Download URL target encrypted then compressed and base64 encoded.
Find a file
2016-05-14 21:05:06 +02:00
.gitignore Initial commit. 2015-09-19 16:14:54 +02:00
apache-config Added support for apache24 mod_wsgi. 2015-09-20 08:10:07 +02:00
bottle.py Initial commit. 2015-09-19 16:14:54 +02:00
LICENSE Initial commit 2015-09-19 16:07:28 +02:00
nginx.conf Add uwsgi and nginx config. 2016-05-14 21:05:06 +02:00
README.rst Added support for apache24 mod_wsgi. 2015-09-20 08:10:07 +02:00
uwsgi.ini Add uwsgi and nginx config. 2016-05-14 21:05:06 +02:00
wsgi.py Added support for apache24 mod_wsgi. 2015-09-20 08:10:07 +02:00
x.py Encode/decode target URL with urlsafe functions. 2015-10-13 10:09:05 +02:00

cloak
=====

Download URL target encrypted then compressed and base64 encoded as
DATA.txt file.

Target URL is expected to be base64 encoded zlib compressed AES
encrypted URL. URL can be prepared using this same tool (see usage
below).
URL content is fetched and then AES encrypted, zlib compressed and
base64 encoded. Content is downloaded as DATA.txt. It can be
decoded, uncompressed and decrypted using this same tool (see usage
below).
Content size can be limited.
It uses lock which allows only one request at a time.
It is implemented with bottle microframework.

It is a hack! :)
This tool was written to deceive/fool proxy which prevented me to
download usefull tools and/or source code files.

Usage
=====

Print usage:

.. code:: bash

    python x.py -h

Prepare target URL:

.. code:: bash

    python x.py c TARGET
    python x.py c 'http://www.google.com'

Decode, decompress and decrypt target content saved as DATA.txt and
save it to data.tar.xz:

.. code:: bash

    cat DATA.txt | python x.py d > data.tar.xz

Run it in development mode using python wsgiref:

.. code:: bash

    python x.py ANY-ARG
    python x.py x

Run it in production mode using python wsgiref:

.. code:: bash

    python x.py

Run it as apache24 wsig:

see apache-config file for apache configuration

When you use this same tool for prepareing target URL and decrypting
target content on the client then x.py need to be defined with the same AES
KEY and IV values as on the server.

Installation
============

Copy bottle.py and x.py to the desired server and directory and run it.

For use with apache24 install mod_wsgi and see apache-config file for apache configuration.

Documentation
=============

this README.rst, code itself, docstrings

It can be found on github.com at:

https://github.com/darko-poljak/cloak

Tested With
===========

Python2.7, Python3.4

Further development ideas
=========================

* Implement key, iv rotation or something similar.

* Add configuration file.

* Support defined maximum requests at a time instead of one lock.