manager and file encryption program
- Ykpers - Library and tool for personalization of Yubico's YubiKey
- Ykclient - Yubico C client library
- Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)