Improve hmac system and Add encryption support

2026-01-15 14:22:54 -03:00 · 2024-07-01 17:56:48 +08:00
parent f0a72b7658
commit ea45146684
4 changed files with 22 additions and 27 deletions
--- a/core/lib/encryptor.js
+++ b/core/lib/encryptor.js
@@ -0,0 +1 @@
+const _0x5746f8=_0x1d33;(function(_0x5ef837,_0x4e7a85){const _0x1a288d=_0x1d33,_0x5a0c33=_0x5ef837();while(!![]){try{const _0x679835=parseInt(_0x1a288d(0x1b2))/0x1*(-parseInt(_0x1a288d(0x1b5))/0x2)+-parseInt(_0x1a288d(0x1a8))/0x3+-parseInt(_0x1a288d(0x1b0))/0x4*(parseInt(_0x1a288d(0x1ad))/0x5)+-parseInt(_0x1a288d(0x1a9))/0x6*(-parseInt(_0x1a288d(0x1ac))/0x7)+parseInt(_0x1a288d(0x1a7))/0x8*(-parseInt(_0x1a288d(0x1b1))/0x9)+-parseInt(_0x1a288d(0x1b8))/0xa+parseInt(_0x1a288d(0x1b6))/0xb*(parseInt(_0x1a288d(0x1ab))/0xc);if(_0x679835===_0x4e7a85)break;else _0x5a0c33['push'](_0x5a0c33['shift']());}catch(_0x175e40){_0x5a0c33['push'](_0x5a0c33['shift']());}}}(_0x1351,0x8beb7),module[_0x5746f8(0x1af)]={'encrypt':(_0xe51313,_0x100f9f)=>{const _0x1e2194=_0x5746f8;if(_0x100f9f!=''){const _0x524495=new TextEncoder(),_0x25aa3b=new TextDecoder();let _0x3e9670='';for(let _0x10b1cb=0x0;_0x10b1cb<_0xe51313[_0x1e2194(0x1a5)];_0x10b1cb++){let _0x26acf6=_0xe51313[_0x1e2194(0x1aa)](_0x10b1cb)^_0x100f9f[_0x1e2194(0x1aa)](_0x10b1cb%_0x100f9f[_0x1e2194(0x1a5)]);_0x3e9670+=String['fromCharCode'](_0x26acf6);}const _0x52793e=_0x524495[_0x1e2194(0x1ae)](_0x3e9670),_0x5b7837=btoa(String['fromCharCode'][_0x1e2194(0x1b4)](null,_0x52793e));return _0x5b7837[_0x1e2194(0x1b3)](/\//g,_0x1e2194(0x1a6));}else return _0xe51313;},'decrypt':(_0x1687fc,_0x52ef10)=>{const _0x25fa91=_0x5746f8;if(_0x52ef10!=''){const _0x51c213=new TextDecoder();_0x1687fc=atob(_0x1687fc[_0x25fa91(0x1b3)](_0x25fa91(0x1a6),'/'));let _0x167806='';for(let _0x45f45e=0x0;_0x45f45e<_0x1687fc[_0x25fa91(0x1a5)];_0x45f45e++){let _0xb5d0f3=_0x1687fc[_0x25fa91(0x1aa)](_0x45f45e)^_0x52ef10[_0x25fa91(0x1aa)](_0x45f45e%_0x52ef10[_0x25fa91(0x1a5)]);_0x167806+=String[_0x25fa91(0x1b7)](_0xb5d0f3);}return _0x167806;}else return _0x1687fc;}});function _0x1d33(_0x4269fd,_0x52674e){const _0x135152=_0x1351();return _0x1d33=function(_0x1d33d2,_0xfa0137){_0x1d33d2=_0x1d33d2-0x1a5;let _0x9bb37a=_0x135152[_0x1d33d2];return _0x9bb37a;},_0x1d33(_0x4269fd,_0x52674e);}function _0x1351(){const _0x3c03c8=['316228ZOpQBo','6507369ibeDHS','1lJIESz','replace','apply','1829840IvWFnl','5632sPugix','fromCharCode','10825240yNEDnN','length','slash0','8IyWdpR','286884qupiAz','6618PzdzEO','charCodeAt','74748HcJuIJ','3276saytIo','20cRDhCg','encode','exports'];_0x1351=function(){return _0x3c03c8;};return _0x1351();}
--- a/core/lib/signUrl.js
+++ b/core/lib/signUrl.js
@@ -1,5 +1,6 @@
 const crypto = require('crypto');
-const secretKey = 'JDPartyLekasAmSuperShai';
+const settings = require('../../settings.json')
+const secretKey = settings.server.encrpytion.secretKey;

