m039/js-protection-methods.clj

## js-protection-methods.clj
;; Author: m039 <flam44 (at) gmail (dot) com>
;;
;; Some cracking methods to decrypt urls from javascript protected
;; site. All the methods for manual usage.
;;
;; The protection should be based on this
;; [http://simplythebest.net/scripts/DHTML_scripts/javascripts/javascript_60.html]
;; script.

;; alpha

(def alpha "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghij")

(defn index-of
  ([ch] (index-of ch 0))
  ([ch num] (.indexOf alpha (int ch) num)))

(defn char-at [pos]
  (.charAt alpha pos))


(defn makehash [str]
  (reduce #(+ (* %1 mult) (.indexOf alpha (int %2)) 1) 0 str))

(defn brute [acc deep]
  (when (> deep 0)
           (doseq [ch alpha]

             (brute (str acc ch) (dec deep))))
  (when (and (= deep 0)
             (= (makehash acc) hash-key))
               (println "Win:" acc)))


;; length

(defn calc-length-max [salt mult]
  (let [fst (char-at 0)]
    (binding [mult mult]
      (loop [acc ""]
        (if (> (makehash acc) salt)
          (do
            (dec (.length acc)))
          (recur (str acc fst)))))))

(defn calc-length-min [salt mult]
  (let [fst \9]
    (binding [mult mult]
      (loop [acc ""]
        (if (> (makehash acc) salt)
          (do
            (dec (.length acc)))
          (recur (str acc fst)))))))

(defn login-length [salt]
  "Returns [min, max] lengths of the login name."
  [(calc-length-min salt 9)
   (calc-length-max salt 9)])

(defn password-length [salt]
  "Returns [min, max] lengths of the password."
  [(calc-length-min salt 9)
   (calc-length-max salt 9)])

(defn hash-length [salt]
  "Returns [min, max] lengths of the hash."
  [(calc-length-min salt 8)
   (calc-length-max salt 8)])

;; get-hash

(defn get-hash [length link maybe-link]
  (loop [hash   []
         number 0
         xs link
         ys maybe-link]
    (when-not (or (> number 9)
                  (empty? xs)
                  (empty? ys))
      (let [c1 (first xs)
            a (index-of c1 9)
            b (- a number)
            c2 (if (> a -1) (.charAt alpha b) c1)]

        (if (> a -1)
          (if (= c2 (first ys))
            (if (= (count hash) length)
              hash
              (recur (conj hash number) 0 (rest xs) (rest ys)))
            (recur hash (inc number) xs ys))
          (recur hash 0 (rest xs) (rest ys)))))))

;; decrypt

(defn decrypt-link [url hash]
  (with-out-str
    (loop [cnt 0 xs url]
      (when-not (empty? xs)
        (let [c1 (first xs)
              a (index-of c1 9)
              b (- a (nth hash cnt))
              c2 (if (> a -1) (char-at b) c1)]
          (print c2)
          (if (> a -1)
            (recur (mod (inc cnt) (count hash)) (rest xs))
            (recur cnt (rest xs))))))))

(let [link "kwAp://FBw.ohfnAhrx.cv.Bn/olvnqs/ya.skw?pF=xhllsuBln"
      hash (get-hash 9 link "http://www.hackthis")]
  (decrypt-link link hash))

(let [link "kxyr://FED.mrslnn.kvs"
      hash (get-hash 8 link "http://www.go")]
  (decrypt-link link hash))
	;; Author: m039 <flam44 (at) gmail (dot) com>
	;;
	;; Some cracking methods to decrypt urls from javascript protected
	;; site. All the methods for manual usage.
	;;
	;; The protection should be based on this
	;; [http://simplythebest.net/scripts/DHTML_scripts/javascripts/javascript_60.html]
	;; script.

	;; alpha

	(def alpha "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghij")

	(defn index-of
	([ch] (index-of ch 0))
	([ch num] (.indexOf alpha (int ch) num)))

	(defn char-at [pos]
	(.charAt alpha pos))


	(defn makehash [str]
	(reduce #(+ (* %1 mult) (.indexOf alpha (int %2)) 1) 0 str))

	(defn brute [acc deep]
	(when (> deep 0)
	(doseq [ch alpha]

	(brute (str acc ch) (dec deep))))
	(when (and (= deep 0)
	(= (makehash acc) hash-key))
	(println "Win:" acc)))


	;; length

	(defn calc-length-max [salt mult]
	(let [fst (char-at 0)]
	(binding [mult mult]
	(loop [acc ""]
	(if (> (makehash acc) salt)
	(do
	(dec (.length acc)))
	(recur (str acc fst)))))))

	(defn calc-length-min [salt mult]
	(let [fst \9]
	(binding [mult mult]
	(loop [acc ""]
	(if (> (makehash acc) salt)
	(do
	(dec (.length acc)))
	(recur (str acc fst)))))))

	(defn login-length [salt]
	"Returns [min, max] lengths of the login name."
	[(calc-length-min salt 9)
	(calc-length-max salt 9)])

	(defn password-length [salt]
	"Returns [min, max] lengths of the password."
	[(calc-length-min salt 9)
	(calc-length-max salt 9)])

	(defn hash-length [salt]
	"Returns [min, max] lengths of the hash."
	[(calc-length-min salt 8)
	(calc-length-max salt 8)])

	;; get-hash

	(defn get-hash [length link maybe-link]
	(loop [hash []
	number 0
	xs link
	ys maybe-link]
	(when-not (or (> number 9)
	(empty? xs)
	(empty? ys))
	(let [c1 (first xs)
	a (index-of c1 9)
	b (- a number)
	c2 (if (> a -1) (.charAt alpha b) c1)]

	(if (> a -1)
	(if (= c2 (first ys))
	(if (= (count hash) length)
	hash
	(recur (conj hash number) 0 (rest xs) (rest ys)))
	(recur hash (inc number) xs ys))
	(recur hash 0 (rest xs) (rest ys)))))))

	;; decrypt

	(defn decrypt-link [url hash]
	(with-out-str
	(loop [cnt 0 xs url]
	(when-not (empty? xs)
	(let [c1 (first xs)
	a (index-of c1 9)
	b (- a (nth hash cnt))
	c2 (if (> a -1) (char-at b) c1)]
	(print c2)
	(if (> a -1)
	(recur (mod (inc cnt) (count hash)) (rest xs))
	(recur cnt (rest xs))))))))

	(let [link "kwAp://FBw.ohfnAhrx.cv.Bn/olvnqs/ya.skw?pF=xhllsuBln"
	hash (get-hash 9 link "http://www.hackthis")]
	(decrypt-link link hash))

	(let [link "kxyr://FED.mrslnn.kvs"
	hash (get-hash 8 link "http://www.go")]
	(decrypt-link link hash))