Short Version:
Anybody got a good quick clean hack to "crack" Hive Logic Enkoder?

CC me off-list on this one, please.


Long Version:
So this guy I'm working for has 55,000 web pages he built by hand, and
I need to scrape them into a database, to ***imilate them into the new
system where all the new documents are db-driven.

In some of these documents, he used the Hive Logic Enkoder online to
create that gnarly JavaScript to obfuscate emails, and pasted it into
hist documents.
[And in some cases back in 2000 he didn't, which is one of the reasons
for importing and re-publishing all these documents, so we can control
email exposure much better.]

So what I need is a Hive Logic Dekoder.

I've found phpjs, which seemed like a winner, but it choked on my
first sample. :-(

I've found J4P5 (Javascript 4 (for) PHP 5) which requires PHP 5,
which, for complex reasons not relevant here, we're not using (yet).
If I absolutely HAVE to, I can probably convince gentoo to install PHP
5 CLI next to PHP 4, and run it via exec() from PHP4, just for this
one task. Sounds pretty cumbersome, and I like to K.I.S.S.

Plus, it took me a week to figure out how to trick Gentoo into giving
me pcntl in PHP 4 CLI and not in APXS, and to have both installed at
the same time. So getting PHP 5 without it ***uming I'm trying to
upgrade and remove PHP 4 would probably take another week or two, just
to install. :-(

J4P5 references MetaPHP, which looks really nifty, but I don't want to
write my own PHP4-based JS interpreter in MetaPHP, as I'm a)
unqualified and b) under time constraints that make that *WAY* out of
scope.

I could, in theory, run Windows plus a COM object to fire up IE and
possibly hook into the DOM to get the result of the JS, as I have a
testing framework I hacked from a php|arch article that does that...
Except I'm not using Windows here, so I'd have to re-do the whole
thing with, errr, whatever is the moral equivalent...

I suppose I could attempt (again) to use Perl [shudder] and get that
Package thingie I've heard of that lets Perl execute JS, and then
exec() Perl to execute the JS, but that sounds awfully cumbersome, and
I'm a K.I.S.S. kind of guy.

At this point, I've got several unattractive options, and am hoping
somebody who has been down this road can help me eliminate some of
them, or, in an ideal world, point me to the perfect solution I've
managed to miss.

CC me on this one, please.

TIA!

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

Maybe you want to give an example of what you have, and what it should be
after decoding.
I have no idea what Hive Logic Enkoder exactly does, but somebody might give
you a help on how to decode.

