line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Mojolicious::Plugin::TagHelpers::MailToChiffre; |
2
|
2
|
|
|
2
|
|
1826
|
use Mojo::Base 'Mojolicious::Plugin'; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
13
|
|
3
|
2
|
|
|
2
|
|
476
|
use Mojo::ByteStream 'b'; |
|
2
|
|
|
|
|
13
|
|
|
2
|
|
|
|
|
85
|
|
4
|
2
|
|
|
2
|
|
12
|
use Mojo::Collection 'c'; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
80
|
|
5
|
2
|
|
|
2
|
|
10
|
use Mojo::URL; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
15
|
|
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
our $VERSION = '0.13'; |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
# Cache for generated CSS and JavaScript |
10
|
|
|
|
|
|
|
has [qw/js css pattern_rotate/]; |
11
|
|
|
|
|
|
|
|
12
|
|
|
|
|
|
|
# Register Plugin |
13
|
|
|
|
|
|
|
sub register { |
14
|
5
|
|
|
5
|
1
|
23003
|
my ($plugin, $app, $plugin_param) = @_; |
15
|
|
|
|
|
|
|
|
16
|
|
|
|
|
|
|
# Load random string plugin with specific profile |
17
|
5
|
|
|
|
|
42
|
$app->plugin('Util::RandomString' => { |
18
|
|
|
|
|
|
|
mail_to_chiffre => { |
19
|
|
|
|
|
|
|
alphabet => 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', |
20
|
|
|
|
|
|
|
entropy => 128 |
21
|
|
|
|
|
|
|
} |
22
|
|
|
|
|
|
|
}); |
23
|
|
|
|
|
|
|
|
24
|
5
|
|
|
|
|
7457
|
delete $plugin->{js}; |
25
|
5
|
|
|
|
|
14
|
delete $plugin->{css}; |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
# Load parameters from Config file |
28
|
5
|
50
|
|
|
|
23
|
if (my $config_param = $app->config('TagHelpers-MailToChiffre')) { |
29
|
0
|
|
|
|
|
0
|
$plugin_param = { %$config_param, %$plugin_param }; |
30
|
|
|
|
|
|
|
}; |
31
|
|
|
|
|
|
|
|
32
|
|
|
|
|
|
|
# Generate method name in case it is not given |
33
|
5
|
|
66
|
|
|
98
|
my $method_name = $plugin_param->{method_name} // $app->random_string('mail_to_chiffre'); |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
# Set pattern shift in case it is not given |
36
|
5
|
|
|
|
|
1387
|
my $pattern_rotate = 2; |
37
|
5
|
50
|
33
|
|
|
55
|
if ($plugin_param->{pattern_rotate} && $plugin_param->{pattern_rotate} =~ /^\d+$/) { |
38
|
5
|
|
|
|
|
12
|
$pattern_rotate = $plugin_param->{pattern_rotate}; |
39
|
|
|
|
|
|
|
}; |
40
|
5
|
|
|
|
|
23
|
$plugin->pattern_rotate($pattern_rotate); |
41
|
|
|
|
|
|
|
|
42
|
5
|
|
100
|
|
|
46
|
$plugin->{no_inline} = $plugin_param->{no_inline} // undef; |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
# Add pseudo condition for manipulating the stash for the fallback |
45
|
5
|
|
|
|
|
24
|
my $routes = $app->routes; |
46
|
|
|
|
|
|
|
|
47
|
|
|
|
|
|
|
# Add fallback shortcut |
48
|
|
|
|
|
|
|
$routes->add_shortcut( |
49
|
|
|
|
|
|
|
mail_to_chiffre => sub { |
50
|
2
|
|
|
2
|
|
2211
|
my $r = shift; |
51
|
|
|
|
|
|
|
|
52
|
2
|
|
|
|
|
6
|
state $name = 'mailToChiffre'; |
