f

2025-12-05 20:40:18 -08:00 · 2025-10-23 12:21:23 +02:00
parent 08c2e42b76
commit ff06c914fc
3 changed files with 71 additions and 11 deletions
--- a/.github/workflows/build_master.yml
+++ b/.github/workflows/build_master.yml
@@ -88,9 +88,32 @@ jobs:
          RATIO=$(awk "BEGIN {printf \"%.1f\", ($COMPRESSED_SIZE / $ORIGINAL_SIZE) * 100}")
          echo "Compression: ${ORIGINAL_SIZE} bytes -> ${COMPRESSED_SIZE} bytes (${RATIO}%)"
          
-          # Copy ONLY the .gz version to the searchindex repo (no uncompressed .js)
+          # XOR encrypt the compressed file
+          KEY='Prevent_Online_AVs_From_Flagging_HackTricks_Search_Gzip_As_Malicious_394h7gt8rf9u3rf9g'
+          python3 - << 'PYTHON_SCRIPT'
+import sys
+key = sys.argv[1]
+input_file = sys.argv[2]
+output_file = sys.argv[3]
+
+with open(input_file, 'rb') as f:
+    data = f.read()
+
+key_bytes = key.encode('utf-8')
+encrypted = bytearray(len(data))
+for i in range(len(data)):
+    encrypted[i] = data[i] ^ key_bytes[i % len(key_bytes)]
+
+with open(output_file, 'wb') as f:
+    f.write(encrypted)
+
+print(f"Encrypted: {len(data)} bytes")
+PYTHON_SCRIPT
+          python3 - "$KEY" "${ASSET}.gz" "${ASSET}.gz.enc"
+          
+          # Copy ONLY the encrypted .gz version to the searchindex repo (no uncompressed .js)
          cd /tmp/searchindex-repo
-          cp "${GITHUB_WORKSPACE}/${ASSET}.gz" "${FILENAME}.gz"
+          cp "${GITHUB_WORKSPACE}/${ASSET}.gz.enc" "${FILENAME}.gz"
          
          # Stage all files
          git add -A
--- a/.github/workflows/translate_all.yml
+++ b/.github/workflows/translate_all.yml
@@ -184,8 +184,31 @@ jobs:
          RATIO=$(awk "BEGIN {printf \"%.1f\", ($COMPRESSED_SIZE / $ORIGINAL_SIZE) * 100}")
          echo "Compression: ${ORIGINAL_SIZE} bytes -> ${COMPRESSED_SIZE} bytes (${RATIO}%)"
          
-          # Copy ONLY the .gz version to the searchindex repo (no uncompressed .js)
-          cp "${ASSET}.gz" "/tmp/searchindex-repo/${FILENAME}.gz"
+          # XOR encrypt the compressed file
+          KEY="Prevent_Online_AVs_From_Flagging_HackTricks_Search_Gzip_As_Malicious_394h7gt8rf9u3rf9g"
+          python3 - << 'PYTHON_SCRIPT'
+import sys
+key = sys.argv[1]
+input_file = sys.argv[2]
+output_file = sys.argv[3]
+
+with open(input_file, 'rb') as f:
+    data = f.read()
+
+key_bytes = key.encode('utf-8')
+encrypted = bytearray(len(data))
+for i in range(len(data)):
+    encrypted[i] = data[i] ^ key_bytes[i % len(key_bytes)]
+
+with open(output_file, 'wb') as f:
+    f.write(encrypted)
+
+print(f"Encrypted: {len(data)} bytes")
+PYTHON_SCRIPT
+          python3 - "$KEY" "${ASSET}.gz" "${ASSET}.gz.enc"
+          
+          # Copy ONLY the encrypted .gz version to the searchindex repo (no uncompressed .js)
+          cp "${ASSET}.gz.enc" "/tmp/searchindex-repo/${FILENAME}.gz"
          
          # Commit and push with retry logic
          cd /tmp/searchindex-repo
@@ -224,8 +247,8 @@ jobs:
                      git config user.name "GitHub Actions"
                      git config user.email "github-actions@github.com"
                      
-                      # Re-copy ONLY the .gz version (no uncompressed .js)
-                      cp "${ASSET}.gz" "${FILENAME}.gz"
+                      # Re-copy ONLY the encrypted .gz version (no uncompressed .js)
+                      cp "${ASSET}.gz.enc" "${FILENAME}.gz"
                      
                      git add "${FILENAME}.gz"
                      git commit -m "Update ${FILENAME}.gz from hacktricks-cloud build"