Статья Encrypt Html (source code)Content with AES

[livebox711]

Encrypt your source code using AES.



This script will help you to encrypt your Html content with. password and decrypt it with the password in link . More exactly , you will encrypt your HTML,JS source code and you will decrypt it with a password that you put in link after "#".

https://example.com/#Password

https://example.com/index.php?#password

It's not mandatory to use '#" you can modifiy in script to put whatever you want .. like "accessToken=Password" where 'accessToken=' is ex '#'.



encrypt.html

<html>

<head>

if(b% 4)for(var e=0;e<a;e++)c[b+e>>>2]|=(d[e>>>2]>>>24-8*(e% 4)&255)<<24-8*((b +e)%4);else if(65535<d.length)for(e=0;e<a;e+=4)c[b+e>> >2]=d[e>>>2]; else c.push.apply(c,d);this.sigBytes+=a;return this},clamp:function(){var a=this.words,c=this.sigBytes;a[c>>>2]& =4294967295<<32-8*(c%4);a.length=h.ceil(c/4)},clone:function(){var a=j.clone.call(this);a.words= this.words.slice(0);return a},random:function(a){for(var c=[],d=0;d<a;d+=4)c.push(4294967296*h.random( )|0);return new q.init(c,a)}}),v=f.enc={},u=v.Hex={stringify:function(a){var c=a.words;a =a.sigBytes;for(var d=[],b=0;b<a;b++){var e=c[b>>>2]>>>24-8*(b%4)&255;d .push((e>>>4).toString(16));d.push((e&15).toString(16))}return d.join("")},parse:function(a){for( varc=a. <21|p>>>11)^(p<<7|p>>>25))+(p&j^~p&k)+q[n]+a[n];g=((e<<30| e>>>2)^(e<<19|e >>>13)^(e<<10|e>>>22))+(e&f^e&m^f&m);l=k;k=j; j=p;p=h+r|0;h= m;m=f;f=e;e=r+g|0}b[0]=b[0]+e|0;b[1] =b[1]+f|0;b[2] =b[2]+m|0;b[3]=b[3]+h|0;b[4]=b[4]+p| 0;b[5]=b[5]+j| 0;b[6]=b[6]+k|0;b[7]=b[7]+l|0},_doFinalize:function(){var a=this._data,d=a.words, b=8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+ 14]=h.floor(b/4294967296);d[(e+64>>>9<<4)+15]=b;a.sigBytes=4*d.length;this._process();return this ._hash},clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone();return a}});s.SHA256=g._createHelper(f) ;s.HmacSHA256=g._createHmacHelper(f)})(Math);</script>>>13)^(e<<10|e>>>22))+(e& f^e&m^f&m);l=k;k=j;j=p;p=h+r|0;h=m ;m=f;f=e;e=r+g|0}b[0 ]=b[0]+e|0;b[1]=b[1]+f|0;b[2]= b[2]+m|0;b[3]=b[3]+h |0;b[4]=b[4]+p|0;b[5]=b[5]+j|0 ;b[6]=b[6]+k|0;b[7]= b[7]+l|0},_doFinalize:function(){var a=this._data,d=a.words,b =8*this._nDataBytes,e=8*a.sigBytes;d[e>> >5]|=128<<24-e%32;d[(e+64>>>9<<4)+14 ]=h.floor(b/4294967296);d[(e+64>>> 9<<4)+15]=b;a.sigBytes=4*d.length;this._process();return this. _hash},clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone();return a}});s.SHA256=g._createHelper(f); s.HmacSHA256=g._createHmacHelper(f)})(Math);</script>>>13)^(e<<10|e>>>22))+(e&f^e&m^f&m);l=k ;k=j;j=p;p=h+r|0;h=m ;m=f;f=e;e=r+g|0}b[0]=b[0]+e|0 ;b[1]=b[1]+f|0;b[2]= b[2]+m|0;b[3]=b[3]+h|0;b[4]=b[ 4]+p|0;b[5]=b[5]+j|0 ;b[6]=b[6]+k|0;b[7]=b[7]+l|0}, _doFinalize: function(){var a=this._data,d=a.words,b =8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e% 32;d[(e+64>>>9<<4)+14 ]=h.floor(b/4294967296);d[(e+64>>>9<<4)+15]=b;a .sigBytes=4*d.length;this._process();return this. _hash},clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone();return a}});s.SHA256=g._createHelper(f); s.HmacSHA256=g._createHmacHelper(f)})(Math);</script>b[6]=b[6]+k|0;b[7]=b[7]+l|0},_doFinalize :function(){var a=this._data,d=a.words,b= 8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e %32;d[(e+64>>>9<<4)+14] =h.floor(b/4294967296);d[(e+64>>>9<<4)+15]=b; a.sigBytes=4*d.length;this._process();return this._hash },clone:function(){var a=g.clone.call(this);a._hash=this._hash.clone( );return a}});s.SHA256=g._createHelper(f);s .

