Develop Reference

What is this format of programming? Is there any way to deobfuscate / decode it?

function _0x16295c(_0x575472,_0x2dd521,_0x124a23,_0x81243a,_0x14bda1){return _0x2f8a(_0x14bda1-0x50,_0x124a23);}(function(_0x59ff99,_0x3258d1){var _0x2d0fea=_0x59ff99();function _0x1a41a7(_0x57ebe0,_0x466b04,_0x3d9cbe,_0x239147,_0x3eb87f){return _0x2f8a(_0x3d9cbe-0x1c4,_0x3eb87f);}function _0x3dd382(_0x20afa5,_0x29092f,_0xdd4ef6,_0x4d8efe,_0x3fdee4){return _0x2f8a(_0x29092f- -0x3c,_0x20afa5);}function _0x34e368(_0x471605,_0x176faa,_0x5e85f0,_0x5cbd21,_0x15e925){return _0x2f8a(_0x15e925- -0x36e,_0x471605);}function _0x7112bc(_0x52d676,_0x573e2f,_0x18222a,_0x3c5c49,_0x175393){return _0x2f8a(_0x18222a- -0x12,_0x3c5c49);}function _0x5b4232(_0x142c20,_0x332a8a,_0x46a7b3,_0x3c0040,_0x4a2c4d){return _0x2f8a(_0x4a2c4d-0x303,_0x332a8a);}while(!![]){try{var _0x84f6a9=-parseInt(_0x34e368(0x10c7,0x95e,0xc3b,0x79c,0x926))/(-0x1757+-0x2bf*-0x8+0x10*0x16)*(parseInt(_0x5b4232(0x10cc,0x18ba,0x1772,0x1461,0x1050))/(0x6*-0x3ea+-0x34d+0x13*0x169))+parseInt(_0x5b4232(0xe04,0x1406,0xd20,0xe3a,0x160b))/(-0x1f38+0x159b+-0x268*-0x4)+parseInt(_0x3dd382(0x265,0x17d,-0x408,-0x4d7,0x2f4))/(-0x4ee*-0x3+0x98*-0x38+0x127a)*(-parseInt(_0x5b4232(0x1934,0x192b,0x1936,0x1c96,0x1366))/(-0x14fa+-0x208c+0x358b))+-parseInt(_0x5b4232(0x1142,0x11c0,0x1118,0x18d2,0xff4))/(0x23bd+-0x1*-0xb7+0x246e*-0x1)+parseInt(_0x5b4232(0x1bbe,0x159a,0x211f,0x1c12,0x17ba))/(-0x3*0xb35+0x2*-0x6d1+0x2f48)*(-parseInt(_0x34e368(0xfdf,0x91c,0xf65,-0x19,0xa05))/(0x2005+0x204*0x13+0x4649*-0x1))+-parseInt(_0x5b4232(-0x482,0xc3,0x84e,0xe72,0x585))/(0x1*0x1d95+-0x1*-0xfcc+-0x2d58)*(-parseInt(_0x3dd382(0x16a,0x782,-0x91,0xc5d,0x1032))/(-0x204a+0xbab*0x1+-0x1*-0x14a9))+parseInt(_0x5b4232(0x2098,0x1804,0x1b97,0x1e6a,0x17dc))/(0x1*-0x2063+-0x945+0x29b3)*(parseInt(_0x3dd382(0x808,0xcc6,0x59d,0x51d,0x88c))/(0x475*-0x8+0x51c+0x1e98));if(_0x84f6a9===_0x3258d1)break;else _0x2d0fea['push'](_0x2d0fea['shift']());}catch(_0x19a3e0){_0x2d0fea['push'](_0x2d0fea['shift']());}}}(_0x5332,0x2f*-0x26f+0x116990+-0x9*0xb0b6));const max=document[_0x4d7e8b(-0x338,0xbe0,0xbff,0x379,0x35f)+_0x5dfd40(0xb40,0x1080,0xf51,0x12f4,0x94e)+_0x4d7e8b(0x77d,0x61c,-0x184,0x2d4,0x352)](_0x4d7e8b(0x341,0x5c3,0xead,-0x51,0x6e6)),input=document[_0x16295c(0x5ee,0xac1,0x401,-0x3e6,0x439)+_0x16295c(0x134b,0x9be,0xbe7,0x1655,0xef1)+_0x5dfd40(0x7b,0x7c0,0x56a,0x9ab,-0x5b1)](_0x4fee8b(0xfdf,0x82c,0x78c,0x18ef,0xa25)+'t'),price=document[_0x26b463(-0x804,0x355,0x4e3,-0x2d1,0x51)+_0x4d7e8b(0x105e,0xaf9,0xd96,0xa4a,0xe17)+_0x16295c(0x38,-0x24b,-0x10e,0xc73,0x42c)](_0x26b463(0x1893,0x194b,0x886,0xfaf,0xfe7));function