There is a good initial code review which points out the alarming bug that keys are _hardcoded_ in the symmetrical encoding mode, and can be found in the source!
"Basically the script encrypts a randomly generated ephemeral key using RSA but then ignores it and uses the above hardcoded key for symmetric encryption."
"Basically the script encrypts a randomly generated ephemeral key using RSA but then ignores it and uses the above hardcoded key for symmetric encryption."
[1] http://www.daemon.de/blog/2014/04/25/351/code-review-lulzlab...