Tijnema


On 3/9/07, Richard Lynch <EMAIL REMOVED> wrote:
>
> Short Version:
> Anybody got a good quick clean hack to "crack" Hive Logic Enkoder?
>
> CC me off-list on this one, please.
>
>
> Long Version:
> So this guy I'm working for has 55,000 web pages he built by hand, and
> I need to scrape them into a database, to ***imilate them into the new
> system where all the new documents are db-driven.
>
> In some of these documents, he used the Hive Logic Enkoder online to
> create that gnarly JavaScript to obfuscate emails, and pasted it into
> hist documents.
> [And in some cases back in 2000 he didn't, which is one of the reasons
> for importing and re-publishing all these documents, so we can control
> email exposure much better.]
>
> So what I need is a Hive Logic Dekoder.
>
> I've found phpjs, which seemed like a winner, but it choked on my
> first sample. :-(
>
> I've found J4P5 (Javascript 4 (for) PHP 5) which requires PHP 5,
> which, for complex reasons not relevant here, we're not using (yet).
> If I absolutely HAVE to, I can probably convince gentoo to install PHP
> 5 CLI next to PHP 4, and run it via exec() from PHP4, just for this
> one task. Sounds pretty cumbersome, and I like to K.I.S.S.
>
> Plus, it took me a week to figure out how to trick Gentoo into giving
> me pcntl in PHP 4 CLI and not in APXS, and to have both installed at
> the same time. So getting PHP 5 without it ***uming I'm trying to
> upgrade and remove PHP 4 would probably take another week or two, just
> to install. :-(
>
> J4P5 references MetaPHP, which looks really nifty, but I don't want to
> write my own PHP4-based JS interpreter in MetaPHP, as I'm a)
> unqualified and b) under time constraints that make that *WAY* out of
> scope.
>
> I could, in theory, run Windows plus a COM object to fire up IE and
> possibly hook into the DOM to get the result of the JS, as I have a
> testing framework I hacked from a php|arch article that does that...
> Except I'm not using Windows here, so I'd have to re-do the whole
> thing with, errr, whatever is the moral equivalent...
>
> I suppose I could attempt (again) to use Perl [shudder] and get that
> Package thingie I've heard of that lets Perl execute JS, and then
> exec() Perl to execute the JS, but that sounds awfully cumbersome, and
> I'm a K.I.S.S. kind of guy.
>
> At this point, I've got several unattractive options, and am hoping
> somebody who has been down this road can help me eliminate some of
> them, or, in an ideal world, point me to the perfect solution I've
> managed to miss.
>
> CC me on this one, please.
>
> TIA!
>
> --
> Some people have a "gift" link here.
> Know what I want?
> I want you to buy a CD from some starving artist.
> http://cdbaby.com/browse/from/lynch
> Yeah, I get a buck. So?
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

On Fri, March 9, 2007 5:07 pm, Richard Lynch wrote:
> Short Version:
> Anybody got a good quick clean hack to "crack" Hive Logic Enkoder?
>
> CC me off-list on this one, please.

Somebody posted that they had no idea what Hive Logic is.

It is an email obfuscator which is generated with random permutations
of various string manipulation to print out an email in JS, but to
have the JS so much like alphabet soup that it defies simple
reverse-engineering.

So I need a JS interpreter of some kind to "run" the script and print
out the email.

So far, my attempts to try the Perl -> CPAN -> JavaScript route have
failed on "install Bundle::CPAN" with error messages WAY beyond my
ken.

I'd much rather find a JS interpreter I can bundle into PHP...

Anybody?

Here is an example of what I'm trying to "crack":
http://www.complaints.com/january200...anuary24.4.htm

the email address link comes from this JS:

<script type="text/javascript">
/* <![CDATA[ */
function hivelogic_enkoder(){var kode=
"kode=\"oked\\\"=')('injo).e(rsvere).''t(lispe.od= kdeko\\\\;k\\\"do=e\\\"\\"+
"\\\\\\\\\\kode\\\\\\\\\\\\\\\\\\\"\\\\\\\\\\\\)=\ \\\;\\\\\\\\\\\\\\\\\\\\"+
"\\\"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\a\\\\<>e/urnmCs\\\\o\\\\\\\\\\\\\\\\\\"+
"\\\\\\>\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\"\\\\\\\\\\"+
"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\\\\\\\\\\"+
"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"\\\\\ \\\\\\\\\\\=\\\\\\\\\\\\"+
"\\\\\\\\\\\\l\\\\ie
t\\\\t\\\\\\\\\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\\\\\\ \\\\"+
"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\\\\\\\\o"+
"\\\\.mrcpre.1le@zohl:etcioml\\\\a\\\\\\\\\\\\\\\\ \\\\\\\"\\\\\\\\\\\\\\\\"+
"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\\\\\\\\\\\\\\\"+
"\\\\\\f\\\\r=
e<h\\\\a\\\\\\\\\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\\\\ \\\\\\\\\\"+
"\\\\e\\\\i(wttre.unom\\\\c\\\\\\\\\\\\\\\\\\\\\\\ "d\\\\;kode=kode.split(''"+
").reverse().join(''\\\\)\\\\\\\";\\\\=x''f;roi(0= i;(<okedl.netg-h)1i;=+)2x"+
"{=+okedc.ahAr(t+i)1k+do.ehcratAi(})okedx=(+<ioked l.netg?hokedc.ahAr(tokedl"+
".netg-h)1''\\\\;=\\\"deko;\\\"okedk=do.epsil(t''.)erev sr(e.)ojni'()'\";x"+
"='';for(i=0;i<(kode.length-1);i+=2){x+=kode.charAt(i+1)+kode.charAt(i)}kod"+
"e=x+(i<kode.length?kode.charAt(kode.length-1):'');"
;var i,c,x;while(eval(kode));}hivelogic_enkoder();
/* ]]> */

