I have raw encoded base64 emails that I would like to decode. However on the raw email data, there is 3 sections to it.
The first section is HEADERS.
The second section is HTML content / tags.
The third section is the encoded base64.
I can manually add the string to my program and decode it just fine. However, I want to TARGET or PULL the encoded message into my program, so when I run it, its automatic.
But how do I target the encryption data when the header and html content / tags are in the way? I can read files through PHP, but would I do something like
if (strlength IS REALLY LONG == encoded data)
{decode that data}
Based on the following link, your solution would be something like this:
How to check whether the string is base64 encoded or not
$regex = '^([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{4}|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)$';
if(preg_match($regex,$string) != false){
//some operation
$decoded = base64_decode($string);
}
Related
Reading through the vulnhub walkthrough for wakanda here
https://medium.com/egghunter/wakanda-1-vulnhub-walkthrough-3d524ed8a372
And it uses a php filter i haven't seen before (base64 encoder) which is then decoded . Using this line of code
curl http://192.168.56.102/?lang=php://filter/convert.base64-encode/resource=index | head -n 1 | base64 -d
In comparison I tried to simply curl the page via
curl http://192.168.56.102/?lang=php
Both output the html , but the filtered code also produces several lines above the DOCTYPE header that is enclosed inside of a php tag. My question is why does this happen?
the significant output (first few lines) is below
<?php
$password ="Niamey4Ever227!!!" ;//I have to remember it
if (isset($_GET['lang']))
{
include($_GET['lang'].".php");
}
?>
<!DOCTYPE html>
<html lang="en"><head>
Obviously this is wrong, but it seems like the filtered code is: encoding , then decoding and somehow in that process getting more information than if we just curled everything
I came across this article
https://www.idontplaydarts.com/2011/02/using-php-filter-for-local-file-inclusion/
which explained this very well.
This forces PHP to base64 encode the file before it is used in the require statement. From this point its a matter of then decoding the base64 string to obtain the source code for the PHP files.
So as to why the filtered code gets all the html and the php, is because its making the php be encoded before grabbing the html and wrapping it all into one output string, which can then be decoded and read . Meaning as output you get both the page html and the php code from other supporting files
I have a problem creating an input validation hash. JavaScript submits data to API and API validates the sent data with json_encode. Basically it works like this:
$input=array('name'='John Doe','city'=>'New York');
$validationHash=sha1(json_encode($input).$key); // Key is known to both servers
If PHP connects to another server, then everything works. It also works through JavaScript (I have a custom sha1() function there as well):
var validationHash=sha1(JSON.stringify({'name':'John Doe','city'=>'New York'})+key);
My problem comes when the string contains UTF-8 characters. For example, if one of the values is:
Ränisipelgasöösel
Then PHP server that receives the command converts it to this after JSON encoding:
R\u00e4nisipelgas\u00f6\u00f6sel
I need to do this in JavaScript as well, but I haven't been able to work out how. I need to make sure that I send proper validation hash to the server or the command fails. I found from Google that unescape(encodeURIComponent(string)) and decodeURIComponent() could be used, but neither gives me the same string that PHP has and validates with.
UTF-8 is used on both client and server.
Any ideas?
It does not seem to be possible. The only working solution I have found is to encode all data with encodeURIComponent() on browser side and with rawurlencode() on PHP side and then calculate the JSON from these values in arrays.
My fix was to raw url encode my json data like so.
rawurlencode( json_encode( $data ) );
And then from within javascript decode the raw url encoded json and then parse the json string like so.
JSON.parse( decodeURIComponent( data ) );
Hope this helps.
Why not base64 encode the data for safe transport? It encodes UTF-8 characters in a safe string that can be sent across different mediums - php, javascript etc. That way you can base64 decode the string at the receiving end. Voila!
By base64 encoding the data, i mean base64 encoding the values and not the whole json string
is you html page encoding utf-8?
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
I have html data like text including image src.when I alert using jquery it works fine. Entire html is displayed in alert box.And then I want to send that entire html data and text and something's id using query string of JQuery like:
$.post('something.php','socialprofileid='+socialprofileid+
'&txtMsg='+msg+'&postedHtmlMsg='+HtmlMsgresult)
But I need that entire html data including text and id in php page like get html data, text, id in JQuery alert box
I try to use window.btoa function(base64 encoded format) for HtmlMsgresult. After doing base64 encoded format in javascript, when I try to send in php page, it doesn't get any print in php page.
Another thing is there any solution Text and htmldata(html text and img src) are combined and then it is done the base64 encode.And then it is send in php page using query string like:
if(txtmsg='') {
var result=window.btoa(htmldata);
} else {
var content=text+htmldata;
var result=window.btoa(content);
}
$.post('something.php','socialprofileid='+socialprofileid+'&result='+result)
Is it possible to do that?
And then I want to insert into database in something.php and then in another page I want to fetch the htmldata and text which are encoded by base64 using jquery. Then it is converted by base64_decode function.
But within text and htmldata, How to extract text , htmltext, htmlimgsrc differently from the database table.
