Add body support for invisible characters after encryption
How to Test
Just use a string of hexadecimal characters as parameters
Notes & Caveats
When I was testing, I found that when I encountered a request with encrypted characters that could not be displayed properly, the parameters passed through the string could not construct the same request as before.
For example, if the encrypted character is displayed as "." and I pass it as a parameter, but in reality, its hexadecimal is not 2e, it may be f8, and so on.
So at this point, we cannot simply pass in strings. We need to have the ability to pass in encrypted and invisible characters, in order to cope with which request bodies are sending miscellaneous content. (This is a problem I discovered during my research and communication with the C2 Trojan)
Add body support for invisible characters after encryption
How to Test
Just use a string of hexadecimal characters as parameters
Notes & Caveats
When I was testing, I found that when I encountered a request with encrypted characters that could not be displayed properly, the parameters passed through the string could not construct the same request as before. For example, if the encrypted character is displayed as "." and I pass it as a parameter, but in reality, its hexadecimal is not 2e, it may be f8, and so on. So at this point, we cannot simply pass in strings. We need to have the ability to pass in encrypted and invisible characters, in order to cope with which request bodies are sending miscellaneous content. (This is a problem I discovered during my research and communication with the C2 Trojan)