53
|
|
|
|
|
|
|
|
54
|
|
|
|
|
|
|
# In case method name is given, set asset paths |
55
|
2
|
100
|
|
|
|
8
|
if ($plugin_param->{method_name}) { |
56
|
|
|
|
|
|
|
|
57
|
|
|
|
|
|
|
# Styles |
58
|
|
|
|
|
|
|
$r->get('/style.css')->to( |
59
|
|
|
|
|
|
|
cb => sub { |
60
|
0
|
|
|
|
|
0
|
my $c = shift; |
61
|
0
|
|
|
|
|
0
|
$c->render( |
62
|
|
|
|
|
|
|
text => $c->mail_to_chiffre_css, |
63
|
|
|
|
|
|
|
format => 'css' |
64
|
|
|
|
|
|
|
); |
65
|
|
|
|
|
|
|
} |
66
|
1
|
|
|
|
|
4
|
)->name($name . 'CSS'); |
67
|
|
|
|
|
|
|
|
68
|
|
|
|
|
|
|
# Styles |
69
|
|
|
|
|
|
|
$r->get('/script.js')->to( |
70
|
|
|
|
|
|
|
cb => sub { |
71
|
0
|
|
|
|
|
0
|
my $c = shift; |
72
|
0
|
|
|
|
|
0
|
$c->render( |
73
|
|
|
|
|
|
|
text => $c->mail_to_chiffre_js, |
74
|
|
|
|
|
|
|
format => 'js' |
75
|
|
|
|
|
|
|
); |
76
|
|
|
|
|
|
|
} |
77
|
1
|
|
|
|
|
327
|
)->name($name . 'JS'); |
78
|
|
|
|
|
|
|
}; |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
# Fallback path |
81
|
|
|
|
|
|
|
$r->under('/:xor/:host')->to( |
82
|
|
|
|
|
|
|
cb => sub { |
83
|
12
|
|
|
|
|
133195
|
$plugin->_chiffre_to_mail(shift) |
84
|
|
|
|
|
|
|
} |
85
|
2
|
|
|
|
|
262
|
)->get('/')->name($name)->to(@_); |
86
|
|
|
|
|
|
|
} |
87
|
5
|
|
|
|
|
61
|
); |
88
|
|
|
|
|
|
|
|
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
# Add obfuscation tag helper |
91
|
|
|
|
|
|
|
$app->helper( |
92
|
|
|
|
|
|
|
mail_to_chiffre => sub { |
93
|
18
|
|
|
18
|
|
69491
|
my $c = shift; |
94
|
|
|
|
|
|
|
|
95
|
18
|
100
|
|
|
|
70
|
my $address = shift or return b(''); |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
# Create one time pad |
98
|
17
|
|
|
|
|
88
|
my $xor = substr($c->random_string('mail_to_chiffre'), 0, length($address)); |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
# Get embedded code |
101
|
17
|
|
|
|
|
1845
|
my $text; |
102
|
17
|
100
|
100
|
|
|
88
|
if (ref($_[-1]) && ref($_[-1]) eq 'CODE') { |
103
|
1
|
|
|
|
|
4
|
$text = pop; |
104
|
|
|
|
|
|
|
}; |
105
|
|
|
|
|
|
|
|
106
|
17
|
|
|
|
|
86
|
my %param = @_; |
107
|
|
|
|
|
|
|
|
108
|
|
|
|
|
|
|
# Split the address and do some encodings |
109
|
17
|
|
|
|
|
81
|
my $obf_address = b($address)->xml_escape->split('@'); |
110
|
17
|
|
|
|
|
1197
|
my $account = $obf_address->first; |
111
|
|
|
|
|
|
|
|
112
|
17
|
|
|
|
|
199
|
my $host = join '@', @{$obf_address}[1 .. $obf_address->size - 1]; |
|
17
|
|
|
|
|
198
|
|
113
|
|
|
|
|
|
|
|
114
|
|
|
|
|
|
|
# Reget the pattern rotate (maybe) |
115
|
17
|
|
|
|
|
135
|
my $pattern_rotate = $plugin->pattern_rotate; |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
# Obfuscate address parts |
118
|
17
|
|
|
|
|
124
|
$host = $plugin->to_sequence( |
119
|
|
|
|
|
|
|
$host, |
120
|
|
|
|
|
|
|
$xor, |
121
|
|
|
|
|
|
|
$pattern_rotate |
122
|
|
|
|
|
