Jump to content

bin2hex


kkroo

Recommended Posts

I have a proxy and i want to encode the page so that it cant be read by bots, so i am ecoding it using bin2hex, and decoding in javascript using unescape.

ex:

<script type="text/javascript">
document.write(unescape('datainhex'));
</script>

Well the problem that i am having is that some pages work perfectly fine and others just dont finish, this is what happens:

<script type="text/javascript">
document.write(unescape('datainhex


so it is missing the
'));
</script>


Live example:

a working page: [a href=\"http://kkroo.dyndns.org:81/poxy\" target=\"_blank\"]http://kkroo.dyndns.org:81/poxy[/a]
[a href=\"http://localhost:81/poxy/index.php?q=bG9jYWxob3N0OjgxL3JvdW5kY3ViZW1haWw-&hl=1111101001\" target=\"_blank\"]http://localhost:81/poxy/index.php?q=bG9jY...-&hl=1111101001[/a]

a page that will not work:
[a href=\"http://kkroo.dyndns.org:81/poxy/index.php?q=bG9jYWxob3N0OjgxL2ZvcnVt&hl=1111101001\" target=\"_blank\"]http://kkroo.dyndns.org:81/poxy/index.php?...t&hl=1111101001[/a]

I am using PHProxy, and here is the modified code of the index page:

[code]<?php

@set_time_limit(0);

@error_reporting(0);

$data = '';

function escape ($str)    

{

       $encoded = bin2hex("$str");

       $encoded = chunk_split($encoded, 2, '%');

       $encoded = '%' . substr($encoded, 0, strlen($encoded) - 1);

      

   $content = '<script type="text/javascript">'."\n"."document.write(unescape('%s'));"."\n".'</script>';

  

   return sprintf($content, $encoded);

}








require 'PHProxy.class.php';



$config = array

(

    'url_var_name'             => 'q',

    'flags_var_name'           => 'hl',

    'get_form_name'            => '__script_get_form',

    'proxy_url_form_name'      => 'poxy_url_form',

    'proxy_settings_form_name' => 'poxy_settings_form',

    'max_file_size'            => -1

);



$flags = 'prev';



if (isset($_GET[$config['flags_var_name']]))

{

    $flags = $_GET[$config['flags_var_name']];

}



$PHProxy = & new PHProxy($config, $flags);



if (isset($_GET[$PHProxy->config['get_form_name']]))

{

    $url = decode_url($_GET[$PHProxy->config['get_form_name']]);

    $qstr = preg_match('#\\?#', $url) ? (strpos($url, '?') === strlen($url) ? '' : '&') : '?';

    $arr = explode('&', $_SERVER['QUERY_STRING']);

    if (preg_match('#^'.$PHProxy->config['get_form_name'].'#', $arr[0]))

    {

        array_shift($arr);

    }

    $url .= $qstr . implode('&', $arr);

    $PHProxy->start_transfer(encode_url($url));

    $data .= $PHProxy->return_response();

    $str = $data;



$encrypted = escape($str);



echo $str;

    exit;

}



if (isset($_GET[$PHProxy->config['url_var_name']]) )

{

    $PHProxy->start_transfer($_GET[$PHProxy->config['url_var_name']]);

    $data .= $PHProxy->return_response();

    $responce = $PHProxy->return_response();

    $str = $data;



$encrypted = escape($str);



echo $str;

   exit;

}

if (isset($_GET['action'], $_GET['delete']) && $_GET['action'] == 'cookies' )

{

    $PHProxy->delete_cookies($_GET['delete']);

    header("Location: $PHProxy->script_url?action=cookies");

   exit;

}



if (isset($_POST['username'], $_POST['password'], $_POST['server'], $_POST['realm'], $_POST['auth_url']) )

{

    $PHProxy->request_method = 'GET';

    $PHProxy->url_segments['host'] = decode_url($_POST['server']);

    $PHProxy->set_authorization($_POST['username'], $_POST['password']);

    $PHProxy->start_transfer($_POST['auth_url']);

    $data .= $PHProxy->return_response();

    $responce = $PHProxy->return_response();



    $str = $data;



$encrypted = escape($str);



echo $str;

   exit;

}



$data .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';

$data .= '<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">';

$data .= '<head>';

$data .= '  <title>PHProxy</title>';

$data .= '  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />';

$data .= '  <link rel="stylesheet" type="text/css" href="style.css" media="all" />';

$data .= '  <script src="javascript.js" type="text/javascript"></script>';

$data .= '</head>';

$data .= '<body>';

$data .= '<div id="container">';

$data .= '  <div id="menu">';

$data .= '    <a href="' . $_SERVER['PHP_SELF'] . '">URL Form</a> |';

$data .= '    <a href="?action=cookies">Manage Cookies</a>';

$data .= '  </div>';

$data .= '  <div class="title">PHProxy</div>';

$data .= '  <noscript><div class="error"><big>You have Javascript disabled. Please enable it to use the proxy</big></div></noscript>';





if (isset($_GET['error'])  )

{

    $data .= '<div class="error"><b>Error:</b> ' . htmlspecialchars($_GET['error']) . '</div>';

    if (isset($_GET['retry']))

    {

        $data .= '<div class="error"><a href="'. $PHProxy->proxify_url(decode_url($_GET['retry'])) .'">Retry</a></div>';