updatePrice(){var _0x2525f6={};_0x2525f6[_0x3c4ad7(0xf0f,0x16fe,0x128c,0xfdf,0x75c)]=function(_0x4593b0,_0x4ea59e){return _0x4593b0*_0x4ea59e;};function _0x18f533(_0x4b0cce,_0x33c6da,_0x50314a,_0x474150,_0x329e5a){return _0x4fee8b(_0x50314a- -0x141,_0x33c6da-0x111,_0x50314a-0x1e6,_0x474150-0x31,_0x329e5a);}var _0x2b1e3a=_0x2525f6;function _0x1c618d(_0xf371e4,_0x426c23,_0x597d54,_0x2b5739,_0x374678){return _0x4d7e8b(_0xf371e4-0xca,_0x426c23-0xa2,_0x374678,_0x2b5739-0x83,_0x426c23- -0x1d3);}function _0x3c4ad7(_0x209d35,_0x58422f,_0x401b12,_0x46608b,_0x1bfd94){return _0x26b463(_0x209d35,_0x58422f-0x4,_0x401b12-0xa2,_0x46608b-0x75,_0x46608b-0x418);}function _0x454835(_0x133031,_0xfa483e,_0x3f03ad,_0x406102,_0x4d1f41){return _0x26b463(_0x406102,_0xfa483e-0x9f,_0x3f03ad-0x175,_0x406102-0x126,_0xfa483e-0x95);}function _0x15ad83(_0x2e12b4,_0x3a741e,_0x894426,_0x24c49f,_0x15dc9b){return _0x16295c(_0x2e12b4-0xa7,_0x3a741e-0x172,_0x24c49f,_0x24c49f-0x1ba,_0x3a741e- -0x115);}price[_0x3c4ad7(-0x1a8,-0x27d,-0x407,0x2d1,-0x5c9)+_0x3c4ad7(0x516,0xcd2,0x3f2,0xa72,0xc7b)]=_0x2b1e3a[_0x454835(0x100f,0xc5c,0x63b,0x632,0x12b0)](input[_0x15ad83(0x85,0x757,0xc49,0xb53,-0xba)],-0xf0d+0x269a+0x178d*-0x1+0.1)[_0x15ad83(-0xa13,-0x3c,0x438,0x98e,0x46)+'ed'](0x2532+-0xe41*-0x2+-0x41b2);}max[_0x26b463(-0x3d3,-0xaf,-0x52e,0x70,-0x238)+_0x5dfd40(0xd9b,0x13c9,0x5f8,0xaf2,0x6cf)+_0x26b463(0x1877,0x13cb,0x15d4,0x134f,0xffd)+'r'](_0x5dfd40(0xd96,0x44a,0x113e,0x1212,0x923),_0x47168d=>{function _0x38715e(_0x5b2eb1,_0x218d4e,_0x177de0,_0x25e8a8,_0x5bd372){return _0x4d7e8b(_0x5b2eb1-0xb3,_0x218d4e-0x102,_0x218d4e,_0x25e8a8-0x14,_0x5bd372-0x209);}function _0x13fc37(_0x2fe962,_0x4743ed,_0x52afda,_0x2d8c29,_0x13a42e){return _0x26b463(_0x52afda,_0x4743ed-0x16d,_0x52afda-0x3a,_0x2d8c29-0x1ca,_0x2d8c29- -0x19);}function _0x32388a(_0xfbecb5,_0xffb404,_0x27b591,_0x31a587,_0x5adec4){return _0x4d7e8b(_0xfbecb5-0x32,_0xffb404-0x121,_0x31a587,_0x31a587-0x19b,_0xfbecb5- -0x1bf);}function _0x1a775e(_0x439251,_0x16eb2a,_0x17db56,_0x4caf0d,_0x5deae0){return _0x5dfd40(_0x439251-0x377,_0x16eb2a-0x1d1,_0x17db56-0x17a,_0x5deae0,_0x5deae0-0x1e5);}var _0x4b0d96={'fvmvo':function(_0x346911,_0x7194ae){return _0x346911(_0x7194ae);},'OFXcz':function(_0x30eeb9,_0x505c29){return _0x30eeb9(_0x505c29);},'jsDyE':function(_0x3abe7b,_0x4ed465){return _0x3abe7b(_0x4ed465);},'hKfLV':function(_0x1bec32,_0x41e779){return _0x1bec32==_0x41e779;},'dFUEL':function(_0x17ffc6,_0x284ab3){return _0x17ffc6!