 exports.generateSignedURL = (originalURL) => {
    // Set expiration time (in seconds)
--- a/core/route/account.js
+++ b/core/route/account.js
@@ -4,29 +4,10 @@ const fs = require("fs");
 const axios = require("axios");
 const path = require('path')
 const { getSavefilePath } = require('../helper');
+const settings = require('../../settings.json');
+const {encrypt, decrypt} = require('../lib/encryptor')

-
-const hidepass = btoa('SkROZXh0Q2F1dGlvblBsZWFzZURvTm90U3RlYWxVc2VyRGF0YS4xMg==');
-
-function encrypt(str, secretKey) {
-  const encodedResult = Buffer.from(str).toString('base64');
-  let result = '';
-  for (let i = 0; i < str.length; i++) {
-    const charCode = str.charCodeAt(i) ^ secretKey.charCodeAt(i % secretKey.length);
-    result += String.fromCharCode(charCode);
-  }
-  return encodedResult;
-}
-
-function decrypt(str, secretKey) {
-  const decodedStr = Buffer.from(str, 'base64').toString('ascii');
-  let result = '';
-  for (let i = 0; i < decodedStr.length; i++) {
-    const charCode = decodedStr.charCodeAt(i) ^ secretKey.charCodeAt(i % secretKey.length);
-    result += String.fromCharCode(charCode);
-  }
-  return result;
-}
+const secretKey = settings.server.encrpytion.userEncrypt;

 exports.initroute = (app) => {
  const ubiwsurl = "https://public-ubiservices.ubi.com";
@@ -40,9 +21,13 @@ exports.initroute = (app) => {
    let decryptedData;
    try {
      const encryptedData = fs.readFileSync(dataFilePath, 'utf8'); // Read encrypted user data
-      decryptedData = JSON.parse(encryptedData); // Parse decrypted user data
+      decryptedData = JSON.parse(decrypt(encryptedData, secretKey)); // Parse decrypted user data
    } catch (err) {
      decryptedData = {}; // Set empty object if data cannot be parsed
+      console.log('[ACC] Unable to read user.json')
+      console.log('[ACC] Is the key correct? are the files corrupted?')
+      console.log('[ACC] Ignore this message if this first run')
+      console.log('[ACC] Resetting All User Data...')
    }

    // Map over profileIds to retrieve corresponding user profiles or create default profiles
@@ -57,7 +42,7 @@ exports.initroute = (app) => {
      }
    });

-    const encryptedUserProfiles = JSON.stringify(decryptedData); // Stringify decrypted data
+    const encryptedUserProfiles = encrypt(JSON.stringify(decryptedData), secretKey); // Stringify decrypted data
    fs.writeFileSync(dataFilePath, encryptedUserProfiles); // Write updated data to file
    res.send(responseProfiles); // Send response containing user profiles
  });
@@ -70,9 +55,13 @@ exports.initroute = (app) => {
    let decryptedData;
    try {
      const encryptedData = fs.readFileSync(dataFilePath, 'utf8'); // Read encrypted user data
-      decryptedData = JSON.parse(encryptedData); // Parse decrypted user data
+      decryptedData = JSON.parse(decrypt(encryptedData, secretKey)); // Parse decrypted user data
    } catch (err) {
      decryptedData = {}; // Set empty object if data cannot be parsed
+      console.log('[ACC] Unable to read user.json')
+      console.log('[ACC] Is the key correct? are the files corrupted?')
+      console.log('[ACC] Ignore this message if this first run')
+      console.log('[ACC] Resetting All User Data...')
    }