    init:function(e,a,b){this.cfg =this.cfg.extend(b);this._xformMode=e;this._key=a;this.reset()},reset:function(){t .reset.call(this);this._doReset()},process:function(e){this._append(e);return this._process()},finalize:function(e){e&&this ._append(e) ;return this._doFinalize()},keySize:4,ivSize:4,_ENC_XFORM_MODE:1,_DEC_XFORM_MODE:2,_createHelper:function(e){return{encrypt:function(b,k,d){ return("string" ==typeof k?c:a).encrypt(e,b,k,d)},decrypt:function(b,k,d){return("string"==typeof k?c: a).decrypt( e,b,k,d)}}}});d.StreamCipher=v.extend({_doFinalize:function(){return this._process(!0)},blockSize:1}); var b=p.mode={},x=function(e,a,b){var c=this._iv;c?this._iv=u:c=this._prevBlock;for(var d=0;d <b;d++)e[a+d]^=c[d]},q=(d.BlockCipherMode=l.extend({createEncryptor:function(e,a){return this.Encryptor.create(e,a )}, createDecryptor:function(e,a){return this.Decryptor.create(e,a)},init:function(e,a){this._cipher=e;this._iv=a}})).extend() ;q.Encryptor=q.extend({processBlock:function(e,a){var b=this._cipher,c=b.blockSize;x.call(this,e,a,c);b.encryptBlock(e ,a);this._prevBlock=e.slice(a,a+c)}});q.Decryptor=q.extend({processBlock:function(e,a){var b=this._cipher, c=b .blockSize,d=e.slice(a,a+c);b.decryptBlock(e,a);x.call(this,e,a,c);this._prevBlock=d}}); b=b.CBC=q;q=(p.pad={}).Pkcs7={pad:function(a,b){for(var c=4*b,c=ca.sigBytes%c,d= c<<24|c<<16|c<<8|c,l=[],n=0;n<c;n+=4)l.push(d);c=s.create(l,c );a.concat(c)},unpad:function(a){a.sigBytes-=a.words[a.sigBytes-1>>>2]&255}};d.BlockCipher=v.extend({cfg :v.cfg.extend({mode:b,padding:q}),reset:function(){v.reset.call(this);var a=this.cfg,b=a.iv,a=a. mode;if(this._xformMode==this. b.ivSize);l.iv=d.iv; b=a.encrypt.call(this,b,c,d.key,l);b.mixIn(d);return b},decrypt:function(b,c,d,l){l=this.cfg .extend(l);c=this._parse(c,l.format);d=l.kdf.execute(d,b.keySize,b.ivSize,c.salt);l.iv=d.iv; return a.decrypt.call(this,b,c,d.key,l)}})} ();(function(){for(var u=CryptoJS,p=u.lib.BlockCipher,d=u. algo,l=[],s=[],t=[],r=[],w=[],v=[],b=[],x=[],q=[],n=[ ],a=[],c=0;256>c;c++)a[c]=128 >c?c<<1:c<<1^283;for(var e=0,j=0,c =0;256>c;c++){var k=j^j<<1^j<< 2^j<<3^j<<4,k=k>>>8^k&255^99;l[e ]=k;s[k]=e;var z=a[e],F=a[ z],G=a[F],y=257*a[k]^16843008*k;t[e] =y<<24|y>>>8;r[e]=y<<16|y >>>16;w[e]=y<<8|y>>>24;v[e]=y ;y=16843009*G^65537*F^257*z^16843008*e;b[k] =y<<24|y>>>8;x[k]=y<<16|y>>>16 ;q[k]=y<<8|y>>>24;n[k]=y ; 24]<<24|f[k>>>16&255] <<16|f[n>>>8&255]<<8|f[g&255])^c[p++];t=(f[k>>> 24]<<24|f[n>>>16&255] <<16|f[g>>>8&255]<<8|f[h&255])^c[p++];n=(f[n>>> 24]<<24|f[g>>>16&255]<< 16|f[h>>>8&255]<<8|f[k&255])^c[p++];a[b]=q;a[ b+1]=s;a[b+2]=t; a[b+3]=n},keySize:8});u.AES=p._createHelper(d)})();</script>

</head>

<div id="loadercode" style="display:none"><html>  <style type="text/css"  media="print">  * { display: none; } </style>  <script>  function bytesToSize(bytes) { if (bytes == 0) return; var k = 1024; var sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB']; var i = Math.floor(Math.log(bytes) / Math.log(k)); return (bytes / Math.pow(k, i)).toPrecision(3) + ' ' + sizes[i]; } </script>  <script>  var CryptoJS=CryptoJS||function(h,s){var f={},t=f.lib={},g=function(){},j=t.Base= {extend:function(a){ g.prototype=this;var c=new g;a&& n=(f[n>>>24]<<24|f[g>>>>16&255]<<16|f[h>>>8&255]<<8 |f[k&255])^c[p++] ;a[b]=q;a[b+1]=s;a[b+2]=t;a[b+3]=n},keySize:8 });u.AES=p._createHelper( d)})();</script><script>var markup = document.documentElement.outerHTML;var DSize=markup.length; var CSize=bytesToSize(markup.length);var hash = CryptoJS.SHA256(markup);document.getElementById('HashDoc').innerHTML = hash;</script>  <body onload="do_encode()"  oncontextmenu="return false">  <script language="JavaScript1.2">  function do_encode() {password = window.location.href.split("#").pop();if (password.length >= 0) {srcCode = unescape ("