|
|
); |
123
|
|
|
|
|
|
|
|
124
|
17
|
|
|
|
|
50
|
$account = $plugin->to_sequence( |
125
|
|
|
|
|
|
|
$account, |
126
|
|
|
|
|
|
|
$xor, |
127
|
|
|
|
|
|
|
$pattern_rotate |
128
|
|
|
|
|
|
|
); |
129
|
|
|
|
|
|
|
|
130
|
|
|
|
|
|
|
# Create Mojo::URL for path |
131
|
17
|
|
|
|
|
32
|
my ($url, $no_fallback); |
132
|
17
|
100
|
|
|
|
90
|
if ($routes->lookup('mailToChiffre')) { |
133
|
14
|
|
|
|
|
300
|
$url = $c->url_for('mailToChiffre', xor => $xor, host => $host); |
134
|
|
|
|
|
|
|
} |
135
|
|
|
|
|
|
|
else { |
136
|
3
|
|
|
|
|
86
|
$url = $c->url_for("/$xor/$host"); |
137
|
3
|
|
|
|
|
999
|
$no_fallback = 1; |
138
|
|
|
|
|
|
|
}; |
139
|
|
|
|
|
|
|
|
140
|
|
|
|
|
|
|
# Encrypt certain mail parameters |
141
|
17
|
|
|
|
|
7002
|
foreach (qw/to cc bcc/) { |
142
|
|
|
|
|
|
|
|
143
|
|
|
|
|
|
|
# No parameter |
144
|
51
|
100
|
|
|
|
126
|
next unless exists $param{$_}; |
145
|
|
|
|
|
|
|
|
146
|
|
|
|
|
|
|
# Parameter invalid |
147
|
10
|
100
|
|
|
|
32
|
unless ($param{$_}) { |
148
|
1
|
|
|
|
|
3
|
delete $param{$_}; |
149
|
1
|
|
|
|
|
2
|
next; |
150
|
|
|
|
|
|
|
}; |
151
|
|
|
|
|
|
|
|
152
|
|
|
|
|
|
|
# Array for this parameter |
153
|
9
|
100
|
|
|
|
28
|
if (ref $param{$_}) { |
154
|
3
|
|
|
|
|
6
|
my @temp; |
155
|
3
|
|
|
|
|
5
|
foreach (@{$param{$_}}) { |
|
3
|
|
|
|
|
8
|
|
156
|
4
|
50
|
|
|
|
20
|
push(@temp, $plugin->to_sequence($_, $xor, $pattern_rotate)) if $_; |
157
|
|
|
|
|
|
|
}; |
158
|
|
|
|
|
|
|
|
159
|
|
|
|
|
|
|
# Check if there are converted parameters |
160
|
3
|
100
|
|
|
|
11
|
if (@temp) { |
161
|
2
|
|
|
|
|
9
|
$param{$_} = \@temp; |
162
|
|
|
|
|
|
|
} |
163
|
|
|
|
|
|
|
# Remove parameter from list |
164
|
|
|
|
|
|
|
else { |
165
|
1
|
|
|
|
|
3
|
delete $param{$_}; |
166
|
|
|
|
|
|
|
}; |
167
|
|
|
|
|
|
|
} |
168
|
|
|
|
|
|
|
|
169
|
|
|
|
|
|
|
# Single value |
170
|
|
|
|
|
|
|
else { |
171
|
|
|
|
|
|
|
$param{$_} = $plugin->to_sequence( |
172
|
6
|
|
|
|
|
21
|
$param{$_}, |
173
|
|
|
|
|
|
|
$xor, |
174
|
|
|
|
|
|
|
$pattern_rotate |
175
|
|
|
|
|
|
|
); |
176
|
|
|
|
|
|
|
}; |
177
|
|
|
|
|
|
|
}; |
178
|
|
|
|
|
|
|
|
179
|
|
|
|
|
|
|
# Return path |
180
|
17
|
|
|
|
|
110
|
$url->query({sid => $account, %param}); |
181
|
|
|
|
|
|
|
|
182
|
|
|
|
|
|
|
# Create anchor link |
183
|
17
|
|
|
|
|
2072
|
my $str = qq!
|
184
|
|
|
|
|
|
|
|
185
|
|
|
|
|
|
|
# No fallback is established |
186
|
17
|
100
|
|
|
|
42
|
if ($no_fallback) { |
187
|
|
|
|
|
|
|
|
188
|
|
|
|
|
|
|
# Do not establish a URL at all |
189
|
3
|
100
|
|
|
|
10
|
if ($plugin->{no_inline}) { |
190
|
2
|
|
|
|
|
8
|
$str .= qq!href="#" data-href="$url" !; |
191
|
|
|
|
|
|
|
} |
192
|
|
|
|
|
|
|
|
193
|
|
|
|
|
|
|
# Use javascript fallback |
194
|
|
|
|
|
|
|
else { |
195
|
1
|
|
|
|
|
4
|
$str .= qq!href="javascript:$method_name(false,'$url')" !; |