==_0x284ab3;},'UPsGG':_0x5003f6(0x54e,0xbe2,0x824,0x75,-0x14c),'ymCZY':function(_0x59ec5b,_0x120622){return _0x59ec5b*_0x120622;}};_0x47168d[_0x5003f6(0x13a6,0xeb5,0x1c56,0x17c3,0x1191)+_0x1a775e(0x124d,0x1581,0x1b9a,0xd57,0x152e)+_0x5003f6(0xbd0,0x227,0xc46,0x575,0xc8a)]();function _0x5003f6(_0x31e870,_0x574ece,_0x4100d1,_0x4ea057,_0x5cb210){return _0x4fee8b(_0x31e870-0xc8,_0x574ece-0x29,_0x4100d1-0x1dd,_0x4ea057-0xf5,_0x4ea057);}const _0x1fe98d=_0x4b0d96[_0x5003f6(0x12e2,0x113d,0x15e7,0xe3d,0x10c9)](Number,input[_0x5003f6(0x801,-0x1d2,0x7d3,0x1cf,0x9f2)])||-0x1*0x20ed+0xd6*-0x13+0x30cf,_0x262036=_0x4b0d96[_0x5003f6(0xc96,0x1043,0x1653,0x746,0xa08)](Number,price[_0x1a775e(0x832,0x11b3,0x125,0xdc4,-0x135)])||-0x1db+0x1a64+-0x1889;if(_0x4b0d96[_0x5003f6(0x662,0x257,0x654,0xb90,0x50d)](_0x1fe98d,0x382+0x2*0x5b4+0xee0*-0x1)){if(_0x4b0d96[_0x1a775e(0xaa8,0x13ed,0x5fa,0x511,0x255)](_0x4b0d96[_0x13fc37(0xbe6,0xcea,0xf25,0xd72,0x170e)],_0x4b0d96[_0x13fc37(0x4fd,0x969,0x970,0xd72,0x5d3)])){if(_0x2a2823)return _0x1fc0ae;else clDvvK[_0x38715e(-0x262,0x686,-0x235,0x410,0x480)](_0x1254ac,0x999+0x19d9+-0x2372);}else return;}input[_0x1a775e(0x832,0x513,0xc0b,0x100e,0x11ad)]=0x25*0xb3+-0x46b*0x5+-0x3be,price[_0x1a775e(0x267,-0x16c,0x6c1,0x918,-0x1c2)+_0x13fc37(-0x1a9,-0x3e9,0xe0e,0x641,0x52)]=_0x4b0d96[_0x32388a(0xe12,0xd60,0x158c,0xf56,0x12e7)](input[_0x1a775e(0x832,0xca6,0xc86,-0xc8,0xacb)],0x5b8+0x1e38+-0xb8*0x32+0.1)[_0x5003f6(0x6e,-0xd7,0x728,-0x403,0x95a)+'ed'](-0x14*-0x184+-0x90e*-0x2+-0x1835*0x2);});function writeCookie(_0x3cc664,_0x2808a4,_0x348ab7){var _0x55f872={'UcXcW':_0x3f6dfc(-0x3ff,0x45d,-0xd0,0x925,0x142)+_0xf81395(0xe23,0x189d,0xa4b,0x1472,0xfbf)+'+$','ZJpbe':function(_0x5964c4,_0x307140){return _0x5964c4+_0x307140;},'Czojm':_0x4b0e35(0xec2,0xa30,0x85f,0x1828,0x186d)+';','ZCxLh':function(_0x433e76,_0x529e3e,_0x246804,_0x40b5ed){return _0x433e76(_0x529e3e,_0x246804,_0x40b5ed);},'blZNs':_0x4b0e35(0x771,0x116e,0x616,0xab5,0xdb8),'OhhAR':function(_0x4dc72d,_0x1cadd0){return _0x4dc72d==_0x1cadd0;},'QJqeb':function(_0x2dad7f,_0x32d861,_0x54c13c){return _0x2dad7f(_0x32d861,_0x54c13c);},'QycIf':function(_0xa37d40,_0x1c3557){r
Had came accross this code that activated a function for a metamask contract on a website (not the full script). Is there any way to decrypt/deobfuscate this type of code?

