Published 18 years 7 months ago • Last updated March 22, 2025 • ⏱️ 3 min read
I've been busy...real busy on Hackvertor :) so I thought it might be a good idea to explain the ideas behind it. Please note Hackvertor is currently only tested under Firefox. I may support other browsers in future.
It's many things: a conversion utility, browser hacking platform, targeted fuzzing tool, XSS filter testing tool and the list goes on. I developed it because I wanted to incorporate my style of web site testing and instead of using scripts I've had all over the place I wanted one platform to perform all my testing.
The system works with sets of categorised tags which magically perform conversions and character replacement. The idea is you feed it content and tell it to replace parts of the content with stuff that is difficult to convert without running several conversion routines on or manually coding the javascript. Take the following for example {hex}{dec}test{/dec}{/hex}, that example are the required tags in Hackvertor to perform HTML decimal encoding on "test" followed by hexadecimal entity encoding. You place the required text in the input window, select it and then click the required tags. Once that's complete you simply click convert to perform the operation.
There are so many combinations of characters, XSS combinations and encodings that filtering those out using PHP or other server side languages can prove a impossible task. Perhaps you want to create some random character fuzzing, null entity checking or simply want a random password generator.
Nested tags are now performed from inner most tag outwards, which enables correct encoding and conversion of multiple tags. Multiple lines are also now supported. Here is the current list of tags supported (these can change):-
<h4>Encode</h4> base64:Encodes the string as a base64 encoded string. bin:Converts a number to binary dec:Converts to decimal html entities hex:Converts to hexadecimal html entities hex2rgb:Converts a HTML colour to rgb uni:Creates a unicode string oct:Converts the string to octal enc:Performs url encoding on the string realenc:Performs a more comprehensive url encoding, which allows "abc" characters to be encoded for example. htmlent:Converts to standard html entities <h4>Decode</h4> d_base64:Decodes the string from base64 d_bin:Converts binary to decimal d_dec:Decodes decimal html entities into a string d_hex:Decodes hexadecimal html entities into a string d_uni:Converts a unicode string into text d_oct:Converts a octal string into text d_enc:Escapes a urlencoded string d_realenc:A pointer to d_enc performs the same operation d_htmlent:Decodes html entities <h4>Filter evasion</h4> javachar:Converts a string into a LiveConnect supported java string concat:Creates a string concatentation of whatever you supply, useful for evading filters which don't allow javascript: for example eval:This creates a eval function call without directly specifying eval, it accepts the string inside the tags as input. Useful for constructing obscured eval operations. tag:Creates a random javascript execution point using a html tag charcode2str:Converts a standard character code into a string str2charcode: Does the opposite of above <h4>Convert</h4> 2hex:Converts a number to standard hex 2oct:Converts a number to standard octal <h4>Quotes</h4> squote:Encloses single quotes around your payload dquote:Encloses double quotes bticks:Encloses back ticks, added for fuzzing purposes <h4>Fuzzing</h4> randchars:Create a random selection of unicode characters. You can specify the amount using the following: {randchars}10{/randchars} which will produce 10 random characters randnum:Random numbers, the same method can be used above randletters:Random letters randletternums:Random letters and numbers nullents:Produces a random null entity <h4>Hashing</h4> md4:Creates a md4 hash of the string md5:Creates a md5 hash of the string sha1:Creates a sha1 hash of the string <h4>Case</h4> ucfirst:Makes the first character uppercase upper:Makes all characters uppercase lower:Makes all characters lowercase mixed:Randomly chooses upper or lower case