Ukuhamba kwe-modern security landscape ikhona ngokuvamile efana nokuvuthwa kwe-minesfield eyenziwe nge ama-threats eyenziwe ngempumelelo. Ngezinye ama-threats, ama-URL eyenziwe e-Base64 ibonisa ingozi elizodwa.Gore64I-Chromium-based browser extension yenzelwe ngokuvamile kumadivayisi we-cybersecurity abavela ngokuvamile i-URL encoded futhi ufuna indlela elula futhi enhle yokubhalisa ngaphandle kokuchofoza.
Yini ngokuvamile Gore64?
I-Gore64 iyona elula futhi elula ukusetshenziswa kwe-Chromium browser extension enikezela nokubhalisa ama-strings e-Base64 encoded ebhekwe ku-hyperlinks. Ngokuchofoza okwesikhashana okuhlobene, i-Gore64 ngokushesha i-decodes konke okufakiwe yi-Base64, okuvumela abasebenzisi ukuhlola ngokushesha ama-threats kanye nokufunda ngokushesha indawo yokufinyelela ngaphandle kokufinyelela i-click.
Indlela Gore64 ukusebenza
Ngemuva kokufaka, i-Gore64 ibandakanya isicelo se-context menu ebizwa ngokuthi "i-Gore64 ye-Barberion" ku-Chromium-based browser yakho. Nazi isebenzo se-step-by-step:
- I-Right-Click: Khetha noma iyiphi i-URL emangalisayo, emangalisayo.
- I-Decode: Faka "Barberion's Gore64" kusuka ku-context menu.
- Ukubonisa Imiphumela: I-Window entsha yakhelwe ekubonisa i-URL eyenziwe. Ungabona ama-characters eyenzakalelayo (gobbly gook), kodwa bheka ngokucacileyo ama-URL eyenzakalelayo ngaphakathi kweziphumela ze-decoded.
Akukho imibuzo ye-network, akukho decoding ye-third-party, nje ukucubungula okuhlobene, ukucubungula ngqo ngqo ku-browser yakho.
Umhlahlandlela we-Gore64
Isinyathelo 1: Ukubuyekeza amafayela
Yenza i-directory entsha ebizwa ngokuthiGore64kuhlanganise amafayela ezimbili ebalulekile:
- manifest.json: Imininingwane ye-metadata ye-extension.
- background.js: Ukulawula ukusebenza kwe-decoding.
- Create a folder inside Gore64 named images and download the following 4 png’s
Isinyathelo 2: Yenza imodi ye-developer
- Yenza i-Chrome noma iyiphi i-Chromium-based browser.
- Ukuhamba ku chrome://extensions/.
- Yenza isikhwama ye-Developer mode esekelwe ekupheleni esemthethweni.
Isinyathelo 3: Load your extension
- Thola Load unpacked futhi uchofoze i-Gore64 directory.
- I-Extension ye-Gore64 iyahamba ngokushesha.
Ukusebenza okusheshayo Isibonelo
Umbhali we-Right-click noma iyiphi i-Base64 encoded URL:
https://malicious.example.com?data=aHR0cHM6Ly9zaGFkeS1zaXRlLmNvbQ==
- Khetha "Barberion's Gore64" kusuka ku-context menu.
- Ukubonisa ngokuzenzakalelayo i-URL decoded:
https://shady-site.com
Note:Ukusuka kwe-decoded kungase kuhlanganise ezinye izinto ezingaziwa:
Ûi
ÿø¬qéí
:Ü
¢¸?¢Úìþ)Ý
Ëb
§µ8ëY
N'$zÒ
ç¾x
Ukulandelana ne-URL ezibonakalayo kakhulu ukucaciswa kwezimpendulo ezingenalutho.
Imikhiqizo Key
- Fast & Local: Ukuhlobisa kusebenza ngokushesha ku-browser yakho.
- I-Secure: Akukho imibuzo ye-external noma i-logging, ivimbele ukhuseleko kanye nokhuseleko.
- I-Context Menu Integration ye-Context Menu ye-Context Menu Integration ye-Context Menu ye-Context Menu ye-Context Menu
- I-Universal: I-compatible ne-Chrome, i-Edge, i-Brave kanye nezinye i-Chromium browsers.
