Techbrunch · March 26, 2019 19:45
diff --git a/proxy.rb b/proxy.rb
 require 'sinatra'
 require 'openssl'
 require 'base64'
 require 'httparty'
 require 'json'
 require 'sinatra/custom_logger'
 require 'logger'
 require 'active_support/all'

 set :logger, Logger.new(STDOUT)

 key = ['384f2e6a1a05e5223b80e960a0a65074'].pack('H*')
 iv   = '1234567812345678'

 def encrypt(key, data, iv)
  aes = OpenSSL::Cipher.new('AES-128-CBC')
  aes.encrypt
  aes.key = key
  aes.iv = iv
  aes.update(data) + aes.final
 end

 def decrypt(key, data, iv)
  aes = OpenSSL::Cipher.new('AES-128-CBC')
  aes.decrypt
  aes.key = key
  aes.iv = iv
  aes.update(data) + aes.final
 end

 def get_headers
  Hash[*env.select {|k,v| k.start_with?('HTTP_') || (k == 'CONTENT_TYPE') }
            .collect {|k,v| [k.sub(/^HTTP_/, ''), v]}
            .collect {|k,v| [k.split('_').collect(&:capitalize).join('-'), v]}
            .sort
            .flatten].except('Host', 'Connection', 'Version', 'Content-Type')
 end

 post '/' do
  body = request.body.read
  logger.info body
  encoded  = Base64.strict_encode64(iv + encrypt(key,body, iv))
  response = HTTParty.post('http://35.243.186.41/', body: {d: encoded}, headers:get_headers)#, :debug_output => $stdout)
  decoded  = Base64.strict_decode64(response)
  decrypted = decrypt(key,decoded[16..],decoded[0,16])
  logger.info decrypted
  decrypted
 end
	require 'sinatra'
	require 'openssl'
	require 'base64'
	require 'httparty'
	require 'json'
	require 'sinatra/custom_logger'
	require 'logger'
	require 'active_support/all'

	set :logger, Logger.new(STDOUT)

	key = ['384f2e6a1a05e5223b80e960a0a65074'].pack('H*')
	iv = '1234567812345678'

	def encrypt(key, data, iv)
	aes = OpenSSL::Cipher.new('AES-128-CBC')
	aes.encrypt
	aes.key = key
	aes.iv = iv
	aes.update(data) + aes.final
	end

	def decrypt(key, data, iv)
	aes = OpenSSL::Cipher.new('AES-128-CBC')
	aes.decrypt
	aes.key = key
	aes.iv = iv
	aes.update(data) + aes.final
	end

	def get_headers
	Hash[*env.select {\|k,v\| k.start_with?('HTTP_') \|\| (k == 'CONTENT_TYPE') }
	.collect {\|k,v\| [k.sub(/^HTTP_/, ''), v]}
	.collect {\|k,v\| [k.split('_').collect(&:capitalize).join('-'), v]}
	.sort
	.flatten].except('Host', 'Connection', 'Version', 'Content-Type')
	end

	post '/' do
	body = request.body.read
	logger.info body
	encoded = Base64.strict_encode64(iv + encrypt(key,body, iv))
	response = HTTParty.post('http://35.243.186.41/', body: {d: encoded}, headers:get_headers)#, :debug_output => $stdout)
	decoded = Base64.strict_decode64(response)
	decrypted = decrypt(key,decoded[16..],decoded[0,16])
	logger.info decrypted
	decrypted
	end