Raymond Camden's Blog Rss

Working with Base64 representations of strings in ColdFusion

12

Posted in ColdFusion | Posted on 02-02-2011 | 2,774 views

Kevin pinged me earlier today with an interesting issue. He had a Base64 representation of data. Base64 is usually used to create a string representation of binary data. But did you know that you can also Base64 encode string data? In his case it was being used in some PHP code to encode layout for a blog theme. He needed to get to the original code but wasn't sure how to do that in ColdFusion. Here is what I came up with. First, start off with your Base64 string. (Note - in the code template below I'm going to add a few spaces just to make it wrap better. )

view plain print about
1<cfset b64 = 'Pz4gPC9kaXY+PCEtLSBlbmQgcGFnZSAtLT4NCgo8ZGl2I GlkPSJmb290ZXItd3JhcCI+DQoKCTxkaXYgaWQ9ImZvb3RlciIgY2xhc3 M9ImNsZWFyZml4Ij4NCgkNCgkJPHAgaWQ9ImxlZ2FsIj5Db3B5cmlnaHQ gJmNvcHk7IDIwM DggPGEgaHJlZj0iPD8gYmxvZ2lu Zm8oJ3VybCcpOyA/PiI+PD8gYmxvZ2luZm8oJ25h bWUnKTsgPz48 L2E+DQoJCSZidWxsOyA8P3BocCBpZihpc19ob21lKCkpIDogPz48YSBocmVmPSJodHRwOi8vd29yZHByZXNz dGhlbWVzYmFzZS5jb20vIiB0aXRsZT0iV29yZHByZXNzIHRlbXBsYXRlcyI+V2 9yZHByZXNzIHRlbXBsYX RlczwvYT48P3BocCBlbmRpZjsgPz4NCgkNCgk8L2R pdj4NCgk8P3BocCB3cF9mb290ZXIoKTsgPz4NCgo8L2Rpdj48IS0tIGVuZCBm b290ZXItd3Jhc CAtLT4NCgoNCjwvYm9keT4NCjwvaHRtbD4gPD8='>

Ok - so now what? ColdFusion provides a toBase64 function but no "from"Base64. There is a toString function, but since Base64 is already a string, running toString on it doesn't do anything. However, we can convert this into binary data using toBinary:

view plain print about
1<cfset f = ToBinary(b64)>

And now we have a binary representation of the Base64 string. But how do we view it? If you try to output f you will get an error. But now is the time where toString helps out:

view plain print about
1<cfset z = toString(f)>
2<cfoutput>
3#htmleditformat(z)#
4</cfoutput>

And when output we get:

view plain print about
1?> </div><!-- end page --> <div id="footer-wrap"> <div id="footer" class="clearfix"> <p id="legal">Copyright &copy; 2008 <a href="<? bloginfo('url'); ?>"><? bloginfo('name'); ?></a> &bull; <?php if(is_home()) : ?><a href="http://wordpressthemesbase.com/" title="Wordpress templates">Wordpress templates</a><?php endif; ?> </div> <?php wp_footer(); ?> </div><!-- end footer-wrap --> </body> </html> <?

Wow that PHP code looks awesome! Anyway - I hope this helps others. This is the first I've seen of Base64 versions of strings. It seems to be used as a way to obfuscate the code. I've also heard that apparently this has been used to hack Wordpress themes as well.

Comments

[Add Comment] [Subscribe to Comments]

Michael said on 02-02-2011 at 11:14 PM #
Base 64 representations of strings are also sometimes used in windows active directory properties and also in http headers when using http authentication.
Raymond Camden said on 02-03-2011 at 8:16 AM #
Ah cool - thanks Michael.
Joshua Caito said on 02-03-2011 at 8:54 AM #
You could also have used the BinaryEncode() function.

i.e. BinaryEncode(b64,"Base64")
Raymond Camden said on 02-03-2011 at 8:59 AM #
Wow, even simpler. Thanks Joshua!
Joshua Caito said on 02-03-2011 at 9:00 AM #
I meant:
<cfset f = BinaryDecode(b64,"Base64") />
for the conversion. Long morning already...
Joshua Caito said on 02-03-2011 at 9:06 AM #
Alright, I thought I better make right for my faux pas:

<cfset b64 = 'Pz4gPC9kaXY+PCEtLSBlbmQgcGFnZSAtLT4NCgo8ZGl2I GlkPSJmb290ZXItd3JhcCI+DQoKCTxkaXYgaWQ9ImZvb3RlciIgY2xhc3 M9ImNsZWFyZml4Ij4NCgkNCgkJPHAgaWQ9ImxlZ2FsIj5Db3B5cmlnaHQ gJmNvcHk7IDIwM DggPGEgaHJlZj0iPD8gYmxvZ2lu Zm8oJ3VybCcpOyA/PiI+PD8gYmxvZ2luZm8oJ25h bWUnKTsgPz48 L2E+DQoJCSZidWxsOyA8P3BocCBpZihpc19ob21lKCkpIDogPz48YSBocmVmPSJodHRwOi8vd29yZHByZXNz dGhlbWVzYmFzZS5jb20vIiB0aXRsZT0iV29yZHByZXNzIHRlbXBsYXRlcyI+V2 9yZHByZXNzIHRlbXBsYX RlczwvYT48P3BocCBlbmRpZjsgPz4NCgkNCgk8L2R pdj4NCgk8P3BocCB3cF9mb290ZXIoKTsgPz4NCgo8L2Rpdj48IS0tIGVuZCBm b290ZXItd3Jhc CAtLT4NCgoNCjwvYm9keT4NCjwvaHRtbD4gPD8='>
<cfset f = BinaryDecode(b64,"base64") />
<cfset f = charsetEncode(f,"utf-8") />

<cfoutput>#f#</cfoutput>

That will replace the toString() call and allows you to explicitly specify the binary encoding.
Grumpy CFer said on 02-04-2011 at 4:40 AM #
Some helper functions for you. Includes Base64URL functions which is needed for several Google APIs.

http://pastebin.com/bFb1bBpU
Raymond Camden said on 02-04-2011 at 9:27 AM #
That's nice Grumpy. Any reason you don't want to share your real name? :)
Ben Nadel said on 02-07-2011 at 4:33 PM #
I've never had a good handle on the binaryEncode / binaryDecode functions. I've read the docs before, but something about them never clicked.
Grumpy CFer said on 02-10-2011 at 4:19 AM #
Thanks Ray. No real name because I don't want to get too involved with the community. I have some very differing opinions on what makes good CF code and don't want to have to defend or spend my time convincing people why I think it's the better approach. So I just pop up every once in a while, usually to rant, and then lurk again.

However, this time I got to be helpful. :-)
Raymond Camden said on 02-10-2011 at 6:04 AM #
That's unfortunate. I firmly believe that you should be able to state your opinion even if it is in the minority. I invite you - next time - to go public here. If folks complain, I'll put a stop to it. (Well, if they make it personal. I'm all for a good, respectful argument. ;)
Terry B said on 07-01-2011 at 10:55 AM #
Thanks Grumpy, havent tried them yet but exactly what I was looking for; functions to handle the base64url functions. Facebook Deauthorize Callback depends on base64url vs base64.

[Add Comment] [Subscribe to Comments]