</script>

I need to restore the email, put it into the DB, and make it
impossible for the spammers who DO have Perl::CPAN::JavaScript
installed to be web-scraping this guy's email anymore.

There are 55,000+ of these documents, some of which have obfuscated
emails. Some of which don't. :-(

All were created "by hand" in DreamWeaver.

I need to get them all into a DB, with the email intact.

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

On Fri, March 9, 2007 5:07 pm, Richard Lynch wrote:
> Short Version:
> Anybody got a good quick clean hack to "crack" Hive Logic Enkoder?

First, thanks for all the leads and ideas and pointers on this!

The short version solution is:
Get Spidermonkey.


Long version:

After dinking around for a couple weeks with:

phpjs - failed to parse the first test input
Perl::JavaScript - failed to install *
j4p5 - N/A I'm running PHP 4, for various reasons
njs (f.k.a. ngs) - syntax errors on test inputs

I *finally* found references to "spidermonkey"

Spidermonkey is the exact same JS interpreter that is embedded in
Mozilla-based browsers (Firefox, Netscape, Mozilla, etc)

It is released as a stand-alone body of code by Mozilla.

It's even in the Gentoo ports-like system, so I can get updates easily.

And I figure that if the JS isn't going to work in Spidermonkey, it's
not going to work in Firefox/Netscape/Mozilla, so they'd have to be a
pretty stupid IE-only site I wouldn't care about anyway, right? :-)

And, best of all, Spidermonkey just works, out of the box.

Well, okay, technically not "out of the box" as it complained about
'document' not being an object when I p***ed in my JS obfuscasted
email.

So I tried this:

var document = new Document;
[insert JS obfuscated email junk here.]

but that puked on a non-existent 'Document' cl***.

Then I tried:

var document = new Object;
[insert JS obfuscated email junk here.]

That got me to a new error message (progress!) about object method
'write' not being defined.

Next try:

var document = new Object;
document.write = print;
[insert JS obfuscated email junk here.]

And, voila, I am now web-scraping JS obfuscated emails as well as the
spammers who we want to stop from doing that, by getting the emails
back server-side, and providing throttled sender-blind form-mail
instead.

Our old business process managed to "lose" these email addresses and I
had only the JS obfuscated content to work with.

I can soon turn on the crank and web-scrape 55,000 JS obfuscated
emails overnight.

Whoo hooo!

I presume the really good (as in competent, not moral) spammers figure
all this out in even less time than I did. :-v

Notes to all web developers:
JS obfuscated emails will not stop the really determined developer.
Any obfuscation at all will stop the moronic (most) spammers.
Paying for a JS obfuscator is probably not a good investment.
Spidermonkey rocks.

YMMV
NAIAA
IANAL

* Actually, first Bundle::CPAN itself failed to install repeatedly,
with maddening messages about Zlib and something about a non-C version
of Utils::Scaler, then I uninstalled/re-installed Utils::Scaler, then
I got to where CPAN was up-to-date, but JavaScript extension never did
manage to install, and I just plain gave up on Perl. Again. For the
umpteenth time. Here is the kind of crap I simply will not put up
with:
http://l-i-e.com/perl.log
http://l-i-e.com/perl2.log

But huge thanks to Andy Lester (Chicago Perl guru) for helping me to
at least get CPAN installed.

--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?