196
|
|
|
|
|
|
|
}; |
197
|
|
|
|
|
|
|
} |
198
|
|
|
|
|
|
|
|
199
|
|
|
|
|
|
|
else { |
200
|
14
|
|
|
|
|
60
|
$str .= qq!href="$url" !; |
201
|
|
|
|
|
|
|
}; |
202
|
|
|
|
|
|
|
|
203
|
17
|
100
|
|
|
|
6786
|
if ($plugin->{no_inline}) { |
204
|
2
|
|
|
|
|
26
|
$str .= 'class="' . $method_name; |
205
|
|
|
|
|
|
|
} else { |
206
|
15
|
|
|
|
|
35
|
$str .= 'onclick="'; |
207
|
15
|
100
|
|
|
|
37
|
$str .= 'return true;' if $no_fallback; |
208
|
15
|
|
|
|
|
58
|
$str .= 'return ' . $method_name . '(this,false)'; |
209
|
|
|
|
|
|
|
}; |
210
|
|
|
|
|
|
|
|
211
|
|
|
|
|
|
|
# Obfuscate display string using css |
212
|
17
|
100
|
|
|
|
39
|
unless ($text) { |
213
|
16
|
|
|
|
|
83
|
my ($pre, @post) = split('@', reverse($address)); |
214
|
16
|
|
|
|
|
53
|
$str .= '">' . |
215
|
|
|
|
|
|
|
'' . b($pre)->xml_escape . '' . |
216
|
|
|
|
|
|
|
'' . b($xor)->split('')->reverse->join . '' . |
217
|
|
|
|
|
|
|
c(@post)->join->xml_escape; |
218
|
|
|
|
|
|
|
} |
219
|
|
|
|
|
|
|
else { |
220
|
1
|
50
|
|
|
|
5
|
unless ($plugin->{no_inline}) { |
221
|
0
|
|
|
|
|
0
|
$str .= ';' . int(rand(50)); |
222
|
|
|
|
|
|
|
}; |
223
|
1
|
|
|
|
|
4
|
$str .= '">' . $text->(); |
224
|
|
|
|
|
|
|
}; |
225
|
|
|
|
|
|
|
|
226
|
17
|
|
|
|
|
4252
|
$str .= ''; |
227
|
|
|
|
|
|
|
|
228
|
17
|
|
|
|
|
53
|
return b($str); |
229
|
|
|
|
|
|
|
} |
230
|
5
|
|
|
|
|
312
|
); |
231
|
|
|
|
|
|
|
|
232
|
|
|
|
|
|
|
# Create css code helper |
233
|
|
|
|
|
|
|
$app->helper( |
234
|
|
|
|
|
|
|
mail_to_chiffre_css => sub { |
235
|
6
|
100
|
|
6
|
|
2971
|
return $plugin->css if $plugin->css; |
236
|
4
|
|
|
|
|
20
|
my $css; |
237
|
4
|
100
|
|
|
|
13
|
if ($plugin->{no_inline}) { |
238
|
1
|
|
|
|
|
4
|
$css = qq!a.$method_name!; |
239
|
|
|
|
|
|
|
} else { |
240
|
3
|
|
|
|
|
13
|
$css = qq!a[onclick\$='return $method_name(this,false)']!; |
241
|
|
|
|
|
|
|
}; |
242
|
4
|
|
|
|
|
16
|
$css = $css . '{direction:rtl;unicode-bidi:bidi-override;text-align:left}'. |
243
|
|
|
|
|
|
|
$css . '>span:nth-child(1n+2){display:none}' . |
244
|
|
|
|
|
|
|
$css . '>span:nth-child(1):after{content:\'@\'}'; |
245
|
4
|
|
|
|
|
31
|
$plugin->css(b($css)); |
246
|
4
|
|
|
|
|
83
|
return $plugin->css; |
247
|
|
|
|
|
|
|
} |
248
|
5
|
|
|
|
|
401
|
); |
249
|
|
|
|
|
|
|
|
250
|
|
|
|
|
|
|
|
251
|
|
|
|
|
|
|
# Create javascript code helper |
252
|
|
|
|
|
|
|
$app->helper( |
253
|
|
|
|
|
|
|
mail_to_chiffre_js => sub { |
254
|
4
|
|
|
4
|
|
2534
|
my $c = shift; |
255
|
|
|
|
|
|
|
|
256
|
4
|
50
|
|
|
|
18
|
return $plugin->js if $plugin->js; |
257
|
|
|
|
|
|
|
|
258
|
|
|
|
|
|
|
# Replacement variables |
259
|
4
|
|
|
|
|
44
|
my $v = c(qw/o s u c p n t r g f a x e d q b l m k/)->shuffle; |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
# Template variables |
262
|
4
|
|