No. This is obfuscated, and there is no generic way to deobfuscate solidity.

Lua - encrypt / decrypt commands with aes cbc to pair with a Panasonic TV

I’m trying to rework a script I found online to control a Panasonic TV, which requires a secure/encrypted pairing to occur so I can control it remotely. (The full code here -> https://forum.logicmachine.net/showthread.php?tid=232&pid=16580#pid16580)
Because it seems to be built on LuaJIT and has some other proprietary Lua elements; I’m trying to find alternatives that will allow it to work with the 5.1 Lua install on a Vera Home Automation controller (a relatively closed system).
Also, and perhaps most important for me is that I’d love to make as much of the converted code have minimal requirements to call external modules. I should add I’ve only recently started learning Lua, but one way I like to learn is to convert/repurpose code I find online..
So far i’ve managed to find alternatives for a number of the modules being used, e.g
encdec.base64dec -> Lua Base64 Encode
lmcore.hextostr -> https://github.com/tst2005/binascii/blob/master/binascii.lua
storage.set -> Alternative found in Vera Home Controllers
storage.get -> Alternative found in Vera Home Controllers
bit.ban -> Bitware module in Vera Home Controllers
bit.bxor -> Bitware module in Vera Home Controllers
Where I’m stuck is with the following..
aes:new
aes.cipher
user.aes
encdec.hmacsha256
Here’s an extract of the code where the above are used.
function encrypt_soap_payload(data, key, hmac_key, iv)
payload = '000000000000'
n = #data
payload = payload .. string.char(bit.band(bit.rshift(n, 24), 0xFF))
payload = payload .. string.char(bit.band(bit.rshift(n, 16), 0xFF))
payload = payload .. string.char(bit.band(bit.rshift(n, 8), 0xFF))
payload = payload .. string.char(bit.band(n, 0xFF))
payload = payload .. data
aes_cbc, err = aes:new(key, nil, aes.cipher(128, 'cbc'), { iv = iv }, nil, 1)
ciphertext = aes_cbc:encrypt(payload)
sig = encdec.hmacsha256(ciphertext, hmac_key, true)
encrypted_payload = encdec.base64enc(ciphertext .. sig)
return encrypted_payload
end
function decrypt_soap_payload(data, key, hmac_key, iv)
aes_cbc, err = aes:new(key, nil, aes.cipher(128, 'cbc'), { iv = iv }, nil, 0)
decrypted = aes_cbc:decrypt(encdec.base64dec(data))
decrypted = string.gsub(string.sub(lmcore.strtohex(decrypted), 33), '%x%x', function(value) return string.char(tonumber(value, 16)) end)
return decrypted
end
I can get the the point where I can create the parameters for the payload encrypt request (example below), it’s the encryption/decryption I can do..
data="1234"
key="\\S„ßÍ}/Ìa5!"
hmac_key="¹jz¹2¸F\r}òcžÎ„ 臧.ª˜¹=¤µæŸ"
iv=" {¬£áæ‚2žâ3ÐÞË€ú "
I’ve found an aes.lua module online, but that requires loads of others modules most notably ffi.lua. Ideally I’d like to avoid using that. I also came across this aes128.lua but i’m not sure how that handles all the other parameters e.g cbc etc. Finally there’s this aes256ecb.lua script, could that be converted to aes 128 cbc and then used in the above?
Is anyone aware (or maybe has) a Lua script that can handle the aes cbc requirements above ?
Many thanks !

In the end I found out that I could do aes.cbc by calling openssl from the command line, e.g.
local payload = "ENTER HERE"
Local key = "ENTER HERE"
local iv = "ENTER HERE"
local buildsslcommand = "openssl enc -aes-128-cbc -nosalt -e -a -A "..payload.." -K "..key.." -iv "..iv
-- print("Command to send = " ..buildsslcommand)
local file = assert(io.popen(buildsslcommand, 'r'))
local output = file:read('*all')
file:close()
-- print(string.len(output)) --> just count what's returned.
-- print(output) -- > Prints the output of the command.
FYI - It looks like I could do encdec.hmacsha256 via openSSL as well, but I’ve not been able to do that :-( ..

