Bypass email server filtering provided you have a JDK installed

A few days ago I was facing a funny issue at a client :
  • No usb key access
  • Only CDROM Drive, but I replaced my laptop CDROM by an hardrive
  • Mail attachment agressively scanned and filtered
So the project binaries I had to deliver (that contains .bat files, .jar, which are likely to cause the rejection) was rejected by the mail server.

So I had the idea to make a base64 encoding of the zip file, zip the text resutlt and send it by email...
and it did work ;)

The only requirement is to have a JDK on the traget machine.

I used the SUN.MISC version as it's shipped with the JDK and requires no additional jar.

So Open a text editor, paste the following code : 

import java.io.*;
import sun.misc.BASE64Encoder;

public class EncodeFileWithBase64 {
    public static void main(String[] args) throws Exception {
 if (args.length < 2) {
     System.out.println("Usage: java EncodeFileWithBASE64 <inputfile> <outputfile>");
     return;
 }

 String inputFile = args[0];
 String outputFile = args[1];

 BASE64Encoder encoder = new BASE64Encoder();
 encoder.encode(
     new FileInputStream(inputFile),
     new FileOutputStream(outputFile)
 );
    }
}

Save it in EncodeFileWithBase64.java

Open another text editor and paste the following code :

import java.io.*; 
import sun.misc.BASE64Encoder; 
import sun.misc.BASE64Decoder; 
  
public class DecodeFileWithBase64 { 
    public static void main(String[] args) throws Exception { 
        if (args.length < 2) { 
            System.out.println("Usage: java DecodeFileWithBASE64 <inputfile> <outputfile>"); 
            return; 
        } 
  
        String inputFile = args[0]; 
        String outputFile = args[1]; 
  
        BASE64Decoder decoder = new BASE64Decoder(); 
        
        decoder.decodeBuffer(new FileInputStream(inputFile), 
        new FileOutputStream(outputFile)); 
        
    } 
} 

And save it to DecodeFileWithBase64.java
Copiy also a small .rar file to make a test so that we can test the integrity of the process


C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:06    <dir>          .
20/04/2012  22:06    <dir>          ..
20/04/2012  22:05               613 DecodeFileWithBase64.java
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               3 File(s)        268 873 bytes
               2 Dir(s)  13 491 298 304 bytes free

C:\temp\base64>c:\dev\jdk1.6.0_25\bin\javac.exe *.java
DecodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:3: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Decoder;
               ^
EncodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
        ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
                                    ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
        ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
                                    ^
7 warnings

C:\temp\base64>
C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:07    <dir>          .
20/04/2012  22:07    <dir>          ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               5 File(s)        270 491 bytes
               2 Dir(s)  13 490 741 248 bytes free

C:\temp\base64>

Warning are normal are these class are not supposed to be used.

Now make a test :

C:\temp\base64>java EncodeFileWithBase64 etc1tool.rar etc1tool.rar.txt

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:15              .
20/04/2012  22:15              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
               6 File(s)        303 564 bytes
               2 Dir(s)  13 488 807 936 bytes free

C:\temp\base64>
check the produce file, it's a text file :
UmFyIRoHAJvXc0gADQAAAAAAAAB4DXSAgCwAyucBAAAWBAACtdHsHZtGfkAdNQwAIAAAAGV0YzF0
b29sLmV4ZRglkRTMyNmcGCJXxjicFBoBgOEZIy2BZKQBsJSxkZam3G3AI6JNDbhAYFtK67LAs8gl
...
Kvxhs8e6Pi+mM5R3mynJQuXpCFu5svGg1zFS/peYfl2J/Cbr3TZDIsMOJ4SXDwRK9CHm7q8iruk5
E/Rs2mZWjv9Wkiner6lw+Bj3pSb3i8Q9ewBABwA=
Decode the produced file :
C:\temp\base64>java DecodeFileWithBase64 etc1tool.rar.txt etc1tool_decoded.rar

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:20              .
20/04/2012  22:20              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
20/04/2012  22:20           127 025 etc1tool_decoded.rar
               7 File(s)        430 589 bytes
               2 Dir(s)  13 486 784 512 bytes free

C:\temp\base64>
Open the produced file and check for error :



No error ! Now you can send it by mail, it will pass as the mail gateway will only see an archive with text inside...

Comments

Popular posts from this blog

setup tomcat6 (with native library) with apache2 integration

Open ssh connection through proxy with NTML authentication

Open a SSH connection through an http proxy and dig tunnels :)