|
|
|
146
|
my ($i, %v) = (0); |
263
|
4
|
|
|
|
|
16
|
foreach (qw/obj seq url char pos num str regex string_obj |
264
|
|
|
|
|
|
|
from_char_code param_array temp to_seq |
265
|
|
|
|
|
|
|
path_array query padded str_len pow bool/) { |
266
|
76
|
|
|
|
|
157
|
$v{$_} = $v->[$i++]; |
267
|
|
|
|
|
|
|
}; |
268
|
|
|
|
|
|
|
|
269
|
|
|
|
|
|
|
# Obfuscate pattern rotate |
270
|
4
|
|
|
|
|
22
|
my $factor_pattern_rotate = _factorize($plugin->pattern_rotate, $v{pow}); |
271
|
|
|
|
|
|
|
|
272
|
|
|
|
|
|
|
# Create javascript code |
273
|
4
|
|
|
|
|
133
|
my $js = qq!function ${method_name}($v{obj},$v{bool}){ |
274
|
|
|
|
|
|
|
if($v{bool}){ |
275
|
|
|
|
|
|
|
$v{obj}=document.createElement('a');$v{obj}.href=$v{bool} |
276
|
|
|
|
|
|
|
} |
277
|
|
|
|
|
|
|
var $v{query}=$v{obj}.search,$v{regex}=RegExp,$v{from_char_code}=String.fromCharCode,$v{url}='il',$v{param_array}=[],$v{temp},$v{pow}=Math.pow; |
278
|
|
|
|
|
|
|
$v{path_array}=$v{obj}.pathname.match(/([^\\/]+)\\/([^\\/]+)\$/); |
279
|
|
|
|
|
|
|
$v{to_seq}=function($v{seq}){ |
280
|
|
|
|
|
|
|
var $v{pos}=0,$v{num},$v{str}='',$v{char}; |
281
|
|
|
|
|
|
|
while($v{pos}<$v{seq}.length){ |
282
|
|
|
|
|
|
|
$v{char}=$v{seq}.charAt($v{pos}++); |
283
|
|
|
|
|
|
|
if($v{char}.match(/[A-Za-z]/)){ |
284
|
|
|
|
|
|
|
$v{str}+=$v{from_char_code}(($v{char}<='Z'?90:122)>=($v{char}=$v{char}.charCodeAt(0)+13)?$v{char}:$v{char}-26) |
285
|
|
|
|
|
|
|
} |
286
|
|
|
|
|
|
|
else if($v{char}=='-'){ |
287
|
|
|
|
|
|
|
$v{num}=''; |
288
|
|
|
|
|
|
|
$v{char}=$v{seq}.charAt($v{pos}++); |
289
|
|
|
|
|
|
|
while($v{char}.match(/\\d/)){ |
290
|
|
|
|
|
|
|
$v{num}+=$v{char}; |
291
|
|
|
|
|
|
|
$v{char}=$v{seq}.charAt($v{pos}++) |
292
|
|
|
|
|
|
|
} |
293
|
|
|
|
|
|
|
$v{pos}--; |
294
|
|
|
|
|
|
|
$v{str}+=$v{from_char_code}(parseInt($v{num})) |
295
|
|
|
|
|
|
|
} |
296
|
|
|
|
|
|
|
else return |
297
|
|
|
|
|
|
|
} |
298
|
|
|
|
|
|
|
$v{str_len}=$v{str}.length; |
299
|
|
|
|
|
|
|
$v{padded}=Math.abs(${factor_pattern_rotate}%$v{str_len}-$v{str_len}); |
300
|
|
|
|
|
|
|
$v{str}=$v{str}.substr($v{padded})+$v{str}.substr(0,$v{padded}); |
301
|
|
|
|
|
|
|
$v{temp}=''; |
302
|
|
|
|
|
|
|
for(i=0;i<$v{str_len};i++){ |
303
|
|
|
|
|
|
|
$v{temp}+=$v{from_char_code}($v{str}.charCodeAt(i)^$v{path_array}\[1\].charCodeAt($v{path_array}\[1\].length%(i+1))) |
304
|
|
|
|
|
|
|
} |
305
|
|
|
|
|
|
|
return $v{temp} |
306
|
|
|
|
|
|
|
}; |
307
|
|
|
|
|
|
|
while($v{query}){ |
308
|
|
|
|
|
|
|
$v{query}=$v{query}.replace(/^[\\?\\&]([^\\&]+)/,''); |
309
|
|
|
|
|
|
|
$v{temp}=$v{regex}.\$1; |
310
|
|
|
|
|
|
|
if($v{temp}.match(/^(sid|b?cc|to)=(.+)\$/)){ |
311
|
|
|
|
|
|
|
if($v{regex}.\$1=='sid') |
312
|
|
|
|
|
|
|
$v{param_array}.push('to='+$v{to_seq}($v{regex}.\$2)+'\@'+$v{to_seq}($v{path_array}\[2\])); |
313
|
|
|
|
|
|
|