Ngaba usebenzisa Gore64?
- Ukubuyekezwa kwebhizinisi: Hlola ngokushesha i-coded phishing noma i-malware URL ngokushesha.
- I-Incident Response: Ukuhlobisa i-URL ye-payload ye-malware ngaphandle kokusebenza.
- Ukukhishwa kwe-Productivity: Ukukhishwa kwe-time ne-effort eyenziwe ngokuvamile ekubunjweni kwe-URL ngesandla noma usebenzisa izixhobo ze-external.
Ukuhlobisa
I-Gore64 ihlanganisa ama-icons eziningana nezinga okusezingeni eliphezulu (16, 32, 48, 128 pixels) ezinikezela ukubukeka okukhanyisa phakathi kwezinga ezahlukahlukene.
Ukuphakama
Gore64is a specialized, esebenzayo isixhobo esiyingqayizivele kubasebenzi cybersecurity ukuthi kufanele ngokushesha ukucubungula URL zihlukile. It kuyinto elula, ukucubungula efanelekayo ukugcina digital ukhuseleko ngaphandle kokuphindaphinda isebenzo noma isivinini.
Ukusebenza ngokuvamileGore64—Ukuhlukaniswa okuhlobene, okuhlobisa indlela yokubonisa ama-threats encrypted ezihlangene ama-URL amancane.
Ukubonisa izinzuzo ezihambayo. Ukuhlobisa nge-Gore64.
Ukubuyiselwa
{
"manifest_version": 3,
"name": "Gore64",
"version": "1.6",
"description": "Decode Base64 encoded strings in links.",
"permissions": ["contextMenus", "activeTab", "scripting"],
"background": {
"service_worker": "background.js"
},
"icons": {
"16": "images/16.png",
"32": "images/32.png",
"48": "images/48.png",
"128": "images/128.png"
}
}
umlando.js
chrome.runtime.onInstalled.addListener(() => {
chrome.contextMenus.create({
id: "base64Decode",
title: "Barberion's Gore64",
contexts: ["link"]
});
});
chrome.contextMenus.onClicked.addListener((info, tab) => {
if (info.menuItemId === "base64Decode") {
const url = info.linkUrl;
// Regular expression to identify potential Base64 strings
const base64Pattern = /(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?/g;
const matches = url.match(base64Pattern) || [];
let decodedResults = [];
matches.forEach((potentialBase64) => {
try {
if (potentialBase64 && potentialBase64.length > 0) {
// Decode the Base64 string
let decodedText = atob(potentialBase64);
// Attempt to convert decoded text to readable UTF-8 string
try {
decodedText = decodeURIComponent(escape(decodedText));
} catch (e) {
// If conversion fails, use the original decoded text
}
// Append to results
decodedResults.push(decodedText);
}
} catch (e) {
// Ignore errors and continue
}
});
if (decodedResults.length > 0) {
chrome.scripting.executeScript({
target: { tabId: tab.id },
func: displayDecodedResults,
args: [decodedResults.join("\n\n")]
});
} else {
chrome.scripting.executeScript({
target: { tabId: tab.id },
func: displayNoBase64Found
});
}
}
});
function displayDecodedResults(decodedText) {
const htmlContent = `
<div id="customDialog" style="position: fixed; top: 50%; left: 50%; transform: translate(-50%, -50%);
background-color: white; border: 1px solid #ccc; padding: 20px; z-index: 10000; font-family: Arial, sans-serif; width: 80%; max-width: 600px; box-shadow: 0px 0px 15px rgba(0,0,0,0.2);">
<h2 style="margin-top: 0;">Decoded Base64</h2>
<textarea style="width: 100%; height: 200px;" readonly>${decodedText}</textarea>
<br><br>
<button id="closeDialog">Close</button>
</div>
`;
const dialogElement = document.createElement('div');
dialogElement.innerHTML = htmlContent;
document.body.appendChild(dialogElement);
document.getElementById('closeDialog').addEventListener('click', () => {
dialogElement.remove();
});
}
function displayNoBase64Found() {
alert("No valid Base64 encoded string found.");
}