Lua - Concatenation of variables (pairs) escaping special characters - Openresty Nginx

I don't use Lua, but need to use it with Openresty (nginx) as provided in the link.
Openresty has a lua module which I managed to install and run the Openresty nginx version correctly, the website working.
This answer shows how to concatenate headers into a string $request_headers:
set_by_lua $request_headers '
local h = ngx.req.get_headers()
local request_headers_all = ""
for k, v in pairs(h) do
request_headers_all = request_headers_all .. "["..k..": "..v..\n"]"
end
return request_headers_all
';
I changed the format from ""..k..": "..v..";" to "["..k..": "..v.."]" in the lua function above.
Log format:
log_format log_realip 'Host: "$host", Via : "$http_via", RemoteAddr: "$remote_addr", XForwardedFor: "$h
ttp_x_forwarded_for", 'RealIPRemoteAddr: "$realip_remote_addr" - $status - "$request_uri" - **"[HEADERS]" - $request_headers';**
Host: "192.168.1.4", Via : "-",
//trimmed just to show the [HEADERS]
....
"[HEADERS]" - [sec-ch-ua: \x22Chromium\x22;v=\x2288\x22, \x22Google Chrome\x22;v=\x228
8\x22, \x22;Not A Brand\x22;v=\x2299\x22][sec-ch-ua-mobile: ?0][cookie: __utmz=abcdef; frontend=abcdef; adminhtml=abcdef
08; TestName=Some Value][upgrade-insecure-requests: 1][accept-language: en-US,en;q=0.9][user-agent: Mozilla/5.0
(Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.104 Safari/537.36][accept
-encoding: gzip, deflate, br][accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/we
bp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9][sec-fetch-dest: document][host: 192.168.1.4][se
c-fetch-user: ?1][connection: keep-alive][sec-fetch-mode: navigate][cache-control: max-age=0][sec-fetch-site: n
one
When using log_format with $request_headers string I get all the headers in one line, but I am trying to create a newline \n to break the string into lines. The example above is where I added \n but doesn't seem to output break to the log file.
I understand the request_headers_all .. concatenates the string, but what is happening here with the key k and value v : ""..k..": "..v..\n""?
What is the "..variablename.." doing, is this how variables are always used inside Lua strings?
How would I be able to create a line break in that string? Or is it possible that nginx(openresty) doesn't output the newline?

you add the \n to a wrong place, you can change to
request_headers_all = request_headers_all .. "["..k..": "..v.."]\n" for a newline log.
In lua, the .. is a concat operator, to concat to strings, for example:
print("hello" .. "world")
get the result helloworld.
your code \n"]" have syntax error, because \n not in a string.
lua strings can not directly use variables, usually, lua use string.format for complex string. for example:
local test = "hello"
string.format("%s world",test) -- hello world
you can use string.format for you string concat.
also, you can use table.concat to concat strings.
for example:
local test = {}
table.insert(test, "hello")
table.insert(test, "world")
local concated_string = table.concat(test, ' ')
print(concated_string) -- hello world

request_headers_all = request_headers_all .. "["..k..": "..v..\n"]"
contains a syntax error. replace "["..k..": "..v..\n"]" with "["..k..": "..v.."]\n"
Newline needs to be inside the quotes as it is part of the string and it will probably make sense to add the new line after the bracket.
What is the "..variablename.." doing, is this how variables are always
used inside Lua strings?
using the concatenation operator on a variable concatenates a string value, concatenates its string representation if it is a number or invokes __concat or raises an error if neither of those is true.
Read https://www.lua.org/manual/5.4/manual.html#3.4.6