else $v{param_array}.push($v{regex}.\$1+'='+$v{to_seq}($v{regex}.\$2)); |
314
|
|
|
|
|
|
|
}else $v{param_array}.push($v{temp}.replace(/\\+/g,' ')) |
315
|
|
|
|
|
|
|
} |
316
|
|
|
|
|
|
|
location.href='ma'+$v{url}+'to:?'+$v{param_array}.join('&'); |
317
|
|
|
|
|
|
|
return false |
318
|
|
|
|
|
|
|
}!; |
319
|
|
|
|
|
|
|
# csp compliant variant |
320
|
4
|
100
|
|
|
|
15
|
if ($plugin->{no_inline}) { |
321
|
1
|
|
|
|
|
5
|
$js .= qq! |
322
|
|
|
|
|
|
|
;document.addEventListener("DOMContentLoaded", |
323
|
|
|
|
|
|
|
function(){ |
324
|
|
|
|
|
|
|
document.querySelectorAll(".${method_name}").forEach( |
325
|
|
|
|
|
|
|
i=>i.addEventListener( |
326
|
|
|
|
|
|
|
"click",function(e){ |
327
|
|
|
|
|
|
|
e.preventDefault(); |
328
|
|
|
|
|
|
|
${method_name}(false,this.href=='#'?this.getAttribute('data-href'):this.href) |
329
|
|
|
|
|
|
|
} |
330
|
|
|
|
|
|
|
) |
331
|
|
|
|
|
|
|
) |
332
|
|
|
|
|
|
|
} |
333
|
|
|
|
|
|
|
)!; |
334
|
|
|
|
|
|
|
}; |
335
|
|
|
|
|
|
|
|
336
|
4
|
|
|
|
|
157
|
$js =~ s/\s*\n\s*//g; |
337
|
4
|
|
|
|
|
25
|
$plugin->js(b($js)); |
338
|
4
|
|
|
|
|
61
|
return $plugin->js; |
339
|
|
|
|
|
|
|
} |
340
|
5
|
|
|
|
|
339
|
); |
341
|
|
|
|
|
|
|
}; |
342
|
|
|
|
|
|
|
|
343
|
|
|
|
|
|
|
|
344
|
|
|
|
|
|
|
sub _chiffre_to_mail { |
345
|
12
|
|
|
12
|
|
45
|
my ($plugin, $c) = @_; |
346
|
12
|
|
|
|
|
49
|
my $xor = $c->stash('xor'); |
347
|
12
|
|
|
|
|
141
|
my $p = $c->req->url->query; |
348
|
|
|
|
|
|
|
|
349
|
|
|
|
|
|
|
# Set header for searc engines |
350
|
12
|
|
|
|
|
248
|
$c->res->headers->header('X-Robots-Tag' => 'noindex,nofollow'); |
351
|
|
|
|
|
|
|
|
352
|
|
|
|
|
|
|
# Deobfuscate host |
353
|
12
|
|
|
|
|
579
|
my $host = $plugin->to_string( |
354
|
|
|
|
|
|
|
$c->stash('host'), |
355
|
|
|
|
|
|
|
$xor, |
356
|
|
|
|
|
|
|
$plugin->pattern_rotate |
357
|
|
|
|
|
|
|
); |
358
|
|
|
|
|
|
|
|
359
|
|
|
|
|
|
|
# Deobfuscate account |
360
|
12
|
|
|
|
|
45
|
my $account = $plugin->to_string( |
361
|
|
|
|
|
|
|
scalar $p->param('sid'), |
362
|
|
|
|
|
|
|
$xor, |
363
|
|
|
|
|
|
|
$plugin->pattern_rotate |
364
|
|
|
|
|
|
|
); |
365
|
12
|
|
|
|
|
51
|
$p->remove('sid'); |
366
|
|
|
|
|
|
|
|
367
|
|
|
|
|
|
|
# Something went wrong |
368
|
12
|
50
|
33
|
|
|
300
|
unless ($host && $account) { |
369
|
0
|
|
|
|
|
0
|
$c->app->log->warn('Path doesn\'t contain a valid email address'); |
370
|
0
|
|
|
|
|
0
|
return; |
371
|
|
|
|
|
|
|
}; |
372
|
|
|
|
|
|
|
|
373
|
|
|
|
|
|
|
# Create url |
374
|
12
|
|
|
|
|
48
|
my $url = Mojo::URL->new; |
375
|
12
|
|
|
|
|
127
|
$url->scheme('mailto'); |
376
|
12
|
|
|
|
|
108
|
$url->path($account . '@' . $host); |
377
|
|
|
|
|
|
|
|
378
|
|
|
|
|
|
|
# Deobfuscate further address parameters |
379
|
12
|
|
|
|
|
2190
|
foreach my $type (qw/to cc bcc/) { |
380
|
36
|
100
|
|
|
|
431
|