    }

}



if (isset($_GET['action'])  )

{

    if ($_GET['action'] == 'cookies')

    {

        $cookies = $PHProxy->get_cookies('COOKIE', false);



        if (!empty($cookies))

        {

            $data .= '<table style="width: 100%">';

            $data .= '<tr><td class="option" colspan="5"><a href="?action=cookies&delete=all">Clear All Cookies</a></td></tr>';

            $data .= '<tr><td class="head">Name</td><td class="head">Domain</td><td class="head">Path</td><td class="head">Value</td><td class="head">Action</td></tr>';



            for ($i = 0; $i < count($cookies); $i++)

            {

                $j = $i&1 ? ' class="shade"' : '';

                $data .= "<tr><td$j>{$cookies[$i][0]}</td><td$j>{$cookies[$i][1]}</td><td$j>{$cookies[$i][2]}</td>"

                   . "<td$j>" . wordwrap($cookies[$i][3], 15, ' ') ."</td><td$j><a href=". '"?action=cookies&delete='. md5(implode('', $cookies[$i])) . '">delete</a></td></tr>';

            }



            $data .= '</table>';

        }

        else

        {

            $data .= '<div class="error">No cookies available.</div>';

        }

    }

    else if ($_GET['action'] == 'auth' && isset($_GET['server'], $_GET['realm'], $_GET['auth_url']))

    {

        $data .= '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">';

        $data .= '<input type="hidden" name="server" value="'. $_GET['server'] .'" />';

        $data .= '<input type="hidden" name="realm" value="'. $_GET['realm'] .'" />';

        $data .= '<input type="hidden" name="auth_url" value="'. $_GET['auth_url'] .'" />';

        $data .= '<table style="width: 100%">';

        $data .= '<tr><td colspan="2" class="option">Enter user name and password for <b>' . decode_url($_GET['realm']) . '</b> at <i>' . decode_url($_GET['server']) . '</i></td></tr>';

        $data .= '<tr><td width="30%" class="option">User name</td><td class="option"><input type="text" name="username" value="" /></td></tr>';

        $data .= '<tr><td width="30%" class="option">Password</td><td class="option"><input type="password" name="password" value="" /></td></tr>';

        $data .= '<tr><td colspan="2" style="text-align: center"><input type="submit" value="OK" /></td></tr>';

        $data .= '</table>';

        $data .= '</form>';

    }

}

else

{



$data .= '  <form name="' .  $PHProxy->config['proxy_url_form_name'] .'" method="get" action="' . $_SERVER['PHP_SELF'] .'">';

$data .= '  <input type="hidden" name="' . $PHProxy->config['url_var_name'] .'" value="" id="url_input" />';

$data .= '  <input type="hidden" name="' . $PHProxy->config['flags_var_name'] . '" value="" />';

$data .= '  </form>';

$data .= '  <form name="' . $PHProxy->config['proxy_settings_form_name'] . '" method="get" action="" onsubmit="return submit_form();">';

$data .= '  <table style="width: 100%">';

$data .= '  <tr><td class="option" style="width: 20%">URL</td><td class="option" style="width: 80%">&nbsp;<input type="text" name="url" size="70" value="" /></td></tr>';

$data .=    $PHProxy->options_list(true, true);

$data .= '  <tr><td class="option" style="width: 20%">New Window</td><td class="option" style="width: 80%"><input type="checkbox" name="new_window" />Open URL in a new window </td></tr>';

$data .= '  </table>';

$data .= '  <div style="text-align: center"><input type="submit" name="browse" value="Browse" onclick="return submit_form();" /></div>';

$data .= '  </form>';



}



$data .= '</div></body></html>';

$encrypted = escape($data);


echo $encrypted;


?>

[/code]
Link to comment
Share on other sites

I can't access the proxy right now.
Try to modify it to:
[code]function escape($str)    
{
    $encoded = bin2hex("$str");
    $encoded = chunk_split($encoded, 2, '%');
    $encoded = '%' . substr($encoded, 0, strlen($encoded) - 1);

    $content = '<script type="text/javascript">' . "\n" . 'document.write(unescape(' . $encoded . '));' . "\n" . '</script>';

    return $content;
}[/code]
Link to comment
Share on other sites

OK, basically I rewrote your escape() function to:

[code]function escape($str)
{
   $return = '<script type="text/javascript">' . "\n" . 'document.write(unescape("';

   for ($i=0; $i<strlen($str); $i++) {
      $return .= '%'.bin2hex(substr($str, $i, 1));
   }

   $return .= '"));</script>';
   return $return;
}[/code]
And made it echo escape($PHProxy->return_response()).
It worked with all the pages I've tested.

[b]EDIT:[/b]
What I noticed though is that PHProxy won't work with some pages EVEN WITHOUT encoding.
Your code should work fine as well, but probably due to a PHProxy's native limitation, you aren't able to display the page.
Link to comment
Share on other sites

Maybe it's a PHP proxy bug. I don't know either, but sometimes you'll see that an incomplete page comes up.

And it not only lacks the ));</script> but also good amount of the page's code. Just try to save the HTML for these pages and add the part that is missing. You'll see the page itself isn't complete.
Link to comment
Share on other sites

I think i found out the problem, the script sets a content length, and when it is encoded, it triples the length of the page so it will cut off the page at the set content length. so what i have to do is modify the set_content_length function.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.