Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts

    Link encryption emergency

    We encrypt our query string link using the following function:

    function encrypt_QS($encrypt) {
    global $QSKey;
    $key = $QSKey;
    srand((double) microtime() * 1000000); //for sake of MCRYPT_RAND
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
    MCRYPT_MODE_ECB), MCRYPT_RAND);
    $passcrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $encrypt,
    MCRYPT_MODE_ECB, $iv);
    $encode = base64_encode($passcrypt);
    return $encode;
    }


    Everything worked fine until I checked our stats yesturday and errors were popping all over the place...mostly on posting pages. The only thing I could figure out is that all bad links used a space code in them as shown below:

    bad link:

    index.php?1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20ZqmriSSA==


    good link:

    index.php?1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFQfLWHEnna02JjXbVEWG/0DTHW2mveJ0t6eZzQRCd4M2A==


    It uses a base64 encoding, I didn't think base64 allowed the space characters since it can be used with images. Also I havn't been able to reproduce the errors in normal test runs...what could be causing it and how do I fix it?

    Site is down till I can get this portion fixed.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,028
    Thanks
    2
    Thanked 315 Times in 307 Posts
    AFAIK, php uses a + and a / as the 63rd, and 64th characters for base64 encoding. both of these cannot directly appear as data in a url. a + in a url will be converted to a space (%20) by some/all browsers. however, if you are using php to receive this data, $_GET should convert it back to a +.

    when you are building your url, you should apply urlencode() to that base64 encoded value before outputting it as part of the url.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    I do have links that use / and still work and some use + and still work so what would the %20 actually represent?
    There is a decode function as well, so I can just send the string into it for decoding. But the data is corrupted from where the %20 begins.


    function decrypt_QS($decrypt) {
    global $QSKey;
    $key = $QSKey;
    $decoded = base64_decode($decrypt);
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256,
    MCRYPT_MODE_ECB), MCRYPT_RAND);
    $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded,
    MCRYPT_MODE_ECB, $iv);
    return $decrypted;
    }


    So where would I use the urlencode()?
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #4
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,028
    Thanks
    2
    Thanked 315 Times in 307 Posts
    Exactly at what point is the error occurring and what is the exact error? Even with some url rewriting, the %20 should end up back at a + if php is processing this through a $_GET variable.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #5
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    Bad link:
    1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20ZqmriSSA==

    Produces this in my decoder:

    Array ( [a] => 1 [b] => 5 [c] => 0 [d] => %‚òˆõŠ^£€¯A“YK”h–/ ®*̑ÁÒ )


    Error:
    Warning: mysql_fetch_assoc() expects parameter 1 to be resource...

    because the space chaacter was added...I tested by entering it into an form element and replacing the space characters with an actual space and recieved the same result.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #6
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    I guess I just need to find a way to catch it and reroute the visitor huh?

    It couldn't be a browser specific problem if php generated the link could it?
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #7
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,028
    Thanks
    2
    Thanked 315 Times in 307 Posts
    I just played with this in FF, either a + or a %20 in the link results in a space when the link is received. since the base64 encoded value had a +, not a space, you need to replace any space with a + before you process the data.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #8
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    That worked in my decoder...so it's a browser specific problem!!
    Thanks for all the help! Will see if I can get it to replace it.

    Made the changes and it works great!! The site's back up!
    Thanks a lot CFMaBiSmAd!!
    Last edited by c1lonewolf; 07-25-2013 at 06:58 PM.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #9
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    In my NS8 with:
    FF plugin no link gen problems with +
    IE plugin no problems with +
    IE7: no problems

    What FF version were you using?
    Is there way I could test it in all broswers or most?
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #10
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,028
    Thanks
    2
    Thanked 315 Times in 307 Posts
    I'm using v22.0 of FF.

