So I tried to make the tiniest change possible to one of the pages on our build system and was faced with much up-roar about it. It was a small change that tried to allow our team to easily identify downed hosts in a quicker manner by highlighting them. The other members of the community didn’t seem to appreciate me changing the source code of the system (even tho it was a small change to only one page!) so they practically made me change it back. They don’t even have access to our build system so the change was really to make our lives a bit easier and it was a page that they weren’t even required to visit. Anyway, I’m just going to leave this little easter-egg here for my team lol! I’m at a loss for words so wow is all I can say…

Edit: If they find out about this “feature” I might need some tips on obfuscating javascript code with something that encrypts, encodes, decodes, decrypts, evals and executes js on the fly, you know, like what the “bad” guys do!

Edit2: Just some thoughts on what I could use, the worst case is that the JS code is fully CIA’d with a common shared secret key that only our team knows and the easter-egg is something un-guessable. That would be a pain to use but there’s pretty much no way (as of today) anyone could crack that given a strong enough password lol 🙂

Confidentiality: AES-256-CBC
Integrity: SHA512
Authentication: HMAC_SHA512

<script>
function montostr(monthstr)
{
	var monthlst = ["jan", "feb", "mar", "apr", "may", "jun", "jul", "aug", "sep", "oct", "nov", "dec"];
	var x;
	monthstr = monthstr.substring(0, 3).toLowerCase();
	for (x = 0; x < monthlst.length; ++x)
	{
		if (monthstr == monthlst[x])
		{
			return x;
		}
	}
	return 0;
}
function magiclik()
{
	document.body.style.background = "#000000";
	var dateobjc = document.getElementById("loginInfo");
	var datestri = dateobjc.innerHTML.replace(/[\t\r\n]/g, "").replace(/^[^0-9A-Za-z]+/, "").replace(/UTC.*$/, "").replace(/[^0-9A-Za-z]+$/, "");
	var datelist = datestri.replace(/ /g, ":").split(":");
	datelist[2] = montostr(datelist[2]);
	var datetime = new Date(datelist[3], datelist[2], datelist[1], datelist[4], datelist[5], datelist[6]);
	var rowdlist = document.getElementsByTagName("tr");
	var x, coldlist, hostdati;
	for (x = 0; x < rowdlist.length; ++x)
	{
		if (!rowdlist[x].innerHTML.replace(/[\t\r\n]/g, "").match(/^.*<a href="hostinfo\?hostID=[0-9]+">[^<]+<\/a>.*$/))
		{
			continue;
		}
		coldlist = rowdlist[x].getElementsByTagName("td");
		datelist = coldlist[5].innerHTML.replace(/[\t\r\n]/g, "").replace(/[^0-9]/g, ":").split(":");
		if (datelist.length < 6)
		{
			continue;
		}
		datelist[1] = (parseInt(datelist[1].replace(/^[^1-9]/g, "")) - 1);
		hostdati = new Date(datelist[0], datelist[1], datelist[2], datelist[3], datelist[4], datelist[5]);
		coldlist = coldlist[1].getElementsByTagName("a");
		if ((hostdati.getTime() / 1000) <= ((datetime.getTime() / 1000) - (15 * 60)))
		{
			coldlist[0].innerHTML = ("<font color='red'>" + coldlist[0].innerHTML + "</font>");
		}
		else
		{
			coldlist[0].innerHTML = ("<font color='green'>" + coldlist[0].innerHTML + "</font>");
		}
	}
}
function magicmod()
{
	var imagobjc = document.getElementById("kojiLogo");
	imagobjc.onclick = magiclik;
}
if (location.href.match(/^.*hosts.*$/))
{
	window.onload = magicmod;
}
</script>