Decode/reencode parameters in base64/hex

[bdamele]

[mwulftange]

You could write your own tamper script that does this.

[stamparm]

Not really related. Tamper scripts are doing the encoding of output payloads while we need to automatically detect, decode, inject and re-encode parameters (e.g. Cookies) that contain Base64/Hex encoded strings.

[CmdFreak]

I've send a detailled mail at stamparm.
Maybe it can help to realize a feature for http authentication injection ;)

[stamparm]

More general mechanism is required:

1. encoding of request body
2. encoding of request payload
3. decoding of response body

[brandonprry]

A more simple solution could be to only look for an asterisk.

[stamparm]

Idea from an user:

hxxp://link.tosite/function.php?aaa={base64encode}value1=xxx&id=101010&i=1{/base64encode} -p value

hxxp://link.tosite/function.php?aaa={md5encode}value1=xxx&id=101010&i=1{/md5encode} -p value