cookie_decrypt

2025-11-13 10:45:26 +01:00
commit 76b66227e4
6 changed files with 434 additions and 0 deletions
@@ -0,0 +1,144 @@
+package main
+
+import (
+	"crypto/md5"
+	"encoding/hex"
+	"fmt"
+	"log"
+	"presta/cookie"
+	"strings"
+)
+
+// === PrestaShop Constants ===
+const (
+	_PS_VERSION_ = "1.7.6.3"
+	// _NEW_COOKIE_KEY_    = "def000008bf3d70e7012b7493c382d561e193218d0c74ab162fb0ea8029ce20e926531b4bcf0aaec9381152e6c161f198e06918b2d1aad67cc7cf40819a51ee328c63830"
+	__COOKIE__          = "def5020099dce5cd9ecf197adb5532a74e3db2ed9cba3d59b98f365353099b710bd562efa48b6bad1ad0a12b2ee54de0fbfcc6baa0545a8234141b03bfc1fbbbb9061af5011764b9c4dfd9c0ddcad767a453e0cc24d6b4a7c524e6c49aabd66ecc390e1a964b6e81a051b171051c829542facbb36cf64fcfebf069906dcc95476578be3fe59aaae466cf70bd9c877d301d908ec3aa4f55366567f460dfefac1684ce381293e8d4138382a42716d6aaecdcc7"
+	__EXPECTED_RESULT__ = "date_add|2025-11-02 12:26:58¤id_lang|2¤id_currency|1¤id_guest|23381445¤id_connections|2245874¤checksum|1154356442"
+)
+
+// === Crypto Constants ===
+
+// === CookTest ===
+type CookTest struct {
+	content    map[string]string
+	name       string
+	domain     string
+	path       string
+	standalone bool
+	expire     int64
+}
+
+func main() {
+	// === DECRYPTION TEST ===
+	ct, err := NewCookTest("", "", nil, nil, false, false)
+	if err != nil {
+		log.Fatal("Decrypt failed:", err)
+	}
+
+	dct := cookie.New()
+	if err != nil {
+		log.Fatal("New DecryptEncrypt failed:", err)
+	}
+
+	fmt.Println("<pre>")
+	for k, v := range ct.content {
+		fmt.Printf("%s: %s\n", k, v)
+	}
+	fmt.Printf("Match expected: %v\n", ct.String() == __EXPECTED_RESULT__)
+	fmt.Println("</pre>")
+
+	// === ENCRYPTION TEST ===
+	newData := "date_add|2025-11-03 10:00:00¤id_lang|1¤id_currency|2¤id_guest|999999¤id_connections|888888¤checksum|1234567890"
+	encryptedHex, err := dct.EncryptInternal(newData, ct.domain)
+	if err != nil {
+		log.Fatal("Encrypt failed:", err)
+	}
+	fmt.Printf("Encrypted cookie: %s\n", encryptedHex)
+
+	// Optional: Try decrypting it back
+	// ct2, _ := NewCookTestFromCookie(encryptedHex, ct.domain)
+	// fmt.Println("Re-decrypted:", ct2.String())
+}
+
+func NewCookTest(name, path string, expire *int64, sharedURLs []string, standalone, secure bool) (*CookTest, error) {
+	ct := &CookTest{
+		content:    make(map[string]string),
+		standalone: standalone,
+	}
+
+	dct := cookie.New()
+
+	if expire == nil {
+		ct.expire = 1728000
+	} else {
+		ct.expire = *expire
+	}
+
+	path = strings.Trim(path, "/\\")
+	if !standalone && path != "" {
+		path = "/" + path
+	}
+	if path != "" && path[0] != '/' {
+		path = "/" + path
+	}
+	ct.path = path
+
+	ct.domain = ct.getDomain(sharedURLs)
+
+	versionPart := ""
+	if !standalone {
+		versionPart = _PS_VERSION_
+	}
+	ct.name = "PrestaShop-" + md5String(versionPart+name+ct.domain)
+
+	fmt.Printf("name: %v\n", ct.name)
+
+	key, err := dct.LoadKeyFromASCII()
+	if err != nil {
+		return nil, err
+	}
+
+	kp := &cookie.KeyOrPassword{SecretType: 1, Key: key}
+
+	plaintext, err := dct.DecryptInternal(__COOKIE__, kp, false)
+	if err != nil {
+		return nil, fmt.Errorf("decrypt failed: %w", err)
+	}
+
+	ct.parseContent(string(plaintext))
+	return ct, nil
+}
+
+func (ct *CookTest) parseContent(data string) {
+	pairs := strings.Split(data, "¤")
+	for _, p := range pairs {
+		if strings.Contains(p, "|") {
+			parts := strings.SplitN(p, "|", 2)
+			if len(parts) == 2 {
+				ct.content[parts[0]] = parts[1]
+			}
+		}
+	}
+}
+
+func (ct *CookTest) String() string {
+	order := []string{"date_add", "id_lang", "id_currency", "id_guest", "id_connections", "checksum"}
+	var parts []string
+	for _, k := range order {
+		if v, ok := ct.content[k]; ok {
+			parts = append(parts, k+"|"+v)
+		}
+	}
+	return strings.Join(parts, "¤")
+}
+
+func (ct *CookTest) getDomain(sharedURLs []string) string {
+	return "localhost"
+}
+
+// === MD5 ===
+func md5String(s string) string {
+	sum := md5.Sum([]byte(s))
+	return hex.EncodeToString(sum[:])
+}