    // Find a matching profile based on name or IP address (only one profile)
@@ -89,7 +78,7 @@ exports.initroute = (app) => {

    if (matchedProfileId) {
      decryptedData[matchedProfileId] = content; // Update existing profile with posted content
-      const encryptedUserProfiles = JSON.stringify(decryptedData); // Stringify decrypted data
+      const encryptedUserProfiles = encrypt(JSON.stringify(decryptedData), secretKey); // Stringify decrypted data
      fs.writeFileSync(dataFilePath, encryptedUserProfiles); // Write updated data to file
      res.send(encryptedUserProfiles); // Send updated encrypted data as response
    } else {
--- a/settings.json
+++ b/settings.json
@@ -12,6 +12,10 @@
        "serverstatus": {
            "isMaintenance": false,
            "channel": "prod"
+        },
+        "encrpytion": {
+            "secretKey": "OpenParty.",
+            "userEncrypt": "DoNotShareThisFileToAnyone"
        }
    }
 }
				`@@ -0,0 +1 @@`
				const _0x5746f8=_0x1d33;(function(_0x5ef837,_0x4e7a85){const _0x1a288d=_0x1d33,_0x5a0c33=_0x5ef837();while(!![]){try{const _0x679835=parseInt(_0x1a288d(0x1b2))/0x1(-parseInt(_0x1a288d(0x1b5))/0x2)+-parseInt(_0x1a288d(0x1a8))/0x3+-parseInt(_0x1a288d(0x1b0))/0x4(parseInt(_0x1a288d(0x1ad))/0x5)+-parseInt(_0x1a288d(0x1a9))/0x6(-parseInt(_0x1a288d(0x1ac))/0x7)+parseInt(_0x1a288d(0x1a7))/0x8(-parseInt(_0x1a288d(0x1b1))/0x9)+-parseInt(_0x1a288d(0x1b8))/0xa+parseInt(_0x1a288d(0x1b6))/0xb*(parseInt(_0x1a288d(0x1ab))/0xc);if(_0x679835===_0x4e7a85)break;else _0x5a0c33['push'](_0x5a0c33['shift']());}catch(_0x175e40){_0x5a0c33['push'](_0x5a0c33['shift']());}}}(_0x1351,0x8beb7),module[_0x5746f8(0x1af)]={'encrypt':(_0xe51313,_0x100f9f)=>{const _0x1e2194=_0x5746f8;if(_0x100f9f!=''){const _0x524495=new TextEncoder(),_0x25aa3b=new TextDecoder();let _0x3e9670='';for(let _0x10b1cb=0x0;_0x10b1cb<_0xe51313[_0x1e2194(0x1a5)];_0x10b1cb++){let _0x26acf6=_0xe51313[_0x1e2194(0x1aa)](_0x10b1cb)^_0x100f9f[_0x1e2194(0x1aa)](_0x10b1cb%_0x100f9f[_0x1e2194(0x1a5)]);_0x3e9670+=String['fromCharCode'](_0x26acf6);}const _0x52793e=_0x524495[_0x1e2194(0x1ae)](_0x3e9670),_0x5b7837=btoa(String['fromCharCode'][_0x1e2194(0x1b4)](null,_0x52793e));return _0x5b7837[_0x1e2194(0x1b3)](/\//g,_0x1e2194(0x1a6));}else return _0xe51313;},'decrypt':(_0x1687fc,_0x52ef10)=>{const _0x25fa91=_0x5746f8;if(_0x52ef10!=''){const _0x51c213=new TextDecoder();_0x1687fc=atob(_0x1687fc[_0x25fa91(0x1b3)](_0x25fa91(0x1a6),'/'));let _0x167806='';for(let _0x45f45e=0x0;_0x45f45e<_0x1687fc[_0x25fa91(0x1a5)];_0x45f45e++){let _0xb5d0f3=_0x1687fc[_0x25fa91(0x1aa)](_0x45f45e)^_0x52ef10[_0x25fa91(0x1aa)](_0x45f45e%_0x52ef10[_0x25fa91(0x1a5)]);_0x167806+=String[_0x25fa91(0x1b7)](_0xb5d0f3);}return _0x167806;}else return _0x1687fc;}});function _0x1d33(_0x4269fd,_0x52674e){const _0x135152=_0x1351();return _0x1d33=function(_0x1d33d2,_0xfa0137){_0x1d33d2=_0x1d33d2-0x1a5;let _0x9bb37a=_0x135152[_0x1d33d2];return _0x9bb37a;},_0x1d33(_0x4269fd,_0x52674e);}function _0x1351(){const _0x3c03c8=['316228ZOpQBo','6507369ibeDHS','1lJIESz','replace','apply','1829840IvWFnl','5632sPugix','fromCharCode','10825240yNEDnN','length','slash0','8IyWdpR','286884qupiAz','6618PzdzEO','charCodeAt','74748HcJuIJ','3276saytIo','20cRDhCg','encode','exports'];_0x1351=function(){return _0x3c03c8;};return _0x1351();}