Bypass email server filtering provided you have a JDK installed

-
A few days ago I was facing a funny issue at a client :
  • No usb key access
  • Only CDROM Drive, but I replaced my laptop CDROM by an hardrive
  • Mail attachment agressively scanned and filtered
So the project binaries I had to deliver (that contains .bat files, .jar, which are likely to cause the rejection) was rejected by the mail server.

So I had the idea to make a base64 encoding of the zip file, zip the text resutlt and send it by email...
and it did work ;)

The only requirement is to have a JDK on the traget machine.

I used the SUN.MISC version as it's shipped with the JDK and requires no additional jar.

So Open a text editor, paste the following code : 

import java.io.*;
import sun.misc.BASE64Encoder;

public class EncodeFileWithBase64 {
    public static void main(String[] args) throws Exception {
 if (args.length < 2) {
     System.out.println("Usage: java EncodeFileWithBASE64 <inputfile> <outputfile>");
     return;
 }

 String inputFile = args[0];
 String outputFile = args[1];

 BASE64Encoder encoder = new BASE64Encoder();
 encoder.encode(
     new FileInputStream(inputFile),
     new FileOutputStream(outputFile)
 );
    }
}

Save it in EncodeFileWithBase64.java

Open another text editor and paste the following code :

import java.io.*; 
import sun.misc.BASE64Encoder; 
import sun.misc.BASE64Decoder; 
  
public class DecodeFileWithBase64 { 
    public static void main(String[] args) throws Exception { 
        if (args.length < 2) { 
            System.out.println("Usage: java DecodeFileWithBASE64 <inputfile> <outputfile>"); 
            return; 
        } 
  
        String inputFile = args[0]; 
        String outputFile = args[1]; 
  
        BASE64Decoder decoder = new BASE64Decoder(); 
        
        decoder.decodeBuffer(new FileInputStream(inputFile), 
        new FileOutputStream(outputFile)); 
        
    } 
}

And save it to DecodeFileWithBase64.java
Copiy also a small .rar file to make a test so that we can test the integrity of the process


C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:06    <dir>          .
20/04/2012  22:06    <dir>          ..
20/04/2012  22:05               613 DecodeFileWithBase64.java
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               3 File(s)        268 873 bytes
               2 Dir(s)  13 491 298 304 bytes free

C:\temp\base64>c:\dev\jdk1.6.0_25\bin\javac.exe *.java
DecodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:3: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Decoder;
               ^
EncodeFileWithBase64.java:2: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
               ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
        ^
DecodeFileWithBase64.java:15: warning: sun.misc.BASE64Decoder is Sun proprietary API and may be removed in a future release
        BASE64Decoder decoder = new BASE64Decoder();
                                    ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
        ^
EncodeFileWithBase64.java:14: warning: sun.misc.BASE64Encoder is Sun proprietary API and may be removed in a future release
        BASE64Encoder encoder = new BASE64Encoder();
                                    ^
7 warnings

C:\temp\base64>
C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:07    <dir>          .
20/04/2012  22:07    <dir>          ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
               5 File(s)        270 491 bytes
               2 Dir(s)  13 490 741 248 bytes free

C:\temp\base64>

Warning are normal are these class are not supposed to be used.

Now make a test :

C:\temp\base64>java EncodeFileWithBase64 etc1tool.rar etc1tool.rar.txt

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:15              .
20/04/2012  22:15              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
               6 File(s)        303 564 bytes
               2 Dir(s)  13 488 807 936 bytes free

C:\temp\base64>
check the produce file, it's a text file : 
UmFyIRoHAJvXc0gADQAAAAAAAAB4DXSAgCwAyucBAAAWBAACtdHsHZtGfkAdNQwAIAAAAGV0YzF0
b29sLmV4ZRglkRTMyNmcGCJXxjicFBoBgOEZIy2BZKQBsJSxkZam3G3AI6JNDbhAYFtK67LAs8gl
...
Kvxhs8e6Pi+mM5R3mynJQuXpCFu5svGg1zFS/peYfl2J/Cbr3TZDIsMOJ4SXDwRK9CHm7q8iruk5
E/Rs2mZWjv9Wkiner6lw+Bj3pSb3i8Q9ewBABwA=
Decode the produced file : 
C:\temp\base64>java DecodeFileWithBase64 etc1tool.rar.txt etc1tool_decoded.rar