<div id="hexcode" style="display:none"><script type="text/javascript">var encoded="hexdecimal";decoded = unescape(('' + encoded).replace(/(. .) /g, '%$1'));document.write(decoded);</script></div>

    <script language="JavaScript1.2">

    function do_encode() {

        password = document.getElementById("pass").value;

        srcCode = document.getElementById("SourceText").value;

        var encrypted = CryptoJS.AES.encrypt(srcCode, password);

        document.getElementById("encodetext").value = encrypted;

        loaderCode1 = document.getElementById("loadercode").innerHTML;

        loaderCode1 = loaderCode1.replace(/</g, '<');

        loaderCode1 = loaderCode1.replace(/>/g, '>');

        loaderCode1 = loaderCode1.replace(/&/g, '&');

        loaderCode1 = loaderCode1.replace(/linebreak/g, "\n");

        loaderCode1 = loaderCode1.replace(/"/g, '"');

        console.log(loaderCode1)

        dstCode = loaderCode1.replace(/loadercode/, escape(encrypted));

        document.getElementById("DstText").value = dstCode;

        evalstr=toHex(dstCode);

        evalCode1 = document.getElementById("hexcode").innerHTML;

        dstCode = evalCode1.replace(/hexdecimal/, evalstr);

        dstCode = dstCode.replace(/</g, '<');

        dstCode = dstCode.replace(/>/g, '>');

        document.getElementById("DstText").value = dstCode;

        

        }

    </script>

    <form name="encryptor"><br>

    <font style="text-align: center;" color="black" size="2"><b>Password:</b><input type="text" name="pass" id="pass" size="20">

    <font face="Arial" color="black" size="2"><br><br><br><b>Source Code</b><br><textarea style="width:100%" name ="SourceText" id="SourceText" rows="15" ></textarea><br><a href="javascript:do_encode();" title="Start Encryption"><b>Encrypt 'Html Source'</b></a><br><br>

    Encrypted Text Only<br><textarea style="font-size: 10px; width:100%" name="encodetext" id="encodetext" rows="5"></textarea><br><br>

    Encrypted Text With HTML Loader<br><textarea style="font-size: 10px; width:100%" name="DstText" id="DstText" rows="15" ></textarea><br>

    <a href="javascript:downloadfile();" title="Download File"><b>(2) Download Encrypted File For Testing after Encrypted HTML Loader is created.</b></a>

    <script>

        function downloadfile() {strData = document.getElementById("DstText").value;filename="test.html";sMine="text/plain";download(strData,filename,sMine);}

        function download(strData, strFileName, strMimeType) {var D = document,A = arguments,a = D.createElement("a"),d = A[0],n = A[1],t = A[2] || "text/plain";a.href = "data:" + strMimeType + "charset=utf-8," + escape(strData);if (window.MSBlobBuilder) { var bb = new MSBlobBuilder();bb.append( strData);return navigator.msSaveBlob(bb, strFileName);} if ('download' in a) { a.setAttribute("download", n);a.innerHTML = "downloading...";D.body.appendChild (a);setTimeout(function() {var e = D.createEvent("MouseEvents");e.initMouseEvent("click", true, false, window, 0, 0, 0, 0, 0, false, false, false, false, 0, null);a.dispatchEvent(e);D.body.removeChild(a);}, 66);return true;};var f = D.createElement("iframe");D.body .appendChild(f);

    </script>

    <br><br></b></font>

    <script>

    </script>

    <script>document.getElementById("pass").focus();</script>

    </left></form>

    </body>

</html>

<script>function toHex(str) {

    varresult = '';

    for (var i=0; i<str.length; i++) {

      result=result + "" + str.charCodeAt(i).toString(16);

    }

    return result;

  }</script>

<noscript><br><br><center><font face="Arial" size=4 color="red"><b>JavaScript is <u>DISABLED</u><br>In order to decrypt the protected data, Javascript needs to be enabled.</b><br><br></center></noscript>

After you will encrypt it , you will get something like this

<script type="text/javascript">var encoded="3c68746d6 .......... 6d6c3e";decoded = unescape(('' + encoded).replace(/(..)/ g, '%$1'));document.write(decoded);</script>

Update your unencrypted code with this one and access the page with the password provided at the time of encryption.



if you have better options, please share with us, so we can learn .



Sorry for my bad english.

 

[kerberos]

Хорошая статья, спасибо.