Bypass email server filtering provided you have a JDK installed

-
A few days ago I was facing a funny issue at a client :
  • No usb key access
  • Only CDROM Drive, but I replaced my laptop CDROM by an hardrive
  • Mail attachment agressively scanned and filtered
So the project binaries I had to deliver (that contains .bat files, .jar, which are likely to cause the rejection) was rejected by the mail server.

So I had the idea to make a base64 encoding of the zip file, zip the text resutlt and send it by email...
and it did work ;)

The only requirement is to have a JDK on the traget machine.

I used the SUN.MISC version as it's shipped with the JDK and requires no additional jar.

So Open a text editor, paste the following code : 

import java.io.*;
import sun.misc.BASE64Encoder;

public class EncodeFileWithBase64 {
    public static void main(String[] args) throws Exception {
 if (args.length < 2) {
     System.out.println("Usage: java EncodeFileWithBASE64 <inputfile> <outputfile>");
     return;
 }

 String inputFile = args[0];
 String outputFile = args[1];

 BASE64Encoder encoder = new BASE64Encoder();
 encoder.encode(
     new FileInputStream(inputFile),
     new FileOutputStream(outputFile)
 );
    }
}

Save it in EncodeFileWithBase64.java

Open another text editor and paste the following code :

import java.io.*; 
import sun.misc.BASE64Encoder; 
import sun.misc.BASE64Decoder; 
  
public class DecodeFileWithBase64 { 
    public static void main(String[] args) throws Exception { 
        if (args.length < 2) { 
            System.out.println("Usage: java DecodeFileWithBASE64 <inputfile> <outputfile>"); 
            return; 
        } 
  
        String inputFile = args[0]; 
        String outputFile = args[1]; 
  
        BASE64Decoder decoder = new BASE64Decoder(); 
        
        decoder.decodeBuffer(new FileInputStream(inputFile), 
        new FileOutputStream(outputFile)); 
        
    } 
}

And save it to DecodeFileWithBase64.java
Copiy also a small .rar file to make a test so that we can test the integrity of the process


C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:06    <dir>          .
20/04/2012  22:06    <dir>          ..
20/04/2012  22:05               613 DecodeFileWithBase64.java
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               3 File(s)        268 873 bytes
               2 Dir(s)  13 491 298 304 bytes free

C:\temp\base64>c:\dev\jdk1.6.0_25\bin\javac.exe *.java
DecodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:3: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Decoder;
               ^
EncodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
        ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
                                    ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
        ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
                                    ^
7 warnings

C:\temp\base64>
C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:07    <dir>          .
20/04/2012  22:07    <dir>          ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               5 File(s)        270 491 bytes
               2 Dir(s)  13 490 741 248 bytes free

C:\temp\base64>

Warning are normal are these class are not supposed to be used.

Now make a test :

C:\temp\base64>java EncodeFileWithBase64 etc1tool.rar etc1tool.rar.txt

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:15              .
20/04/2012  22:15              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
               6 File(s)        303 564 bytes
               2 Dir(s)  13 488 807 936 bytes free

C:\temp\base64>
check the produce file, it's a text file : 
UmFyIRoHAJvXc0gADQAAAAAAAAB4DXSAgCwAyucBAAAWBAACtdHsHZtGfkAdNQwAIAAAAGV0YzF0
b29sLmV4ZRglkRTMyNmcGCJXxjicFBoBgOEZIy2BZKQBsJSxkZam3G3AI6JNDbhAYFtK67LAs8gl
...
Kvxhs8e6Pi+mM5R3mynJQuXpCFu5svGg1zFS/peYfl2J/Cbr3TZDIsMOJ4SXDwRK9CHm7q8iruk5
E/Rs2mZWjv9Wkiner6lw+Bj3pSb3i8Q9ewBABwA=
Decode the produced file : 
C:\temp\base64>java DecodeFileWithBase64 etc1tool.rar.txt etc1tool_decoded.rar

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:20              .
20/04/2012  22:20              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
20/04/2012  22:20           127 025 etc1tool_decoded.rar
               7 File(s)        430 589 bytes
               2 Dir(s)  13 486 784 512 bytes free

C:\temp\base64>
Open the produced file and check for error :



No error ! Now you can send it by mail, it will pass as the mail gateway will only see an archive with text inside...

Comments

Post a Comment

Popular posts from this blog

Upgrade Slimframework v3 to v4, how I did it

-
Here is an article that details my path to upgrade to Slimframework v3 to v4. I'm developing on my freetime an application that manage the fundraising of the French Red Cross, and I'm updating a lot of frameworks to their last version (AngularJS to Angular 8/9 is my big next move). You can find the project sources here : https://github.com/dev-mansonthomas/RedCrossQuest There’s quite a lot of breaking changes involved, feature removed in profit to external frameworks, the upgrade documentation is quite minimal, but you must read it to understand what's changing : http://www.slimframework.com/docs/v4/start/upgrade.html This article is not well redacted, it’s just a log of what I did to achieve the upgrade, but I feel it may help some, so here we are ;) What I've read to perform the upgrade I’ve read theses article to help the transition to the 4.x  https://akrabat.com/a-first-look-at-slim-4/ https://dzone.com/articles/a-first-look-at-slim-4 ...
Read more

Reset Bacula database and files

-
Image
Today I need to purge my bacula for several reasons. Here is how I did. First backup the database and files used in your previous setup, one never knows you might actually need it after the purge... /usr/bin/mysqldump -aecqQ bacula > bacula_before_purge.sql and copy the volumes and bsr files. Stop bacula : service bacula-director stop service bacula-fd stop service bacula-sd stop then : mysql -u root -p drop database bacula; create database bacula; quit next we need to recreate bacula tables. There's a bacula script to do that, but the file needs to be changed to set the correct database name. cp /usr/share/bacula-director/make_mysql_tables ~/ vi ~/make_mysql_tables change XXX_DBNAME_XXX by your bacula database (let's say 'bacula') save and exit. then run as root the script ~/make_mysql_tables it should have recreated the tables : mysql -u root -p use bacula; show tables; +------------------+ | Tables_in_bacula | +-----------...
Read more

Limit the upload bandwidth of your apache webserver with mod_bw

-
Image
I've a server at home on a ADSL connection which has 100kBytes/s of upload and 1.2MBytes/s of download as bandwidth. If someone download at full speed some large file on my web server, my internet connection become unusable. To avoid this, I start to ask my friends to use a download manager to limit their download speed... but it's somewhat far too tricky for a lot of them... So I use mod_bw developed by Ivan Barrera http://www.ivn.cl/apache/ (sourceforge : http://bwmod.sourceforge.net/ ). Here is a quick way to limit the bandwidth used by Apache : Install & enable (on Ubuntu): sudo apt-get install libapache2-mod-bw sudo a2enmod bw Configure (your apache virtualhost conf file like /etc/apache2/sites-available/default) : <virtualhost *:80> #... other config stuf for the virtual host BandWidthModule On ForceBandWidthModule On BandWidth 192.168.0.0/24 0 BandWidth all 80000 </virtualhost> Explaination : line 1 : Activate the mod for the virtualhost. line 2 : Set a...
Read more