Artem's blog

Mainly .NET (C#, ASP.NET) and my projects

Chaos on the Web

The Web is changing all the time. From a technical perspective, more functions are added, which opens doors to new possibilities. From a developer perspective though, it is getting more expensive to test web pages in all browsers. Before, when Internet Explorer had more users, it was worth to only check the page in IE and still make it available for most of the web users. Now, when all old/new minor browsers are getting big, you cannot be sure that all will view the page as you want to. That means that more time is needed to make a page compatible for all browsers.

HTML5 – which should not be platform or web-browser based, is shown differently depending on web-browser, web-browser version and platform. With other words, a page on, for instance,  windows using Firefox, would not be displayed the same on a Firefox browser on Android.

The big issue with all kinds of web-browsers is that more time is needed to test a project, which might be expensive. Once again, if a project is to be tested in all web-browsers, it may cause project delay, or, to solve the first issue of time, it might require more web-developers, tester, which might therefore cost more.

I do not think that this issue may be solved in the nearest future, because we are getting more and more devices, such as smartphone, tablet-PC, TV, et cetera. Everything listed has an pre-build web-browser. In the current situation, we cannot take it for sure, that the web-page will be displayed correctly on all devices.

Encrypting a website

EDIT: Please check out the updated version of this article.

When encrypting a website, we need to understand the way a browser interprets our input, i.e. html/javascript. In this case, we can produce code that is only readable by a browser.

There are several ways to encrypt a page, the main idea behind all methods is it to convert a human-readable code to ONLY computer-readable one.

    • By HTML only
    • By JavaScript
      • Using hexadecimal values
      • Using “escape/unescape”
      • Using an advanced algarithm

By HTML Only
In HTML, all letters(chars) can be written in a ASCII form, i.e., if we have a small “a” that is to be converted, we simply look up its ASCII value and write it instead of the actual char: a, and so on.To sum up, the prefix is “&#”, then the ASCII code, and lastly a semicolon, “;”.

function encToASCII(_text)
{
	var _newText="";

	for(var i=0; i < _text.length;i++)
	{
		_newText += "&#" + _text.charCodeAt(i) + ";";
	}

	return _newText;
}

 

By JavaScript
JavaScript website encryption can be divided into several parts. One way is by using the hexadecimal value of a char, and write it instead of the actual char. We have to use JavaScript to perform this action, as it is shown below:

function encToHex(_text)
{
	var _newText="";
	for (var i=0; i < _text.length; i++)
	{
		_newText += "%" + decimalToHex(_text.charCodeAt(i));
	}
	return _newText;
}
function decimalToHex(_num)
{
	return _num.toString(16);
}

This method will only encrypt the given text, though, but, the user has to be able to see the encrypted text as a result (the browser won’t understand this code unless we have a function that will interpret it). This method is based on JavaScript, and we therefore need to use JavaScript to decrypt. Let us say that we encrypt “Hello World!”, which results “%48%65%6c%6c%6f%20%57%6f%72%6c%64%21”. As you might see, the prefix is “%”, and then the hexadecimal number. If the result above is our webpage, the source of that webpage should look similar to the example below:

<script type="text/javascript">
document.write(unescape("%48%65%6c%6c%6f%20%57%6f%72%6c%64%21"));
</script>
NOTE: There is a big difference between the HTML Only encryption and JavaScript encryption. For example, if you encrypt your whole page with HTML Only encryption, including “tags”, the result in the web-browser will be the source of the page. Encoding “<p>Hi</p>” will result “<p>Hi</p>”. However, by using JavaScript, the result will be executed, as a normal page would. Encoding “<p>Hi</p>” will result “Hi”.


There is also, as you might see, an opportunity to use functions escape and unescape as they are. Their actual usage is to encode/decode the url, i.e., replacing spaces, “special chars.” to url friendly one. All letters and numbers will stay the same, they will not be changed.

document.write(escape("Hello World!"));

The result you will get is Hello%20World%21. It replaces spaces with %20, and “!” with %21. Both of them are special characters(chars).

Unescape function will decode to a normal string.

document.write(unescape("Hello%20World%21"));

 

By JavaScript – Advanced algorithm
It took a while for me to define what an advanced algorithm in our case would be. I would say that the more advanced algorithm you have, the more time it takes to “crack it”. The method that will be described in this section of the post is my own little version of advanced algorithm. The method is using a logical operation, called XOR. If you already now what that is, jump to the next section.XOR is an operator, and works at a binary level. A definition in words is that the first or second value is true, but not both. Truth table shown below: 

Input Output
A B
0 0 0
0 1 1
1 0 1
1 1 0
XOR Truth table

An operation, 5 XOR 6, would result 3. The thing is, if we take either 5 XOR 3 = 6 or 6 XOR 3 = 5, we always return to our previous numbers. Conclusion, if two numbers are known, we always will get the third one.

