All geek questions in one place

Clear webpage that requires md5 hash as parameter

I am trying to clear the data from the link below in a C # console application: https://www.eex-transparency.com/homepage/power/germany/production/availability/non-usability

Using the developer tools in chrome, I see that it can get a json, url answer to get this: https://www.eex-transparency.com/dsp/tem-12?country=de&expires=1454345128&md5=TRhtJei_go4ueLeekBc8yw

the website uses this js file ( https://www.eex-transparency.com/assets/js/tpe-website.js ) to generate the expired and md5 hash key. I think I realized that the value of expires is unix datetime. I never used javascript before it is so hard to understand how they build md5.

Javascript that generates this code:

generateCryptedParams=function(url,clientIP)
{
    var cryptedParams,md5,md5Encoded,md5WithoutSpeciaChars,parser,timePoint,urlPath;

return timePoint=moment().tz("Europe/Berlin").add(1,"minute").unix(),
                 parser=document.createElement("a"),
                 parser.href=url,
                 urlPath=parser.pathname,
                 "/"!==urlPath[0]&&(urlPath="/"+urlPath),
                 md5=CryptoJS.MD5(urlPath+timePoint+clientIP+" zYeHzBomGdgV"),
                 md5Encoded=md5.toString(CryptoJS.enc.Base64),
                 md5WithoutSpeciaChars=replaceSpecialChars(md5Encoded),
                 cryptedParams={"expires":timePoint,"md5":md5WithoutSpeciaChars}
}

replaceSpecialChars=function(str)
{
var key,specialChars,value;
specialChars={"=":"","\\+":"-","/":"_","%":"_"};
for(key in specialChars)
    value=specialChars[key],
     str=str.replace(new RegExp(key,"g"),value);

return str
}

As I said, I think I like the time, but md5 confuses me. Below is my C # code for their replication, but when I pass the md5 hash, their site returns a 403 Forbidden error.

    public Tuple<string, Int32> GenerateCrypto(string url, string ipAddress)
    {
        string cetId = "Central European Standard Time";
        TimeZoneInfo cetZone = TimeZoneInfo.FindSystemTimeZoneById(cetId);
        var CETDateTime = TimeZoneInfo.ConvertTimeFromUtc(DateTime.UtcNow, cetZone);
        //Int32 unixTimestamp = (Int32)(CETDateTime.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
        Int32 unixTimestamp = (Int32)(DateTime.UtcNow.AddMinutes(1).Subtract(new DateTime(1970, 1, 1))).TotalSeconds;


        url = url.Split('/')[3];
        var md5 = CipherUtility.GenerateMd5(url + unixTimestamp + ipAddress + " zYeHzBomGdgV");
        var md5Encoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(md5));
        var md5withoutSpecialCharts = replaceSpecialChars(md5Encoded);
        md5withoutSpecialCharts = md5withoutSpecialCharts.Substring(0, 22);
        return new Tuple<string, Int32>(md5withoutSpecialCharts, unixTimestamp);
    }
+4
source share
1 answer

The solution was that I needed to combine the const string into all the elements before hashing it.

+1
source

Source: https://habr.com/ru/post/1626888/

More articles:


All Articles