--show-payloads turns my terminal green about zsc HOT 7 CLOSED

Thanks @CodeMaxx.

from zsc.

Hi Brian,

Thanks for your report, First I want just notice that you can grep the payloads by witn own zsc command

python zsc.py --show-payloads linux_x86

here are more samples:

Search windows_x86 shellcodes: python zsc.py --show-payloads windows_x86 (this need exact os name or you can use pattern)
or search a word with pattern:

python zsc.py -l windows*
python zsc.py -l *exec*
python zsc.py -l *xor_random

That's weird, I don't have problem with python zsc.py --show-payloads *linux_x86/system/none, but using grep will makes the problem!

• notice: to search a specific payload please use one or two star(s) *

python zsc.py --show-payloads *linux_x86/system/none
python zsc.py --show-payloads linux_x86/system/none*
python zsc.py --show-payloads *linux_x86/system/none*

from zsc.

Hi Brian again, I've found this problem in here, it's because of \n is end of the printing line.

the line is info(payload+'\n') , if we go inside of info() we can see:

def info(content):
    sys.stdout.write(color.color('yellow') + '[+] ' + color.color('green') +
                     content + color.color('reset'))
    return

it's color + content + color but in our case is color + content + \n + color, by using grep we could catch the line which is including out search pattern linux_x86/system/none and our lines are same:

color + content
reset color + color + content
reset color + color + content
reset color + color + content

as I referred this problem could be solved by using zsc --show-payloads *linux_x86/system/none* or any solution for fixing this in info()?

I was thinking about replacing \n with reset color+\n but it's not a good idea...

@sizzop @jowasp @Pratik151 @paraschetal @CodeMaxx any idea ?

from zsc.

@Ali-Razmjoo I'm unable to reproduce this. Ok now I can.

from zsc.

@Ali-Razmjoo What we can do is to modify the info() function to remove \ns at the end of content and add same no. of \n after color.color('reset')

from zsc.

Hey Akash, I think one solution could be like this (check the last char if it's \n and replace it with color.color('reset') + '\n' ):

def info(content):
    content =  content[:-1] + color.color('reset') + '\n' if (content[-1] == '\n') else content
    sys.stdout.write(color.color('yellow') + '[+] ' + color.color('green') +
                     content + color.color('reset'))
    return

I think content = content[:-1] + color.color('reset') + '\n' if (content[-1] == '\n') else content should be add to all stdout functions, or if anyone have better idea ?

from zsc.

@Ali-Razmjoo Yeah thats exactly what I mean ... except that we count the newline characters at the end of content because if there are multiple newlines then we need to remove all of them.

Number of newline chars at the end = len(content) - len(content.rstrip("\n"))

from zsc.