Hi, thanks for your module, it's perfect!
I try to patch my file 'aes.min.js' on Centos 7 64bit
# ls -l
78a66859739b0c9e18bc5b4538c03bf9 aes.min.js
31f62873d818bc2cdc89be85d0e5f649 aes.patch
# yum install -y patch
# patch -l aes.min.js < aes.patch
patching file aes.min.js
Hunk #1 FAILED at 767 (different line endings).
Hunk #2 FAILED at 783 (different line endings).
2 out of 2 hunks FAILED -- saving rejects to file aes.min.js.rej
# ls -l
78a66859739b0c9e18bc5b4538c03bf9 aes.min.js
78a66859739b0c9e18bc5b4538c03bf9 aes.min.js.orig
31f62873d818bc2cdc89be85d0e5f649 aes.min.js.rej
31f62873d818bc2cdc89be85d0e5f649 aes.patch
I use your config 1-2-3-4 work all, but 5: https://github.com/kyprizel/testcookie-nginx-module/blob/master/doc/usecases.txt
5. HTTP GET flood, bots accept HTTP response headers, and can parse HTML, then decrypt cookies client-side, but w/o JS emulation
testcookie_refresh_template '<html><body>setting cookie...<script type=\"text/javascript\" src=\"/aes.min.js\" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers({use your favorite JS obfuscator to hide key value here}),b=toNumbers({use your favorite JS obfuscator to hide key value here}),c=toNumbers("$testcookie_enc_set");document.cookie="BPC="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";location.href="$testcookie_nexturl";</script></body></html>';
seems not working
It only show on Chrome:
setting cookie...
?? can you give advice, thanks U!
End file aes.min.js
unpadBytesOut: function(data) {
var padCount = 0;
var padByte = -1;
var blockSize = 16;
if (data.length > 16) {
for (var i = data.length - 1; i >= data.length-1 - blockSize; i--) {
if (data[i] <= blockSize) {
if (padByte == -1)
padByte = data[i];
if (data[i] != padByte) {
padCount = 0;
break;
}
padCount++;
} else
break;
if (padCount == padByte)
break;
}
if (padCount > 0)
data.splice(data.length - padCount, padCount);
}
}
/*
* END MODE OF OPERATION SECTION
*/
};
End file aes.patch:
--- aes.min.js 2012-05-05 22:03:32.000000000 +0400
+++ aes.min.new.js 2012-05-05 22:15:46.000000000 +0400
@@ -767,6 +767,7 @@
var padCount = 0;
var padByte = -1;
var blockSize = 16;
+ if (data.length > 16) {
for (var i = data.length - 1; i >= data.length-1 - blockSize; i--) {
if (data[i] <= blockSize) {
if (padByte == -1)
@@ -783,6 +784,7 @@
}
if (padCount > 0)
data.splice(data.length - padCount, padCount);
+ }
}
/*
* END MODE OF OPERATION SECTION