Turn a target string into a list of bit flipped strings

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for techy from gravatar.com techy

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: techy

Classifiers

Project description

blip

B(itf)lip Strings for Red Teaming/Bug Bounty Hunting

Help CLI

Install

pip install blip

OR

git clone https://github.com/zmallen/blip && cd blip && python setup.py install

Summary of tool/bitflipping

Bitflipping is a natural phenomena where bits in a packet sometimes 'flip' from 0 to 1, or 1 to 0. Typically, machines that interpret packets use checksums in order to validate the integrity of the datagram as it reads it from a socket. Other times, machines assume the original packet with the bitflip error is what was intended by the computer!

Bitsquatting is an attack thats been around for close to a decade. The concept here is that someone can change bits in a string and then register a domain in order to take advantage of this error, and perhaps direct a victim to a maliciously owned bitsquatted domain. In 2021, a blog post by Remy Hax detailed an attack on the 'Windows' string by bitsquatting domains that weren't owned by Microsoft. This led to some hilarious results as machines from all over the world resolved their infrastructure and tried to communicate it.

I wanted to write a tool to aid researchers and red teamers in generating these strings. Since bitsquatting is specifically related to bitflipped domains, I wanted to focus on the strings that are bitflipped for multiple uses, not just domain registrations. Also, I liked the word 'blip' which is short for bitflip. Bquat didnt sound as good ;)

Usage

  1. blip -s microsoft Generate all bitflipped strings for Microsoft
  2. blip -s microsoft --ascii Generate ASCII-only bitflipped strings
  3. blip -s microsoft --no-caps Lowercase all candidate strings and remove uppercase characters

Use Cases

Generate bitflipped strings to make some bitsquat domain candidates

Install idn package (on Ubuntu, apt install idn)

⚡  blip -s paypal --no-cap | grep -v '[^a-zA-Z\d\s]' | idn
paypad
paypcl
paypql
paqpal
xn--paypl-0qa
paypil
paypal
xn--papal-2ua
pqypal
peypal
piypal
payral
payqal
taypal
xn--paypa-xsa
raypal
xn--aypal-hta
paypah
pcypal
payxal
xn--payal-kta
paypan
paxpal
paypam
qaypal
paipal
paytal
xn--pypal-xqa
paypel
xaypal

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for techy from gravatar.com techy

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: techy

Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

blip-0.1.0.tar.gz (3.6 kB view hashes)

Uploaded Source

Built Distribution

blip-0.1.0-py3-none-any.whl (4.5 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page