As you might see, the decimal value 5 corresponds to 101; 6 corresponds to 110; 3 corresponds to 011.
1 0 1
1 1 0
1 1 0

By using XOR operation, we might, for instance, set a secret number, or a series of numbers, which always will return our third number. In this post, we will go though how to use a series of numbers, but also how to do it with only one number.

function en_doc(t,k)
{
	var a;
	var b;
	var r=new Array();
	for (var i=0; i<t.length ;i++)
	{
		a=t.charCodeAt(i);
		b=k.charAt(i%k.length);
		a^=b;
		r[i]=String.fromCharCode(a);
	}
	return r.join("");
}

The code shown above is my own advanced algorithm. First, we declare “a”, which is a char at certain place in string t; and b, which is a digit at certain place in k. The text to encrypt is placed in t (all chars), and the key to encrypt with is placed in k (only digits). The variable r is an array of the result/output.

First of all, we assign a to the char code at i. The variable b is then assigned to the char at i mod the length of key.

The reason why I put  a modular operation there is simple. If the key length we use is smaller than the text length, we will not be able to encrypt the whole string without it. When we are encrypting something, the key has to be of the same length as the text. By using a modular operation, even if the key is smaller than the text, it will be repeated. For example, if the key is 567 (key length=3), and the text length is 6, the output key will result 567567.

Secondly, an logical operation is executed. In other words, variable a equals to itself XOR b. Variable a has therefore a new value which is later assigned to r[i], i.e., a place in the array r which corresponds to the index value i.

Lastly, we join our array without some joining char, and that will be our encoded text. To decrypt, use the same function; place your encrypted text in t, and the key in k.

You can, however, remove this key opportunity, or as I previously defined it, using a key series,  to a single key digit. You might still use this method, but only having a key, for instance, 6, or, you might remove it at all, and set the secret digit inside the function.

If you want to include this code in your project without typing the code above, include this code before all scripts (see this code in action):

Source 1:

<script src="https://dev.clizware.net/lib/scrypto1.js"></script>

Source 2:

<script src="https://clizware.webs.com/lib/scrypto1.js"></script>

I hope this article was useful, and that you hopefully have learned something new! Below you find some useful links:

Encrypter – (for html only encryption)
http://www.iwebtool.com/html_encrypter – (encrypting to hexadecimal values, javascript)
Bitwise Operators – (about logical operators)
Escape and Unescape
Eval – (advanced encryption, etc.)

This article was revised 17.03.2013.

Sample of Bubble sort

The MsgBox is there to show how it actually goes through the integer array. You can remove it as well!

    ' A sample of Bubble sort
    ' Have fun!

        Dim i() As Integer = New Integer(4) {2, 5, 3, 1, 4}

        Dim t As Boolean = True
        While (t)
            t = False
            For j As Integer = 0 To 3

                If i(j) > i(j + 1) Then

                    Dim _vec As Integer = i(j)
                    i(j) = i(j + 1)
                    i(j + 1) = _vec
                    t = True

                    'this is only to check the value of i
                    Dim _result As String = ""
                    For y As Integer = 0 To 4
                        _result &= i(y) & ","
                    Next
                    MsgBox(_result)
                End If
            Next
        End While

About the spam issue

Dear Guest!

Yesterday, some changed were done at this blog. From today, there will be CAPTCHA control each time you write a comment. Of cause, there are other changes as well,
but this is the main one.

Regards,
Artem

MsgBox function for C#

        void MsgBox(string _text,string _title = "Message Box")
        {
            //my msgbox. from Visual Basic .NET!!!
            MessageBox.Show(_text,_title );
        }

SKBL [2009]

Three years ago, I did one of my first project that is used to secure .NET Applications. It is called SKBL – Serial Key Builder Library. It works in both Visual Basic and C#.

You may download it here! (The documentaion file is included.)
SKBL Setup

If you have some questions, please ask me at “artem.los at nilssons.ws”

Happy New Year!
Artem Los.

Tip of 22 December

In this thread I will show you two good Java Script functions. With both of them you can calculate how many chars you have.