if (my @val = @{$p->every_param($type)}) { |
|
36
|
|
|
|
|
83
|
|
381
|
|
|
|
|
|
|
|
382
|
|
|
|
|
|
|
# Delete obfuscated parameters |
383
|
8
|
|
|
|
|
155
|
$p->remove($type); |
384
|
|
|
|
|
|
|
|
385
|
|
|
|
|
|
|
# Append new deobfuscated parameters |
386
|
|
|
|
|
|
|
$p->append($type => [map { |
387
|
8
|
|
|
|
|
109
|
$plugin->to_string( |
|
10
|
|
|
|
|
30
|
|
388
|
|
|
|
|
|
|
$_, |
389
|
|
|
|
|
|
|
$xor, |
390
|
|
|
|
|
|
|
$plugin->pattern_rotate |
391
|
|
|
|
|
|
|
) |
392
|
|
|
|
|
|
|
} @val]); |
393
|
|
|
|
|
|
|
}; |
394
|
|
|
|
|
|
|
}; |
395
|
|
|
|
|
|
|
|
396
|
12
|
|
|
|
|
195
|
$url->query->append($p); |
397
|
|
|
|
|
|
|
|
398
|
|
|
|
|
|
|
# Store the deobfuscated mail in the stash |
399
|
12
|
|
|
|
|
454
|
$c->stash(mail_to_chiffre => $url); |
400
|
|
|
|
|
|
|
|
401
|
12
|
|
|
|
|
225
|
return 1; |
402
|
|
|
|
|
|
|
}; |
403
|
|
|
|
|
|
|
|
404
|
|
|
|
|
|
|
|
405
|
|
|
|
|
|
|
# Simple string based xor function with looping key |
406
|
|
|
|
|
|
|
sub _xor { |
407
|
78
|
|
|
78
|
|
169
|
my $str = ''; |
408
|
78
|
|
|
|
|
229
|
for (my $i = 0; $i < length($_[0]); $i++) { |
409
|
894
|
|
|
|
|
2389
|
$str .= substr($_[0], $i, 1) ^ substr($_[1], length($_[1]) % ($i + 1), 1); |
410
|
|
|
|
|
|
|
}; |
411
|
78
|
|
|
|
|
343
|
return $str; |
412
|
|
|
|
|
|
|
}; |
413
|
|
|
|
|
|
|
|
414
|
|
|
|
|
|
|
|
415
|
|
|
|
|
|
|
# Rotate with pattern |
416
|
|
|
|
|
|
|
sub _rotate { |
417
|
44
|
|
|
44
|
|
85
|
my $p = $_[1] % length($_[0]); |
418
|
44
|
|
|
|
|
131
|
substr($_[0], $p) . substr($_[0], 0, $p) |
419
|
|
|
|
|
|
|
}; |
420
|
|
|
|
|
|
|
|
421
|
|
|
|
|
|
|
|
422
|
|
|
|
|
|
|
# Unrotate with pattern_rotate |
423
|
|
|
|
|
|
|
sub _unrotate { |
424
|
34
|
|
|
34
|
|
91
|
my $p = abs($_[1] % length($_[0]) - length($_[0])); |
425
|
34
|
|
|
|
|
114
|
substr($_[0], $p) . substr($_[0], 0, $p); |
426
|
|
|
|
|
|
|
}; |
427
|
|
|
|
|
|
|
|
428
|
|
|
|
|
|
|
|
429
|
|
|
|
|
|
|
# Obfuscate the pattern shift a little bit |
430
|
|
|
|
|
|
|
# by simple prime factorization |
431
|
|
|
|
|
|
|
sub _factorize { |
432
|
4
|
|
|
4
|
|
25
|
my $x = shift; |
433
|
4
|
|
|
|
|
25
|
my %factors; |
434
|
4
|
|
|
|
|
27
|
foreach (qw/2 3 5 7/) { |
435
|
16
|
|
|
|
|
40
|
while (!($x % $_)) { |
436
|
10
|
|
|
|
|
22
|
$factors{$_}++; |
437
|
10
|
|
|
|
|
24
|
$x = $x / $_; |
438
|
|
|
|
|
|
|
}; |
439
|
|
|
|
|
|
|
}; |
440
|
4
|
|
|
|
|
9
|
my @factors; |
441
|
4
|
|
|
|
|
14
|
foreach (keys %factors) { |
442
|
4
|
50
|
|
|
|
14
|
if ($factors{$_} > 1) { |
443
|
4
|
|
|
|
|
23
|
push(@factors, $_[0] . '(' . $_ . ',' . $factors{$_} . ')'); |
444
|
|
|
|
|
|
|
} |
445
|
|
|
|
|
|
|
else { |
446
|
0
|
|
|
|
|
0
|
push(@factors, $_); |
447
|
|
|
|
|
|
|
}; |
448
|
|
|
|
|
|
|
}; |
449
|
4
|
50
|
|
|
|
16
|
push(@factors, $x) unless $x == 1; |
450
|
4
|
|
|
|
|
17
|
