Jdownloader CNL2

The last few days i started surfing this side of the web again. To my surprise Jdownloader is still a thing. As i dont want to install this for a few uses, here is the incantation you have to do to decrypt its CnL2 format.

echo "DATA" | openssl enc -aes-128-cbc -nosalt -d -iv "KEY" -K "KEY" -nopad -a

KEY is the result of calling the jk input value, DATA is the value of the crypted field.

Here is a bookmarklet to replace the form with the command to run. Or the code if you want to run it yourself.

I tried using the SubtleCrypto API to decrypt entirely in the browser, but i couldnt figure out how. I even try asking ChatGPT.

[...document.querySelectorAll(`form[action="http://127.0.0.1:9666/flash/addcrypted2"]`)].forEach(function($form){
    const form = new FormData($form);
    const data = [eval(`(function(){${form.get("jk")} return f()})()`), form.get("crypted")];
    const cmd = `echo "${data[1]}" | openssl enc -aes-128-cbc -nosalt -d -iv "${data[0]}" -K "${data[0]}" -nopad -a`;
    $pre = document.createElement("pre");
    $pre.innerHTML = cmd;
    $form.parentNode.replaceChild($pre, $form)
})

There are a some browser extensions that also do this. But thats too much hassle for a few times.