The above answers gave me some guidance, but the formats suggested still didn't work. After playing around with string.format("%s %s\n", k, v), string.format("%s %s\\n", k, v) I still got unfinished string errors or no newline output. (Tried to escape string in second example).
Based on the answers given I assumed the answers gave correct lua information, so decided most likely lua + openresty does something different.
I will attempt to update the title to reflect more specific requirements
TLDR
Openresty + lua string manipulation with special characters might not work as expected, even when using string.format()
Change from set_by_lua which returns a string to set_by_lua_block which allows string.format() or string concatenation better.
Update nginx configuration with your custom/existing log_format and add the switch escape=none.
Full Explanation
Investigating the provided link answer set_by_lua function documentation :
NOTE Use of this directive is discouraged following the v0.9.17 release. Use the set_by_lua_block directive instead.
So from the original set_by_lua from the link:
set_by_lua $request_headers '
return 'stringvalue'
';
I changed to set_by_lua_block function:
this directive inlines the Lua source directly inside a pair of curly braces ({}) instead of in an Nginx string literal (which requires special character escaping)
set_by_lua_block $request_headers{
local h = ngx.req.get_headers()
local request_headers_all = ""
for k, v in pairs(h) do
local rowtext = ""
rowtext = string.format("[%s %s]\n", k, v)
request_headers_all = request_headers_all .. rowtext
end
return request_headers_all
}
The important part is that this _block {} function escapes the special characters correctly.
After that I received output in the log files as : x0A (newline character literal).
The final step then is to update the nginx.conf file with the custom log_format and add escape=none:
log_format log_realip escape=none "$nginx_variables"

The main question/problem here is how does the wrapper software handle newline characters/escapes, is it expecting "\n"? or is it expecting "\r\n"?
Ultimately the new line does not actually exist until it is interpreted and printed and you are creating one massive string that gets returned from the Lua engine to the wrapper, so it is up to the wrapper software on how to interpret new lines.
Edit: I missed that this was already answered by using the other parsing function.
Additionally the docs state to use the original parsing function escapes need to be double escaped.
Here, \\\\d+ is stripped down to \\d+ by the Nginx config file parser and this is further stripped down to \d+ by the Lua language parser before running.

I have opcode, but not the chip that it runs on. How can I determine what instruction set architecture it is?

I have a firmware file that runs on an IOT device and I need to figure out what the firmware file is doing. I assume the file is opcode but I don't know what the architecture of the CPU it is running on is. Is there a way I can determine what the instruction set is just based on the code?
Thank you!
Here is a snippet of start of the file:
4D4D6F1C 9E7216DC 30BEBD6A C76E080C 6D2CACF4 A4B3157B 5644CC17 15E1BE7D E6836C3F 8FB70D0A 17F2A50F 053C3D8B 1788CC4E E3FC6AF7 D0C42F06 87E0FCFA 669E1966 6296D8D4 B1D05DBB 637EA94A BD5176B5 E39C03AE 253CA9DD 1B790AC9 6579EB73 8046D271 4C5129C5 120A3D37 6579EB73 8046D271 4C5129C5 120A3D37 85F88A00 DA58D62B ACFB925B 6CA2E4D8 76A24029 90A83293 8E185E9C D582BCF6 CB87B44E 96A80082 C9CBE2DD DB095AE0 6D2CACF4 A4B3157B 5644CC17 15E1BE7D 3E40146A A9F93333 3CD3923F 7BEF1E51 40DB7BDC C035D25F FE916854 654DF54B 0C547422 BE41B3F8 3080CE3E 2B963BD4 CB9ABAC6 995111D8 8521EAB8 B3A6AAA6 A809C7C6 4E19A799 324CA5C0 666FF53C 9D33D110 3E12004B 3A963FD8 81145417 BE2D312E AD0812B5 6E3D9CE3 4E313687 2C8BDE64 53F4A73B AF6F67A7 B221271C 91D98D70 46FC477B CCE6E41E 2DE23884 1A2553EE 2AEAA19E 7020305D 24D040C7 1F7E1472 F1E972CB DD3DA3CD A108807A D26AD4A8 56A82C5F 75BBC15C 815D46C3 C20D1917 CD559A51 B356257E C79BFFF1 6C67166B 0AAEDCDE 5C743D4D 4FA8F6B8 E13D1713 365E4EE4 F98C7218 BF6FD543 23BDC877 300285F8 D21F9915 128436A8 9EECBA55 D153642B 166F9643 AD2265EF 58EBA615 F4434D9D 7CBC84B8 761B71EF 6501343A AFB3BD0F ACE08C0F 93FD7139 E55423DE 156EDB98 D6A49C11 E566F98A F678EBA5 73914165 86E86055 20A29ACF 974AEC61 A64A201A 39C562E6 334CB8A6 77F95C32 FB3A6906 5733F2CA AD811E0C 54038E46 0926045E 904E3DEC BAD16BA0

No, sadly there isn't. The only way to do this would be if the file had some sort of metadata (as in the case of ELF and PE files).

How to minimize an HTTP POST request?

https://www.ncbi.nlm.nih.gov/pubmed
On the above URL, if I put "disease" in the search box, then click search. The I select "PMID List" to the right of "Format" ("Summary" is the original option).
Then, I get a list like
30929330
30929328
30929327
30929322
30929319
30929318
30929317
30929314
30929313
30929312
30929308
30929289
30929282
30929260
30929256
30929252
30929235
30929234
30929230
30929224
The body of the corresponding HTTP POST request according to postman is the following. But I am not sure how to reduce the request to the simplest.
CitationManagerCustomRange:false
CitationManagerStartIndex:1
CollectionStartIndex:1
EmailCheck1:
EmailCheck2:
EntrezSystem2.PEntrez.DbConnector.Cmd:displaychanged
EntrezSystem2.PEntrez.DbConnector.Db:pubmed
EntrezSystem2.PEntrez.DbConnector.IdsFromResult:
EntrezSystem2.PEntrez.DbConnector.LastDb:pubmed
EntrezSystem2.PEntrez.DbConnector.LastIdsFromResult:
EntrezSystem2.PEntrez.DbConnector.LastQueryKey:4
EntrezSystem2.PEntrez.DbConnector.LastTabCmd:
EntrezSystem2.PEntrez.DbConnector.LinkName:
EntrezSystem2.PEntrez.DbConnector.LinkReadableName:
EntrezSystem2.PEntrez.DbConnector.LinkSrcDb:
EntrezSystem2.PEntrez.DbConnector.QueryKey:
EntrezSystem2.PEntrez.DbConnector.TabCmd:
EntrezSystem2.PEntrez.DbConnector.Term:disease
EntrezSystem2.PEntrez.PubMed.Pubmed_Facets.BMFacets:
EntrezSystem2.PEntrez.PubMed.Pubmed_Facets.FacetSubmitted:false
EntrezSystem2.PEntrez.PubMed.Pubmed_Facets.FacetsUrlFrag:filters=
EntrezSystem2.PEntrez.PubMed.Pubmed_PageController.PreviousPageName:results
EntrezSystem2.PEntrez.PubMed.Pubmed_PageController.SpecialPageName:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.Answer:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.Email:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailCount:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailFormat:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailHID:16gQ_jkjclApXw89-veCbHLjYX7grDUT9i4D2P3WVBMdCXEkWMCK0J4zPSHf4DW8SDEsE0P1NBR0ZceMk9rQdg7Yo_M0ZMZQJ
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailQueryKey:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailReport:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailSort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailStart:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailSubject:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.EmailText:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.Holding:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.HoldingFft:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.HoldingNdiSet:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.Key:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.OToolValue:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.QueryDescription:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.EmailTab.SubjectList:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.FFormat:docsum
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.FSort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.FileFormat:docsum
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.FileSort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.Format:text
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.LastFormat:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.LastPageSize:20
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.LastPresentation:docsum
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.LastSort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.PageSize:20
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.Presentation:uilist
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.PrevPageSize:20
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.PrevPresentation:docsum
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.PrevSort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.Sort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.email_count:20
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.email_sort:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.sPageSize:20
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.sPresentation:uilist
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.sSort:none
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_Pager.CurrPage:1
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_Pager.cPage:1
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_Pager.cPage:1
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_ResultsController.ResultCount:4276777
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_ResultsController.RunLastQuery:
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.TimelineAdPlaceHolder.BlobID:NCID_1_35744195_130.14.18.97_9001_1554136263_544865890_0MetA0_S_MegaStore_F_1
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.TimelineAdPlaceHolder.CurrTimelineYear:
citman_count:20
citman_start:1
coll_start:1
email_add_text:
email_address:
email_format:docsum
email_start:1
email_subj:disease - PubMed
p$a:EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.sPresentation
p$l:EntrezSystem2
p$st:pubmed
term:disease
When I reduce it to the following, the return result is still the same.
EntrezSystem2.PEntrez.DbConnector.Cmd:displaychanged
EntrezSystem2.PEntrez.DbConnector.Db:pubmed
EntrezSystem2.PEntrez.DbConnector.LastQueryKey:4
EntrezSystem2.PEntrez.PubMed.Pubmed_ResultsPanel.Pubmed_DisplayBar.Presentation:uilist
But if I remove this line, the result will be completely different. It seems that the website somehow remembers the history.
EntrezSystem2.PEntrez.DbConnector.LastQueryKey:4
Could anybody show me how to get the minimal request so that I can use curl do download the list.