#!/usr/bin/perl -Tw # Jon Hart # # Simple perl script to decode a string or file # from hex to its ascii equivalent. # # Especially useful for decoding web attacks, i.e.: # # http://somesite/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%57%49%4e%44%4f%57%53%2f%73%79%73%74%65%6d%33%32%2f%63%6d%64%2e%65%78%65%2b%64%69%72%2b%63%3a # # is actually... # # http://somesite/../../../../../../WINDOWS/system32/cmd.exe+dir+c: # use strict; if ($ARGV[0]) { my $file = $ARGV[0]; open(FILE, "< $file") or die "Couldn't open $file: $!\n"; while () { decode($_); } close(FILE); } else { while (<>) { decode($_); } } sub decode { my $string = shift; chomp($string); map { print(chr(hex("$_"))) } split(/\%/, $string); print("\n"); }