The first one will calculate a specific element.

function calcspec(element)
{
	if (element.innerHTML != "")  // this function must be first!
	{
		return element.innerHTML.length;
	}

	if (element.value.length > 0)
	{
		return element.value.length;
	}
}

 

The second one will calculate all chars between HTML tags. HTML tags are not included.

function calcall(tag)
{
	return document.documentElement.innerHTML.length;
}

or

function calchtml()
{
	return document.getElementsByTagName("html")[0].innerHTML.length;
}

 

You might however replace innerHTML to outerHTML as shown bellow. This will therefore calculate all document. (does not work in Firefox)

function calcall(tag)
{
	return document.documentElement.outerHTML.length;
}
function calchtml()
{
	return document.getElementsByTagName("html")[0].outerHTML.length;
}

Encrypter [outdate]

This is my old project done in 2010 at a school as a part of another project http://keybuilder.webs.com/
This program might be used for encrypting some “text”, so the algorithm is much the same as in my old post Another example of an encryption algorithm [JS]. Please ignore this (cliz) converter, it is for my old program CliZ Writer!

Download it here: Encrypter

Another example of an encryption algorithm [JS]

In this post I will go through a simple encryption method I’ve done few years ago. It is actually so simple, but I’ve heard that some currently-used encryption algorithms are based on this principle.

Here is the code: (function “ec_t” – encryption method; function “dc_t” – decryption method)

/*
 * Sample encryption and
 * decryption by Artem Los
 * 
 */ 

  //Encrypt
    function ec_t(t, key) {
        var c = "";
        var d = "";
        var _key2 = StringToAsc(key);
        var e = genKey(_key2 , t.length);
        var _keyA =  new String (key.length);

        for (i = 0; i < t.length; i++) {

            var _def_t = eval(t.charCodeAt(i));
            var _def_e = eval(e.charAt(i));
            var _def_a = eval(_keyA.charAt(0));

            c = _def_e + _def_t +_def_a;
            d += String.fromCharCode (c);

        }
        return d;
    }

    function genKey(key, l) {
        var _vectorA = key;
        while (_vectorA.length < l) {
            _vectorA += _vectorA;
        }
        return _vectorA;
    }
    function StringToAsc(text) {
        var _vectorA = "";

        for (i = 0; i < text.length; i++) {
            _vectorA +=  text.charCodeAt(i);
        }
        return _vectorA;
    }

    //Decrypt
    function dc_t(t, key) {
        var c = "";
        var d = "";
        var _key2 = StringToAsc(key);
        var _keyA = new String(key.length);
        var e = genKey(_key2, t.length);

        for (i = 0; i < t.length; i++) {

            c = t.charCodeAt(i) - e.charAt(i) - _keyA.charAt (0);
            d +=  String.fromCharCode (c);
        }
        return d;

    }

    function do_e() {

        var _vecB = unescape (  in01.value);
        var _passA = pass.value;

        if (_passA != "") {
            if (ra01.checked == true) {
                var _vecC = ec_t(_vecB, _passA );
                in02.value = escape ( _vecC);
            }

            else {
                    var _vecC = dc_t(_vecB , _passA);
                    in02.value = _vecC;
            }
        }
    }

If you want to view this code in-work, enter the link below:
Encrypter

Why and how did it work?
The code above works on a simple principle, I discovered it without looking at internet, though! 😛

Say we have a table where all letters have an id, i.e., a number. The table looks as follows: A-1, B-2, C-3 …
First of all, we need to define our message, say we have “BAC” corresponding to “213”.
Then we need a key, say “CBA” – “321”. (it is in the same format as the message).

B(2) A(1) C(3)
C(3) B(2) A(1)
D(4) C(3) E(5)

The result is therefore 435 or DCE. When we decrypt we have to do the same but backwards, using the key, i.e., instead of addition use subtraction.

This is done with function “ec_t” and “dc_t”.
If the message is longer than the key, then we need to duplicate the key so it matches the message length. All that is done in function “getKey”.

It is better that you use function “do_e” instead of “ec_t”, because then all letters will go through a escape function, which means that the text will be more copy-friendly, i.e., easier to copy without missing some letters which can affect the result.

Good luck!

HTML Encryptor 1.00

Today, a new release is available at CliZ Ware. It is a html encryption software that might be used to encrypt your web-pages. As I wrote in my previous post, there is a question of time how long it might take to crack this code.

However, you might use this software, but, the banner that is inside all pages should stay, so, do not remove it please! This is currently a free software, may it will be a shareware, I do not know.

Download by clicking here
Encryption of a file sample

HTML Encryptor