    The issue is that a either a + or %20 is used as the url-encoding for a space (a space is not a valid character permitted in a url.) The + or %20 in a url is url-decoded by php and becomes a space in the data presented to the php script. You were outputting a + from your script as part of the base64 encoded data. Something along the way converted it to the %20 you were receiving (I assume you retrieved this information from the web server access log or you were specifically logging failures.) It could have been the browsers, the web server, or some url rewriting (the index.php?1yokRGfVAIZlm.... examples indicate you are probably doing some type of url rewriting to get the data into a php script.)
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #11
    Senior Coder
    Join Date
    Sep 2010
    Posts
    1,929
    Thanks
    15
    Thanked 229 Times in 229 Posts
    I have a question for c1lonewolf, is this the way that the URL looks for your search?

    index.php?1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20ZqmriSSA ==

    Because that's not the usual way I see it for GET. It would be like this.

    index.php?search=1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20Z qmriSSA
    Welcome to http://www.myphotowizard.net

    where you can edit images, make a photo calendar, add text to images, and do much more.


    When you know what you're doing it's called Engineering, when you don't know, it's called Research and Development. And you can always charge more for Research and Development.

  • #12
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    @DrDOS
    I havn't implemented a search option yet. Currently it's just the main elements required for our system.
    Check out BrokenEquipment.com everything you see is handled through that encrypted link.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #13
    Senior Coder
    Join Date
    Sep 2010
    Posts
    1,929
    Thanks
    15
    Thanked 229 Times in 229 Posts
    I'm very curious about this form of linking.

    index.php?1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFQfLWHEnna02JjXbVEWG/0DTHW2mveJ0t6eZzQRCd4M2A==

    Who invented it, and why?

    Base_64 and escape/unescape aren't really for the purpose of encryption, and they do a very poor job for that purpose. They're for formatting data so that it can be passed efficiently along the web. So I'd like to know who can up with this, and what they thought it would do for them. I haven't looked into m_crypt yet.
    Welcome to http://www.myphotowizard.net

    where you can edit images, make a photo calendar, add text to images, and do much more.


    When you know what you're doing it's called Engineering, when you don't know, it's called Research and Development. And you can always charge more for Research and Development.

  • #14
    Regular Coder
    Join Date
    Sep 2002
    Posts
    454
    Thanks
    0
    Thanked 20 Times in 20 Posts
    Hey Doc, not sure who invented it. I did a search for link encryption and found the functions, but the page never said how it was supposed to be used. It's only example code was

    $query = encrypt_QS($_SERVER['QUERY_STRING']);
    $query = decrypt_QS($query);

    so that's what I did...plus I renamed the functions. Your way of doing it could be what they meant.

    index.php?search=1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20Z qmriSSA
    Last edited by c1lonewolf; 07-28-2013 at 09:03 PM.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #15
    Senior Coder
    Join Date
    Sep 2010
    Posts
    1,929
    Thanks
    15
    Thanked 229 Times in 229 Posts
    Quote Originally Posted by c1lonewolf View Post
    Hey Doc, not sure who invented it. I did a search for link encryption and found the functions, but the page never said how it was supposed to be used. It's only example code was

    $query = encrypt_QS($_SERVER['QUERY_STRING']);
    $query = decrypt_QS($query);

    so that's what I did...plus I renamed the functions. Your way of doing it could be what they meant.

    index.php?search=1yokRGfVAIZlmuBdiXajig3K8yDEkdaNiRtY2PLZeFSN3hqcvkQwFW0%20q2Qy03K3zYw4RpTgMOEz5%20Z qmriSSA
    I saw someone else here using that form of link. I think whoever wrote it sort of overdid things, and on top of that most of the code is general knowledge, so I don't think it provides real security, but it might be difficult enough to hack that people won't bother. I'm curious as to why you need to obscure the links like that? One reason I'm curious about this is I've been writing an encryption engine using php, and it works quite well. You use a 'key', a text that can be used to encipher and decipher the message. You can send 256kb texts very easily and safely, even page markup doesn't phase it. And it can generate keys of up to 256kb.
    Welcome to http://www.myphotowizard.net

    where you can edit images, make a photo calendar, add text to images, and do much more.


    When you know what you're doing it's called Engineering, when you don't know, it's called Research and Development. And you can always charge more for Research and Development.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •