0bin

Client side encrypted pastebin

Stars
1.34K
Forks
203
Open issues
37
Closed issues
86
Last release
over 3 years ago
Last commit
about 3 years ago
Watchers
1.34K
Total releases
5
Total commits
360
Open PRs
10
Closed PRs
27
Repo URL
Project Website
https://github.com/Tygs/0bin
Platform
License
wtfpl
Category
Usecase
Technology
Python javascript Shell Smarty SCSS
Offers premium version?
NO
Proprietary?
NO
About

0bin: a client side encrypted pastebin

0bin is a pastebin that encrypts the user content in the browser and can run without a database.

0bin allows anybody to host a pastebin while welcoming any type of content to be pasted in it. The idea is that one can (probably...) not be legally entitled to moderate the pastebin content as they have no way to decrypt it.

It's an Python implementation of the zerobin project, created by sebsauvage, under the WTFPL licence.

To run zerobin, download zerobin.pyz from the latest release then:

python zerobin.pyz

0bin requires Python 3.7 or higher.

You may need to type py -3.7 zerobin.pyz on Windows, or python3.7 zerobin.pyz on Mac/Linux, depending on your configuration.

If you are familiar with the Python ecosystem, you can also python -m pip install zerobin --user and run python -m zerobin for the same effect.

How it works

When creating the paste:

  • the browser generates a random key;
  • the pasted content is encrypted with this key using AES256;
  • the encrypted pasted content is sent to the server;
  • the browser receives the paste URL and adds the key in the URL hash (#).

When reading the paste:

  • the browser makes the GET request to the paste URL;
  • because the key is in the hash, the key is not part of the request;
  • browser gets the encrypted content end decrypts it using the key;
  • the pasted decrypted content is displayed and sourcecode is highlighted.

Key points:

  • because the key is in the hash, the key is never sent to the server;
  • therefore it won't appear in the server logs;
  • all operations, including code coloration, happen on the client-side;
  • the server is no more than a fancy recipient for the encrypted data.

Other features

  • automatic code coloration (no need to specify the language);
  • pastebin expiration: 1 day, 1 month or never;
  • burn after reading: the paste is destroyed after the first reading;
  • clone paste: you can't edit a paste, but you can duplicate any of them;
  • code upload: if a file is too big, you can upload it instead of using copy/paste;
  • copy paste to clipboard in a click;
  • own previous pastes history;
  • reader mode;

Known issues

  • 0bin uses several HTML5/CSS3 features that are not widely supported. In that case we handle the degradation as gracefully as we can.
  • The pasted content size limit check is not accurate. It's just a safety net, so we think it's ok.

Contributing

We cannot accept contributions for the moment, and will ignore PR.

Alternative Projects
No projects found

Subscribe to Open Source Businees Newsletter

Twice a month we will interview people behind open source businesses. We will talk about how they are building a business on top of open source projects.

We'll never share your email with anyone else.