Hacking

Techniques for bypassing blocklisted characters for command injections

🌱 [seed]

2026-01-08

Whitespace

%0a: newline
%20: space
%09: tab
${IFS}: Input Field Separators ↗️ (typically space, tab, newline)
bash bracket expansion: {ls,-la} turns into ls -la

Special characters

forward slash: echo ${PATH:0:1}
semicolon: echo ${LS_COLORS:10:1}
pipe: try using <<<

Shifting characters

This command will shift a letter one to the right echo $(tr '!-}' '"-~'<<<[). e.g. ~ becomes !.

shift_generator() {
  local shift=$1
  local char=$2
  local second_start=$((33 + shift))
  local second_end=$((33 + shift - 1))
  printf "echo \$(tr '\\!-~' '"
  printf '%b-~\\!-%b' "$(printf '\\%03o' $second_start)" "$(printf '\\%03o' $second_end)"
  printf "'<<<'%s')\n" "$char"
}

# usage
shift_generator 1 "~"

Tooling

For more advanced obfuscation you can consider tools such as:

[Read more]

Fuzzing tools

🌱 [seed]

2025-12-27

🏷️ ffuf 🏷️ fuzzing 🏷️ hacking

Some example `ffuf` commands

In each case, FUZZ is the placeholder for word replacement.**

Fuzzing for specific extensions

ffuf \
  -w /usr/share/seclists/Discovery/Web-Content/common.txt \
  -u http://example.com/target_dir/FUZZ 
  -e .txt,.html,.bak # etc

Recursive fuzzing

ffuf \
  -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt \
  -u http://example.com/target_dir/FUZZ \
  -recursion

Fuzzing a `POST` parameter

ffuf \
  -w /usr/share/seclists/Discovery/Web-Content/common.txt \
  -u http://example.com/example.php \
  -X POST \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "y=FUZZ"
  -ic

Fuzzing a `GET` parameter

ffuf \
  -w /usr/share/seclists/Discovery/Web-Content/common.txt \
  -u http://example.com/example.php?x=FUZZ \
  -ic

References

Brute forcing subdomain enumeration 🌿

[Read more]

Useful search engines

🌿 [bud]

2025-11-27

🏷️ exploit 🏷️ hacking 🏷️ searching

Meta search

Kagi ↗️ premium (paid for and ad-free) search prioritising privacy and user experience. Reminiscent of the good-old-days
SearXNG ↗️ self-hostable, open-source metasearch engine that aggregates results from 200+ engines. There are hosted versions but privacy or veracity is not guaranteed

Specialist

Virus Total ↗️ meta engine for checking files and their hashes against virus databases
Shodan ↗️ is an engine to find devices connected to the internet
Censys ↗️ searches hosts, IPs, certificates

Exploits and CVE databases

[Read more]

Posts tagged: #Hacking

Techniques for bypassing blocklisted characters for command injections

Whitespace

Special characters

Shifting characters

Tooling

Fuzzing tools

Some example ffuf commands

Fuzzing for specific extensions

Recursive fuzzing

Fuzzing a POST parameter

Fuzzing a GET parameter

References

Useful search engines

Meta search

Specialist

Exploits and CVE databases

Some example `ffuf` commands

Fuzzing a `POST` parameter

Fuzzing a `GET` parameter