Sometimes on websites you see something like this
<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="LONG HEX STRING HERE">[email protected]</a>
In order to decrypt it, you can make use of this LoliCode:
BLOCK:Parse
input = @data.SOURCE
leftDelim = "cfemail=\""
rightDelim = "\""
MODE:LR
=> VAR @LONGHEX
ENDBLOCK
string DecodeEmail(string encodedString)
{
string email = "";
int r = Convert.ToInt32(encodedString.Substring(0, 2), 16), n, i;
for (n = 2; encodedString.Length - n > 0; n += 2)
{
i = Convert.ToInt32(encodedString.Substring(n, 2), 16) ^ r;
char character = (char)i;
email += Convert.ToString(character);
}
return email;
}
var EMAIL = DecodeEmail(LONGHEX);
LOG EMAIL
It will print the email in cleartext
If you need to decode more than 1 email, parse them all recursively and execute the operation on all of them like this
BLOCK:Parse
input = @data.SOURCE
leftDelim = "cfemail=\""
rightDelim = "\""
RECURSIVE
MODE:LR
=> VAR @OBFUSCATED
ENDBLOCK
string DecodeEmail(string encodedString)
{
string email = "";
int r = Convert.ToInt32(encodedString.Substring(0, 2), 16), n, i;
for (n = 2; encodedString.Length - n > 0; n += 2)
{
i = Convert.ToInt32(encodedString.Substring(n, 2), 16) ^ r;
char character = (char)i;
email += Convert.ToString(character);
}
return email;
}
var EMAILS = OBFUSCATED.Select(e => DecodeEmail(e)).ToList();
LOG EMAILS
Ruri