cloak
=====
Download URL target encrypted then compressed and base64 encoded as
DATA.txt file.
Target URL is expected to be base64 encoded zlib compressed AES
encrypted URL. URL can be prepared using this same tool (see usage
below).
URL content is fetched and then AES encrypted, zlib compressed and
base64 encoded. Content is downloaded as DATA.txt. It can be
decoded, uncompressed and decrypted using this same tool (see usage
below).
Content size can be limited.
It uses lock which allows only one request at a time.
It is implemented with bottle microframework.
It is a hack! :)
This tool was written to deceive/fool proxy which prevented me to
download usefull tools and/or source code files.
Usage
=====
Print usage:
.. code:: bash
python x.py -h
Prepare target URL:
.. code:: bash
python x.py c TARGET
python x.py c 'http://www.google.com'
Decode, decompress and decrypt target content saved as DATA.txt and
save it to data.tar.xz:
.. code:: bash
cat DATA.txt | python x.py d > data.tar.xz
Run it in development mode using python wsgiref:
.. code:: bash
python x.py ANY-ARG
python x.py x
Run it in production mode using python wsgiref:
.. code:: bash
python x.py
Run it as apache24 wsig:
see apache-config file for apache configuration
When you use this same tool for prepareing target URL and decrypting
target content on the client then x.py need to be defined with the same AES
KEY and IV values as on the server.
Installation
============
Copy bottle.py and x.py to the desired server and directory and run it.
For use with apache24 install mod_wsgi and see apache-config file for apache configuration.
Documentation
=============
this README.rst, code itself, docstrings
It can be found on github.com at:
https://github.com/darko-poljak/cloak
Tested With
===========
Python2.7, Python3.4
Further development ideas
=========================
* Implement key, iv rotation or something similar.
* Add configuration file.
* Support defined maximum requests at a time instead of one lock.
c881987c84