There are a few things that I like to look for with base64 strings: The wiki article here goes into more details about the background of the encoding’s implementation and history, but here we’ll focus on the practical aspects within a security context. These strings must also be divisible by 4 to be well-formed. There are 64 characters in the Base64 “alphabet”, and an encoded string will contain a mixture of uppercase and lowercase letters, numbers, and sometimes an “=” or two (never more than two) at the end. VGhpcyBpcyB3aGF0IGJhc2U2NCBsb29rcyBsaWtlIGluIHRoZSB3aWxkLgo= These are the methods that I use to both encode and decode in my daily work.Ī base64 string is pretty easy to identify:
In this article, I will share both a simple and a slightly more advanced understanding of Base64 encoding. The most common methods are not terribly hard to learn and will help you to make better decisions on the legitimacy of a command or call seen on your network. Understanding the encoding methods threat actors use can help not only in everyday operations but importantly in cybersecurity and network security contexts. They are also widely used by malware authors to disguise their attacks and to implement anti-analysis techniques designed to frustrate malware hunters and reverse engineers. Encoded strings are everywhere and have many legitimate uses across the technology sector.
0 kommentar(er)
