Working with Base64 representations of strings in ColdFusion

Kevin pinged me earlier today with an interesting issue. He had a Base64 representation of data. Base64 is usually used to create a string representation of binary data. But did you know that you can also Base64 encode string data? In his case it was being used in some PHP code to encode layout for a blog theme. He needed to get to the original code but wasn't sure how to do that in ColdFusion. Here is what I came up with. First, start off with your Base64 string. (Note - in the code template below I'm going to add a few spaces just to make it wrap better. )

Ok - so now what? ColdFusion provides a toBase64 function but no "from"Base64. There is a toString function, but since Base64 is already a string, running toString on it doesn't do anything. However, we can convert this into binary data using toBinary:

<cfset f = ToBinary(b64)>

And now we have a binary representation of the Base64 string. But how do we view it? If you try to output f you will get an error. But now is the time where toString helps out:

<cfset z = toString(f)> <cfoutput> #htmleditformat(z)# </cfoutput>

And when output we get:

?> </div> <div id="footer-wrap"> <div id="footer" class="clearfix"> <p id="legal">Copyright © 2008 <a href="<? bloginfo('url'); ?>"><? bloginfo('name'); ?></a> • <?php if(is_home()) : ?><a href="http://wordpressthemesbase.com/" title="Wordpress templates">Wordpress templates</a><?php endif; ?> </div> <?php wp_footer(); ?> </div> </body> </html> <?

Wow that PHP code looks awesome! Anyway - I hope this helps others. This is the first I've seen of Base64 versions of strings. It seems to be used as a way to obfuscate the code. I've also heard that apparently this has been used to hack Wordpress themes as well.

Raymond Camden

Working with Base64 representations of strings in ColdFusion

Support this Content!

Webmentions