CODEWITHSUNDEEP
pythonpython-3.xloopswhile-loop
usmc0341
usmc0341

Reputation: 95

While Loops Only Iterates Correctly Once

I am working on a python script to brute force deobfuscate malicious Java Script I have been finding in security events. Long story short at one point in the process they are obfuscating the script that redirects to the payload with an XOR. So here is how I am going about this. Python:

#!/usr/bin/python
import os
import subprocess
perl = "perl -pe 's/([;\}\{])/$"
userInput = input("")
tail = (r"\n/g'")
def deobBrute():
        count = 0
        while (count < 101):
                return(str(userInput)+str(perl)+str(count)+str(tail))
                count = count + 1
output = subprocess.Popen(deobBrute(), shell=True).wait
results = 0
while (results < 101):
        print(output)
        results = results + 1

The user input I am feeding it:

cat elsePageXoffset |

elsePageXoffest is the text file I am storing the obfuscate JS in.

It only iterates once however which unless they are obfuscating with XOR^1 does me no good.

Error message for all other iterations:

<bound method Popen.wait of <subprocess.Popen object at 0x7fb65c6c9128>>

Upvotes: 1

Views: 116

Answers (2)

AlanK
AlanK

Reputation: 9833

If this is your method (your tabbing is messed up), then the function will return (str(userInput)+str(perl)+str(count)+str(tail)) straight away, and the rest of the function will not execute, consider using yield if you want to continue within the method and return more values. As yield returns a generator, you will need to iterate over the deobBrute in order to access the values

def deobBrute():
    count = 0
    while (count < 101):
        return(str(userInput)+str(perl)+str(count)+str(tail))
        count = count + 1

def deobBrute():
    count = 0
    while (count < 101):
        yield(str(userInput)+str(perl)+str(count)+str(tail))
        count = count + 1

Try something like this:

#!/usr/bin/python
import os
import subprocess
perl = "perl -pe 's/([;\}\{])/$"
userInput = input("")
tail = (r"\n/g'")

def deobBrute():
    for i in range(1, 102):
        yield "{0}{1}{2}{3}".format(userInput, perl, i, tail)

brute = deobBrute()

for i in brute:
    print(subprocess.Popen(i, shell=True))

Upvotes: 1

spelgubbe
spelgubbe

Reputation: 56

you return inside of the while loop, which means it is only going to run once

if you move the return outside of the while loop, your code should function

def deobBrute():
    count = 0
    while (count < 101):
        count = count + 1
    return(str(userInput)+str(perl)+str(count)+str(tail))

Upvotes: 0

Related Questions