STiNE-filetransfer.exe
Version vom 25. September 2008, 03:23 Uhr von Blackmole (Diskussion | Beiträge) (Großes N sowie kleines j vergessen und nun ergänzt)
Die Dokumente unter dem Menüpunkt "Meine Dokumente" werden von der filetransfer.exe (https://www.stine.uni-hamburg.de/scripts/filetransfer.exe) ausgeliefert.
Aufbau der verschleierten URL
/scripts/filetransfer.exe?[lange hexzeichenkette]
Aufbau der Klartext-URL
mode=download&installdir=./&session=[Session-ID 15N]&fnsrc=f[15N (bei mir alle 15N, evt. auch mehr/weniger)].cache&fndest=[Auslieferungsdateiname]&subdir=temp
Beispiel einer gültigen URL:
mode=download&installdir=./&session=333095970339915&fnsrc=f332804257938329.cache&fndest=OnlineBeitragsbescheid.pdf&subdir=temp
Aufbau der Hexzeichenkette
Es wird ein einfaches Substitutionsverfahren verwendet. Jedes Zeichen wird durch einen vierstelligen Hexcode ersetzt. Eventuell ist hier noch ein Muster drin, momentan ist jedoch keines bekannt.
Ersetzungstabelle
Die Liste ist nun zum größten Teil vollständig. Es fehlt noch das Leerzeichen sowie eher ungebräuchlichere ASCII-Codes, insbesondere Steuerzeichen.
Code | Zeichen |
---|---|
8977 | 0 |
2018 | 1 |
a8b1 | 2 |
3dc2 | 3 |
3b98 | 4 |
4423 | 5 |
6950 | 6 |
9ee7 | 7 |
7678 | 8 |
ac3b | 9 |
Code | Zeichen |
---|---|
478b | A |
76fd | B |
4886 | C |
92d1 | D |
3ace | E |
3322 | F |
4b34 | G |
b7f7 | H |
a4bf | I |
a59e | J |
2331 | K |
b90e | L |
6296 | M |
45e4 | N |
81e8 | O |
9eb8 | P |
0d21 | Q |
5a84 | R |
9396 | S |
642a | T |
0682 | U |
7df7 | V |
0a17 | W |
a14e | X |
284a | Y |
a2ec | Z |
Code | Zeichen |
---|---|
781f | a |
a007 | b |
7abe | c |
b84f | d |
b91d | e |
2104 | f |
94f2 | g |
6e19 | h |
644d | i |
a852 | j |
2cba | k |
2906 | l |
8606 | m |
46df | n |
2d78 | o |
15c8 | p |
8be3 | q |
7b4f | r |
27c2 | s |
04c6 | t |
98cb | u |
6141 | v |
06db | w |
594e | x |
5977 | y |
9d29 | z |
Code | Zeichen |
---|---|
432b | ! |
7c0c | # |
62da | $ |
112f | % |
0e27 | & |
0409 | ' |
2692 | ( |
6b27 | ) |
5721 | * |
56fd | + |
789b | , |
aeb7 | - |
6e93 | . |
a837 | / |
54e5 | ; |
76b1 | < |
3dd0 | = |
7b44 | > |
923d | @ |
493f | [ |
6a15 | ] |
8991 | ^ |
6873 | _ |
51ed | ` |
45ea | { |
1d54 | | |
2545 | } |
4092 | ~ |
Code | Zeichen |
---|---|
3240 | Ä |
28b7 | Ö |
3ada | Ü |
8c24 | ä |
16da | ö |
4a5b | ü |
Python-Modul zum verschleiern/entschleiern
# -*- coding: utf-8 -*- """ STiNE filetransfer.exe decoder/encoder Copyright (c) 2008 Henning Pridöhl MIT License - http://www.opensource.org/licenses/mit-license.php This module is for decoding and encoding of the filetransfer.exe parameter of STiNE. It consists of three functions: 1) string encoded_parameter encode_transfer(string query_string) 2) string decoded_query_string decode_transfer(string encoded_parameter) 3) string encoded_parameter build_transfer( session, fnsrc, fndest, installdir='./', subdir='temp') Please note that the code table doesn't contain the complete ASCII! Feel free to add missing codes. == Usage == Encoding: >>> encode_transfer('mode=download&installdir=./&session=333090280767182&fnsrc=f333043751172556.cache&fndest=OnlineKontrollausdruck.pdf&subdir=temp') '86062d78b84fb91d3dd0b84f2d7806db46df29062d78781fb84f0e27644d46df27c204c6781f29062906b84f644d7b4f3dd06e93a8370e2727c2b91d27c227c2644d2d7846df3dd03dc23dc23dc28977ac3b8977a8b1767889779ee769509ee720187678a8b10e27210446df27c27b4f7abe3dd021043dc23dc23dc289773b983dc29ee74423201820189ee7a8b14423442369506e937abe781f7abe6e19b91d0e27210446dfb84fb91d27c204c63dd081e846df2906644d46dfb91d23312d7846df04c67b4f2d7829062906781f98cb27c2b84f7b4f98cb7abe2cba6e9315c8b84f21040e2727c298cba007b84f644d7b4f3dd004c6b91d860615c8' Decoding: >>> decode_transfer('86062d78b84fb91d3dd0b84f2d7806db46df29062d78781fb84f0e27644d46df27c204c6781f29062906b84f644d7b4f3dd06e93a8370e2727c2b91d27c227c2644d2d7846df3dd03dc23dc23dc28977ac3b8977a8b1767889779ee769509ee720187678a8b10e27210446df27c27b4f7abe3dd021043dc23dc23dc289773b983dc29ee74423201820189ee7a8b14423442369506e937abe781f7abe6e19b91d0e27210446dfb84fb91d27c204c63dd081e846df2906644d46dfb91d23312d7846df04c67b4f2d7829062906781f98cb27c2b84f7b4f98cb7abe2cba6e9315c8b84f21040e2727c298cba007b84f644d7b4f3dd004c6b91d860615c8') 'mode=download&installdir=./&session=333090280767182&fnsrc=f333043751172556.cache&fndest=OnlineKontrollausdruck.pdf&subdir=temp' Decoding with unknown codes results in '?' (f00b is unknown) >>> decode_transfer('f00b781f7b4f') '?ar' Building the transfer easily >>> build_transfer(333090280767182, 'f333043751172556.cache', 'OnlineKontrollausdruck.pdf') '86062d78b84fb91d3dd0b84f2d7806db46df29062d78781fb84f0e27644d46df27c204c6781f29062906b84f644d7b4f3dd06e93a8370e2727c2b91d27c227c2644d2d7846df3dd03dc23dc23dc28977ac3b8977a8b1767889779ee769509ee720187678a8b10e27210446df27c27b4f7abe3dd021043dc23dc23dc289773b983dc29ee74423201820189ee7a8b14423442369506e937abe781f7abe6e19b91d0e27210446dfb84fb91d27c204c63dd081e846df2906644d46dfb91d23312d7846df04c67b4f2d7829062906781f98cb27c2b84f7b4f98cb7abe2cba6e9315c8b84f21040e2727c298cba007b84f644d7b4f3dd004c6b91d860615c8' Debug decoding (e.g. for adding new codes to the code table) Just join the result with "\n" and display it :) >>> decode_transfer('21042d782d78a007781f7b4f', True) ('2104 2d78 2d78 a007 781f 7b4f', 'f o o b a r ') """ code_table = """ 8977 0 2018 1 a8b1 2 3dc2 3 3b98 4 4423 5 6950 6 9ee7 7 7678 8 ac3b 9 478b A 76fd B 4886 C 92d1 D 3ace E 3322 F 4b34 G b7f7 H a4bf I a59e J 2331 K b90e L 6296 M 45e4 N 81e8 O 9eb8 P 0d21 Q 5a84 R 9396 S 642a T 0682 U 7df7 V 0a17 W a14e X 284a Y a2ec Z 781f a a007 b 7abe c b84f d b91d e 2104 f 94f2 g 6e19 h 644d i a852 j 2cba k 2906 l 8606 m 46df n 2d78 o 15c8 p 8be3 q 7b4f r 27c2 s 04c6 t 98cb u 6141 v 06db w 594e x 5977 y 9d29 z 432b ! 7c0c # 62da $ 112f % 0e27 & 0409 ' 2692 ( 6b27 ) 5721 * 56fd + 789b , aeb7 - 6e93 . a837 / 54e5 ; 76b1 < 3dd0 = 7b44 > 923d @ 493f [ 6a15 ] 8991 ^ 6873 _ 51ed ` 45ea { 1d54 | 2545 } 4092 ~ 3240 Ä 28b7 Ö 3ada Ü 8c24 ä 16da ö 4a5b ü """.strip() decode_dict = {} encode_dict = {} for line in code_table.split('\n'): code, char = line.split() decode_dict[code] = char encode_dict[char] = code del code_table def encode_transfer(plain): """Encodes a transfer name >>> encode_transfer('foobar') '21042d782d78a007781f7b4f' """ return ''.join([encode_dict.get(x, '????') for x in plain]) def decode_transfer(encoded, debug=False): """Decodes a transfer name >>> decode_transfer('21042d782d78a007781f7b4f') 'foobar' """ encoded = encoded.replace('https://www.stine.uni-hamburg.de/scripts/', '') \ .replace('filetransfer.exe?', '') try: if len(encoded) % 4 != 0: raise if not debug: return ''.join([decode_dict.get(encoded[i*4:(i+1)*4], '?') for i in xrange(len(encoded)/4)]) else: return ( ' '.join([encoded[i*4:(i+1)*4] for i in xrange(len(encoded)/4)]), ' '.join(['%s ' % decode_dict.get(encoded[i*4:(i+1)*4], '?') for i in xrange(len(encoded)/4)]) ) except: raise ValueError('encoded string is malformed!') def build_transfer(session, fnsrc, fndest, installdir='./', subdir='temp'): """Builds an transfer name by given url parameters >>> import hashlib; hashlib.sha1( ... build_transfer(333090280767182, 'f00.cache', 'foo.pdf') ... ).hexdigest() 'c6fa3a7e5cdf544f2d01978d084ea0e4aca6beb3' """ return encode_transfer( 'mode=download&installdir=%s&session=%s&fnsrc=%s&fndest=%s&subdir=%s' % (installdir, session, fnsrc, fndest, subdir) ) if __name__ == '__main__': import doctest doctest.testmod()