On the first page, article center, hacker tool, hacker School, hacker Technology Forum, guest security training, free channel, Alibaba Cloud, latest updates to rising's online anti-virus service
Baidu simplified traditional Chinese
Set as Homepage
Add to favorites
Release tutorial
Intrusion detection | IM Security | remote control | cracking encryption | comprehensive tutorial | Security Software | common tools | member zone | video tutorial | one-day tutorial
Information Center | vulnerability announcement | intrusion detection | Network skills | Security Protection | operating system | free resource software download news
Your current location:-hacker animation-> Article center-> Intrusion Detection-> programming code-> Article content exit Login User Management
CATEGORY navigation
· Recommended articles
· Popular articles
· Latest article
Popular articles
· How To seal others' QQ
· Free QB
· QQ coins-wide...
· Remotely cracked your Q in 400 seconds...
· [Image and text] QQ creates 400 groups for free
· [Group chart] Give you a picture that never shuts down...
· Add QQ VIP
· [Note] tips for QQ pet egg
· Again have the opportunity to get free...
· Remove yourself from the other party in QQ...
Related Articles
· Html --- 7 types...
· SQL query result set...
· Union select...
· Breaking through SA...
· How does jsp prevent s...
· Wuhan IT training machine...
· Gene6 FTP Se...
· PhpMyAdmin t...
-
Html --- 7 encryption methods
Author: Anonymous Source: Reproduced Release Date: 23:51:00 Author: noangel
Decrease font to increase font color default gray olive green blue brown red
[Add to ViVi] [add to YouNote] [add this page to 365Key] [add this page to bbmao]
This document describes seven methods:
I. Simplest encryption and decryption
Ii. Amazing use of the Escape Character ""
3. Use the Script Encoder produced by Microsoft for encoding (simple decoding)
4. Add any NUL null characters (hexadecimal 00 H) (self-created)
5. Useless content and line feed space TAB Method
Vi. Self-write decryption Function Method
7. Misuse (self-developed)
During webpage creation (in fact, webpage Trojans), the most annoying thing is that the JAVASCRIPT code running on IE, a client that has worked hard, is often easily copied by others, it's a bit difficult for you to know that you're tired of writing something ...... ^ * ^
However, we should also be aware that because JAVASCRIPT code is interpreted and executed in IE, it is impossible to keep it confidential. What we need to do is to increase the difficulty of copying by the publisher as much as possible, let him know how to leave (hopefully ~! ~), Next, I will discuss the encryption and decryption technology of JAVASCRIPT code on the webpage based on my practice over the past few years and my personal research experience.
The following JAVASCRIPT code is encrypted as an example:
The following is a code snippet:
<Script language = "JavaScript">
Alert ("hacker line ");
</SCRIPT>
I. Simplest encryption and decryption
You must have a good understanding of the JAVASCRIPT Functions escape () and unescape () (many web pages use them for encryption), namely encoding and decoding strings. For example, the example code uses escape () the function is encrypted in the following format:
The following is a code snippet:
Alert % 28% 22% u9ED1 % u5BA2 % u9632 % u7EBF % 22% 29% 3B
How? Do you still understand? Of course, the ASCII character "alert" is not encrypted. If you want to, you can write JAVASCRIPT code to re-encrypt it as follows:
The following is a code snippet:
% 61% 6C % 65% 72% 74% 28% u9ED1 % u5BA2 % u9632 % u7EBF % 22% 3B
Haha! How? This time it is completely encrypted!
Of course, the encrypted code cannot be run directly. Fortunately, eval (codeString) is available. This function is used to check and execute JavaScript code, the required codeString parameter is a string value that contains valid JavaScript code, and the preceding decoding unescape () is added. The encrypted result is as follows:
The following is a code snippet:
<Script language = "JavaScript">
Var code = unescape ("% 61% 6C % 65% 72% 74% 28% 22% u9ED1 % u5BA2 % u9632 % u7EBF % 22% 3B ");
Eval (code)
</SCRIPT>
Is it easy? Don't be happy. decryption is as simple as it is. The decryption code is put to others (unescape ())! Haha
Ii. Amazing use of the Escape Character ""
You may not be familiar with the Escape Character "", but some special characters such as n (line feed), r (carriage return), and (single quotation marks) are provided for JavaScript) should I know something about it? In fact, "" can be followed by octal or hexadecimal numbers. For example, the character "a" can be expressed: "141" or "x61" (note the lowercase character "x "), for double-byte characters such as the Chinese character "", it can only be expressed as "u9ED1" in hexadecimal notation (note that it is a lowercase character "u "), the character "u" indicates a dubyte character. According to this example, the code can be expressed:
The octal escape string is as follows:
The following is a code snippet:
<Script language = "JavaScript">
Eval ("1411541451621610942u9ed1u5ba2u9632u7ebf424173 ")
</SCRIPT>
The hexadecimal escape string is as follows:
The following is a code snippet:
<Script language = "JavaScript">
Eval ("x61x6Cx65x72x74x28x22u9ED1u5BA2u9632u7EBFx22x29x3B ")
</SCRIPT>
There is no decoding function this time, because JavaScript will convert itself during execution. The decoding is also very simple as follows:
The following is a code snippet:
<Script language = "JavaScript">
Alert ("x61x6Cx65x72x74x28x22u9ED1u5BA2u9632u7EBFx22x29x3B ")
</SCRIPT>
The displayed dialog box shows the decrypted result!