If u know about these type of problems, please reply me
I need your hand
Thank you
$.post('something.php',
{socialprofileid:socialprofileid,
txtMsg:msg,
postedHtmlMsg:HtmlMsgresult});
jQuery will apply encodeURIComponent by itself. And yes, you need encodeURIComponent applied to the values of the parameters if you want to encode the data by yourself. Read the following topic When are you supposed to use escape instead of encodeURI / encodeURIComponent?
ps: you do not have to do anything in the php script, the data will be decoded automatically by the server. Access $_POST['socialprofileid'], $_POST['txtMsg'] and so on in php.
In php, you can get the post parameters with the $_POST variable.
<?
echo $_POST['socialprofileid'], PHP_EOL;
echo $_POST['txtMsg'], PHP_EOL;
echo $_POST['postedHtmlMsg'], PHP_EOL;
?>
We have php server that sends json string in utf-8 encoding.
Im responsible for the iphone app that get the data.
I want to be sure that on my side everything is correct :
//after I downlad the data stream :
NSString* content = [[NSString alloc] initWithData:self.m_dataToParse encoding:NSUTF8StringEncoding];
//here the data is shown correctly in the console
NSLog(#"%#",content);
SBJsonParser *_parser = [[SBJsonParser alloc]init];
NSDictionary *jsonContentDictionary = [_parser objectWithData:self.m_dataToParse];
//here, when i printer values of array IN array, i see \u454 u\545 \4545 format. any ideas why ?
for(id key in jsonContentDictionary)
{
NSLog(#"key:%#, value:%#,key, [ jsonContentDictionary objectForKey:key]);
}
im using the latest version of json library :
https://github.com/stig/json-framework/
There is problem is the iphone side ? (json parser ? ) or in the php server ?
just to be clear again :
1.on the console, before json, the string looks o.k
2.after doing json, the array in array values are in the format of \u545 \u453 \u545
Thanks in advance.
Your code is correct.
A possible reason of the issue, and you must investigate it with your content provider (the server that sends the json to you), is that even if the whole json string is correctly encoded as utf-8 (remember: the json text is a sequence of character and so an encoding must be specified), it may happen that some or all of the text content (that is the values of the single objects contained in the json message) has been originally encoded in another format, typically this is html-encoding (iso-8859) especially when particular characters are used (e.g. cyrillic or asian). Now the json framework by default decodes all data as utf-8, but if there is a coding mismatch between the utf-8 characters and the iso-8859 (just to remain in the example) then the only way to transform them in utf-8 is to use the \u format. This happens quite often, especially when php scripts extract the info from html pages, which are usually encoded using iso-8859. And consider also that iOS is not able to convert the whole set of iso-8859 characters to unicode (e.g.: cyrillic).
So possible solutions are:
- do a content encoding of texts server side (iso-8859 --> utf-8)
- or if this is not possible, then it's up to you to recognize the \uxxx sequences coming more often from your content provider and replace them with the corresponding utf-8 characters.
I am trying to use POST in Flash (ActionScript 2), to POST values to PHP mail script.
I tried the PHP mail script with HTML form, and it worked perfectly fine.
But when I POST from flash and input non-English characters, I get "????" in the mail.
I tried utf8_encode($_POST["name"]), but it doesn't help.
Edit:
I also tried utf8_decode($_POST["name"]), it didn't work.
Update: (So you wont have to go through all the comments)
I checked the variables in Flash,
the values are stored correctly.
The HTML page where the Flash is embedded is UTF-8 encoded.
I watched the POST headers with FireBug, the POST itself is already messed up, showing "????" instead of the real value.
The the messed up "????" value, is currently url-encoded by flash, and decoded by PHP, resulting in $_POST["name"] == "???";
I suspect its the sendAndLoad method that creates the mess.
Update:
Here is the flash code:
System.useCodepage = true;
send_btn.onRelease = function() {
my_vars = new LoadVars();
my_vars.email = email_box.text;
my_vars.name = name_box.text;
my_vars.family_box = comment.text;
my_vars.phone = phone_box.text;
if (my_vars.email != "" and my_vars.name != "") {
my_vars.sendAndLoad("http://aram.co.il/ido/sendMail.php", my_vars, "POST");
gotoAndStop(2);
} else {
error_clip.gotoAndPlay(2);
}
my_vars.onLoad = function() {
gotoAndStop(3);
};
};
email_box.onSetFocus = name_box.onSetFocus=message_box.onSetFocus=function () {
if (error_clip._currentframe != 1) {
error_clip.gotoAndPlay(6);
}
};
Flash uses UTF8-encoding for all strings, anyway. If you use LoadVars, transfer as a urlencoded string should also work automatically.
So your problem is most probably in the PHP part of your application. For example, in order for UTF8 to work correctly, all individual PHP files must be saved in UTF8-encoded format, as well.
If just changing the file encoding doesn't work, try parsing $HTTP_RAW_POST_DATA first, check if all the fields have been transferred correctly, then go on and echo your way through until you find the place where the encoding is lost.
Update:
Here is your problem: You use System.useCodePage = true;. This requires you to specifically encode all your data as unicode before sending it. Unless you have any other documents in other encodings, and/or allow your users to upload their own text data with their localized encodings, set System.useCodePage = false;, and your utf8-problem should go away.
If you receive data from flash you need to use utf8_decode and not utf8_encode.
Flash uses UTF8 - as long as you don't tell it to use the local characterset. And you want PHP to decode that to good old ISO-8859-1 which PHP uses internally.
You'd only use utf8_encode when preparing data for flash.