All geek questions in one place

How to distinguish between different encodings / serialization / etc?

Are there all types of decoders for data formats such as Base64, ASP EventValidation object, XML serialization or otherwise? Is there a simple test I can do?

For example, I have a line here, this is part of a cgi-based web form, it is clearly hex (full size 5kb): 52616e646f6d49567ef61b360522ae5ae69064f0ecb664a831c4196dad319215013aa8d04726b5d54ed673dad2004726c35e66d8b19c5177a331b24988f3cf11871084f6cc9ff808baf5cdee83f031a56dc42b65ee5309f1f1

I have no idea what it is, hex to ascii gives me even more nonsense, sort of Ra_d__IVo6"Odd1_1/G&?sG&OfQw1I1_eS, this is obviously not the base line of 64 ...

The main question is: is there a method different from searching for different types, trying and guessing it?

edit: I think this string is perpendicular based encrypted data, 52616e646f6d4956but my question is not what the string is, but rather how can I easily say these things.

+3
source share
2 answers

You can develop your own heuristic algorithm. Like a virus writer. It does not work 100%, but over time it should improve. For example, you can take a string and note that it contains only characters from the hexadecimal alphabet, mark it for encryption, fasten with a zipper or something else that is associated with a hexadecimal character set.

, N . , , , , . , /, .

, . , zip . , , , .

. TCP. , . () , /. , "", , , , , , , , "".

+1

. , , base-64, . , Unicode/code-page.

Xml json, , (, , /). , --HTML .

; , ? ? Zip? ; , ? ?

?

; gzip? ? ?

; , , - , tryharshark. , .

+1

Source: https://habr.com/ru/post/1776288/

More articles:


All Articles