Iii. coding using the Script Encoder produced by Microsoft
The use of the tool is not described much! I used JavaScript to call the Scripting. Encoder code of the control! The Code is as follows:
The following is a code snippet:
<Script language = "JavaScript">
Var Senc = new ActiveXObject ("Scripting. Encoder ");
Var code = <script language = "JavaScript"> rnalert (""); rn </SCRIPT>;
Var Encode = Senc. EncodeScriptFile (". htm", code, 0 ,"");
Alert (Encode );
</SCRIPT>
The encoded result is as follows:
The following is a code snippet:
<Script language = "JScript. Encode"> #@~ ^ FgAAAA ==##@ & lsdd' J r # p #@ & FgMAAA == #~ @ </SCRIPT>
Ugly enough, right? However, the corresponding decryption tools have already been released, and even the decrypted webpages are available! I will not talk about it because it decrypts too much Web Page code! The original decryption code is as follows:
The following is a code snippet:
<Script language = "JScript. Encode">
Function decode ()
Alert (decode. toString ());
</SCRIPT>
What? Is it simple enough? The principle is that IE will first decode the encoded code before it runs. If we put the encrypted code into a user-defined function such as decode, call the toString () method for the decode of the custom function to obtain the decoded code!
If you think that the LANGUAGE attribute of the Code obtained through this encoding is JScript. Encode, which is easy to recognize, there is also an almost unknown method of window object execScript (). Its prototype is:
Window.exe cScript (sExpression, sLanguage)
Parameters:
SExpression: required. String ). Code to be executed.
SLanguage: required. String ). Specifies the language of the code to be executed. The default value is Microsoft JScript.
In use, the previous "window" can be omitted without writing!
Using this code, we can run the encoded JavaScript code as follows:
The following is a code snippet:
<Script language = "JavaScript">
ExecScript ("#@~ ^ FgAAAA ==##@ & lsdd' J r # p #@ & FgMAAA == #~ @ "," JScript. Encode ")
</SCRIPT>
You can use method 2 to Encode the strings in "" so that "JScript. Encode" and encoding signature code "#@~ ^ "No, the effect will be better!
4. Add any NUL null characters (hexadecimal 00 H)
In an accidental experiment, I found that when I add any number of "null characters" to any location on the HTML webpage, IE will normally display the content and execute the JavaScript code normally, when we use a General Editor to view the added "null character", it will display a space or Black Block, making the original code hard to understand, if you use NotePad to view the information, the "null character" will become "space". The encrypted result is as follows: (the "space" displayed indicates "null character ")
The following is a code snippet:
<S c ri p t l ang u a g e = "J a v a S c r I p t">
A l er t (" ");
</SC r I P T>
How? Is it messy? If you do not know the method, it is difficult to remove the "null character" (00 H!
5. Useless content and line feed space TAB Method
In JAVASCRIPT code, we can add a large number of useless strings or numbers, as well as useless code and comments, so that the real useful code is not buried in it, add a large number of line breaks, spaces, and tabs in the useful code, and use "" to wrap a normal string, this will make the code hard to understand! The encrypted form is as follows:
The following is a code snippet:
<Script language = "JavaScript">
"Xajgxsadffgds"; 1234567890
625623216; var $ = 0; alert // @ $ % & * () (& (^ % ^
// Cctv function //
(// Hhsaasajx xc
/*
Asjgdsgu */
"Hacker line" // ashjgfgf
/*
@ # % $ ^ & % $ 96667r45fggbhytjty
*/
// Window
)
; "# @ $ # % @ # 432hu"; 2123514