return join('*', @factors); |
451
|
|
|
|
|
|
|
}; |
452
|
|
|
|
|
|
|
|
453
|
|
|
|
|
|
|
|
454
|
|
|
|
|
|
|
# Serialize to string |
455
|
|
|
|
|
|
|
sub to_string { |
456
|
34
|
|
|
34
|
0
|
1921
|
shift; |
457
|
34
|
50
|
|
|
|
97
|
my $seq = shift or return; |
458
|
34
|
|
|
|
|
97
|
my ($xor, $p) = @_; |
459
|
|
|
|
|
|
|
|
460
|
34
|
|
|
|
|
65
|
my ($str, $c, $num); |
461
|
34
|
|
|
|
|
56
|
my $pos = 0; |
462
|
|
|
|
|
|
|
|
463
|
34
|
|
|
|
|
74
|
my $length = length $seq; |
464
|
|
|
|
|
|
|
|
465
|
|
|
|
|
|
|
# parse sequence |
466
|
34
|
|
|
|
|
81
|
while ($pos < $length) { |
467
|
392
|
|
|
|
|
667
|
$c = substr($seq, $pos++, 1); |
468
|
|
|
|
|
|
|
|
469
|
|
|
|
|
|
|
# Parse alphabetical character (ROT13) |
470
|
392
|
100
|
|
|
|
786
|
if ($c =~ tr/n-za-mN-ZA-M/a-zA-Z/) { |
|
|
50
|
|
|
|
|
|
471
|
17
|
|
|
|
|
32
|
$str .= $c; |
472
|
|
|
|
|
|
|
} |
473
|
|
|
|
|
|
|
|
474
|
|
|
|
|
|
|
# Parse number |
475
|
|
|
|
|
|
|
elsif ($c eq '-') { |
476
|
375
|
|
|
|
|
498
|
$num = ''; |
477
|
375
|
|
|
|
|
522
|
$c = substr($seq, $pos++, 1); |
478
|
|
|
|
|
|
|
|
479
|
|
|
|
|
|
|
# Collect number segments |
480
|
375
|
|
|
|
|
896
|
while ($c =~ /[0-9]/) { |
481
|
690
|
|
|
|
|
978
|
$num .= $c; |
482
|
690
|
|
|
|
|
1591
|
$c = substr($seq, $pos++, 1); |
483
|
|
|
|
|
|
|
}; |
484
|
|
|
|
|
|
|
|
485
|
375
|
|
|
|
|
489
|
$pos--; |
486
|
375
|
|
|
|
|
883
|
$str .= chr($num); |
487
|
|
|
|
|
|
|
} |
488
|
|
|
|
|
|
|
|
489
|
|
|
|
|
|
|
# Error |
490
|
|
|
|
|
|
|
else { |
491
|
0
|
|
|
|
|
0
|
return; |
492
|
|
|
|
|
|
|
}; |
493
|
|
|
|
|
|
|
}; |
494
|
34
|
|
|
|
|
86
|
return _xor(_unrotate($str, $p), $xor); |
495
|
|
|
|
|
|
|
}; |
496
|
|
|
|
|
|
|
|
497
|
|
|
|
|
|
|
|
498
|
|
|
|
|
|
|
# Serialize to sequence |
499
|
|
|
|
|
|
|
sub to_sequence { |
500
|
44
|
|
|
44
|
0
|
69
|
shift; |
501
|
44
|
|
|
|
|
107
|
my ($s, $k, $p) = @_; |
502
|
|
|
|
|
|
|
|
503
|
|
|
|
|
|
|
# _xor is not allowed to be null |
504
|
44
|
|
|
|
|
103
|
my $src = _rotate(_xor($s, $k), $p); |
505
|
44
|
|
|
|
|
82
|
my $str; |
506
|
|
|
|
|
|
|
|
507
|
|
|
|
|
|
|
# Parse string |
508
|
44
|
|
|
|
|
166
|
foreach my $c (split('', $src)) { |
509
|
|
|
|
|
|
|
|
510
|
|
|
|
|
|
|
# Change alphabetical character (ROT13) |
511
|
502
|
100
|
|
|
|
893
|
if ($c =~ /[a-zA-Z]/) { |
512
|
22
|
|
|
|
|
56
|
$c =~ tr/a-zA-Z/n-za-mN-ZA-M/; |
513
|
22
|
|
|
|
|
46
|
$str .= $c; |
514
|
|
|
|
|
|
|
} |
515
|
|
|
|
|
|
|
|
516
|
|
|
|
|
|
|
# Add numerical value |
517
|
|
|
|
|
|
|
else { |
518
|
480
|
|
|
|
|
783
|
$str .= '-' . ord($c); |
519
|
|
|
|
|
|
|
}; |
520
|
|
|
|
|
|
|
}; |
521
|
|
|
|
|
|
|
|
522
|
44
|
|
|
|
|
126
|
return $str; |
523
|
|
|
|
|
|
|
}; |
524
|
|
|
|
|
|
|
|
525
|
|
|
|
|
|
|
|
526
|
|
|
|
|
|
|
1; |
527
|
|
|
|
|
|
|
|
528
|
|
|
|
|
|
|
|
529
|
|
|
|
|
|
|
__END__ |