C:\temp\base64>dir
 Volume in drive C is SSD 150GB
 Volume Serial Number is E4B6-8C1D

 Directory of C:\temp\base64

20/04/2012  22:20              .
20/04/2012  22:20              ..
20/04/2012  22:07               812 DecodeFileWithBase64.class
20/04/2012  22:05               613 DecodeFileWithBase64.java
20/04/2012  22:07               806 EncodeFileWithBase64.class
19/04/2012  23:36               484 EncodeFileWithBase64.java
20/04/2012  22:12           127 025 etc1tool.rar
20/04/2012  22:15           173 824 etc1tool.rar.txt
20/04/2012  22:20           127 025 etc1tool_decoded.rar
               7 File(s)        430 589 bytes
               2 Dir(s)  13 486 784 512 bytes free

C:\temp\base64>
Open the produced file and check for error :



No error ! Now you can send it by mail, it will pass as the mail gateway will only see an archive with text inside...

Comments

Post a Comment

Popular posts from this blog

Set up a secondary Domain Name Server with bind9 on a ubuntu linux

-
On my spare time, I manage the technical subjects of a small webagency i've created with a friend when I was in my second year of Engineer school. It's named 123monsite.com . Tonight I dig the secondary (slave) DNS server subject. Until now, we used a DNS server from our registar as DNS backup. But as we grow, we need more servers and a secondary DNS of our own is becomming handy. We've rent a dedibox from the free.fr ISP (a server for 30€/month : via 2Ghz, 2Go Ram, 160Go HDD, 5Go of monthly backup). I choosed ubunty feisty server (7) among all OS available (many linux flavour and some windows) So here is how I set up my secondary domain name server on my ubuntu server with bind9. Let's say the domain of the primary name server is ns0.primarydomain.com (80.1.1.1) The secondary will be : ns1.primarydomain.com (80.2.2.2) And the domaine we'll want to be handle by both servers is myDomain.com (90.9.9.9). Give your secondary server a domain name T...
Read more

Upgrade Slimframework v3 to v4, how I did it

-
Here is an article that details my path to upgrade to Slimframework v3 to v4. I'm developing on my freetime an application that manage the fundraising of the French Red Cross, and I'm updating a lot of frameworks to their last version (AngularJS to Angular 8/9 is my big next move). You can find the project sources here : https://github.com/dev-mansonthomas/RedCrossQuest There’s quite a lot of breaking changes involved, feature removed in profit to external frameworks, the upgrade documentation is quite minimal, but you must read it to understand what's changing : http://www.slimframework.com/docs/v4/start/upgrade.html This article is not well redacted, it’s just a log of what I did to achieve the upgrade, but I feel it may help some, so here we are ;) What I've read to perform the upgrade I’ve read theses article to help the transition to the 4.x  https://akrabat.com/a-first-look-at-slim-4/ https://dzone.com/articles/a-first-look-at-slim-4 ...
Read more

Star Wars Squadrons & MFPLAT.DLL Missing, Screen & Joystick issues

-
Image
Star Wars Squadrons & MFPLAT.DLL Missing, Screen & Joystick issues I've just installed Star Wars Squadrons via Steam, being a huge fan of X-Wing, Tie Fighter, X-Wing vs Tie Fighter etc... The nasty surprise came very quick, MFPLAT.DLL is missing from my system with the following message :  "the code execution cannot proceed because mfplat.dll was not found" then I got Graphic Drivers issues, Screen resolution issues, Joystick issues... I'm explaining here how to fix these issues. MFPLAT.DLL issue (there's still a long way to go for Microsoft ecosystem to have something useful and intuitive. This should be transparently fixed for the user) I've got a "Windows 10 Pro N" without the Media Feature Pack, and that's apparently what's missing. Detailed instructions from Microsoft can be found here :  https://support.microsoft.com/en-us/help/4562569/media-feature-pack-for-windows-10-n-may-2020 Basically :  Type the windows key In the search ...
Read more