The implementation method of JavaScript encryption and decryption

Source: Internet
Author: User
Tags decrypt eval lowercase

In the Web page (in fact, is the Web Trojan hehe), the most annoying is their own hard to write the client IE run the JavaScript code is often easily copied by others, really let their hearts a little taste, to know that they write something also very tired ... ^*^

But we should also be aware that because JavaScript code is interpreted in IE, to be absolutely confidential is impossible, we have to do is to maximize the difficulty of copying copy, let him quit (hopefully ~!~), the following I combined their own practice over the years, and personal research experience, Let's explore the encryption and decryption techniques for JavaScript code in Web pages.

For example, encrypt the following JavaScript code:

<script language= "JavaScript" >
Alert ("I love Together");
</SCRIPT>

One: The simplest encryption and decryption

For JavaScript functions Escape () and unescape () must be more understanding (many Web pages encrypted with them), respectively, encoding and decoding strings, such as example code with the Escape () function after encryption into the following format:

alert%28%22%u9ed1%u5ba2%u9632%u7ebf%22%29%3b

How is it? You know what you're looking for? Of course, the ASCII character "alert" is not encrypted, and if so, we can write some JavaScript code to encrypt it as follows:

%61%6c%65%72%74%28%22%u9ed1%u5ba2%u9632%u7ebf%22%29%3b

Oh! How is it? This time it's completely encrypted!

Of course, this encrypted code is not directly run, fortunately there are eval (codestring) available, the function is to check the JavaScript code and execute, the required codestring parameter is a string value containing valid JavaScript code, Plus the above decoding unescape (), the result of the encryption is as follows:

<script language= "JavaScript" >
var code=unescape ("%61%6c%65%72%74%28%22%u9ed1%u5ba2%u9632%u7ebf%22%29%3b");
Eval (code)
</SCRIPT>
Is it simple? Do not be happy, decryption is also the same simple, decryption code are put to others (Unescape ())! Oh

Second: The magical meaning of the escape character ""

You may not be familiar with the escape character "", but there are some special words for JavaScript Furu: N (newline), R (carriage), ' (single quotes), etc. should be understood? In fact, "" can also be followed by octal or hexadecimal digits, such as the character "a" can be expressed as: "141" or "x61" (note that the lowercase character "x"), as for the double-byte character Furu kanji "Black" can only be expressed in hexadecimal as "u9ed1" (note that the lowercase character "U"), where the characters "U" The representation is a double-byte character, and according to this principle example code can be expressed as:
The octal escape string is as follows:
<script language= "JavaScript" >
Eval ("1411541451621645042u9ed1u5ba2u9632u7ebf425173")
</SCRIPT>
The hexadecimal escape string is as follows:
<script language= "JavaScript" >
Eval ("x61x6cx65x72x74x28x22u9ed1u5ba2u9632u7ebfx22x29x3b")
</SCRIPT>
This time there is no decoding function, because JavaScript executes itself, and the same decoding is simple as follows:
<script language= "JavaScript" >
Alert ("x61x6cx65x72x74x28x22u9ed1u5ba2u9632u7ebfx22x29x3b")
</SCRIPT>
Will pop up a dialog box to tell you the results of the decryption!

Third: Encode using script Encoder scripts encoder from Microsoft

The use of tools is not much introduction! I am using JavaScript directly to invoke control Scripting.encoder complete encoding! The code is as follows:
<script language= "JavaScript" >
var senc=new activexobject ("Scripting.encoder");
var code= ' <script language= "JavaScript" >rnalert ("I Love Together");rn</script> ';
var encode=senc.encodescriptfile (". htm", code,0, "");
alert (Encode);
</SCRIPT>
The following results are encoded:
<script language= "Jscript.encode" &GT;#@~^FGAAAA==@#@&AMP;LSDD ' J Hacker Defense line r#p@#@&fgmaaa==^#~@</script>
Ugly enough, you know? But the corresponding decryption tool has already come out, and even the decryption page has! Because of its decryption page code too much, I don't say pull! To introduce my original decryption code, as follows:
<script language= "Jscript.encode" >
function decode ()
Alert (decode.tostring ());
</SCRIPT>
How? Easy enough, huh? It is the principle is: After the code is run before IE will decode it first, if we first put the encrypted code into a custom function such as the above Decode (), and then the custom function decode call ToString () method, will be decoded code!
If you think that code language property is Jscript.encode, it's easy to see, then there's a method of almost unknown window object execscript (), whose prototype is:
Window.execscript (Sexpression, slanguage)
Parameters:

Sexpression: Required option. String. The code to be executed.

Slanguage: Required option. String. Specifies the language of the executed code. The default value is Microsoft JScript

When used, the front of the "window" can be omitted not to write!
With it we can run the coded JavaScript code well, as follows:
<script language= "JavaScript" >
Execscript ("#@~^fgaaaa==@#@&lsdd ' J I love together r#p@#@&fgmaaa==^#~@", "Jscript.encode")
</SCRIPT>
You can use the method two pair of "" "inside the string to encode again, make" Jscript.encode "and Code signature" #@~^ "does not appear, the effect will be better!
Four: Arbitrarily add nul null characters (hex 00H)

An accidental experiment led me to find any number of "null characters" added anywhere in an HTML Web page, IE will normally display the content, and the normal execution of the JavaScript code, and added "empty characters" we use the general editor to view, will show the shape such as space or black block, Make the original code difficult to understand, such as the use of Notepad to view the "empty character" will become "space", using this principle to encrypt the result is as follows: (which shows the "space" represents "null character")
<s c RI p t L ANG U A G E = "J a V a S C R I p T" >
A l er t ("I love Together");
</SC R I P t>
How is it? Does it seem to be a mess? If people do not know the method is difficult to think of to remove the inside of the "empty character" (00H)!

Five: Useless content confusion and new line Space tab

In JavaScript code we can add a lot of useless strings or numbers, as well as useless code and annotation content, etc., so that the real useful code buried in it, and the useful code can add line, space, tab place to add a lot of line, space, tab, and can be a normal string with "" To wrap, which makes the code hard to read! As I encrypt the following form:

<script language= "JavaScript" >
"Xajgxsadffgds"; 1234567890
625623216;var $=0;alert//@$%%&* () (& ^%^
CCTV function//
(//HHSAASAJX XC
/*
asjgdsgu*/
"I love Together"//ASHJGFGF
/*
@#%$^&%$96667r45fggbhytjty
*/
Window
)
;" #@$#%@ #432hu "; 212351436
</SCRIPT>
At least if I see this code, I don't have the heart to analyze it.

VI: Self-write decryption function method

This method is similar to one or two, just write a function to decrypt the code, many VBS viruses use this method to encrypt themselves, to prevent signature scanning! The following is a simple encryption and decryption function I wrote, the following encryption code (detailed reference file "encryption. htm"):
<script language= "JavaScript" >
function compile (code)
{
var c=string.fromcharcode (code.charcodeat (0) +code.length);
for (Var i=1;i<code.length;i++)
Alert (Escape (c));
}
Compile ("I love Together")
</SCRIPT>
Run to get the encryption result:
O%cd%d1%d7%e6%9cj%u9ef3%ufa73%uf1d4%u14f1%u7ee1kd
The following code is decrypted after the corresponding encryption:
<script language= "JavaScript" >
function Uncompile (code)
{
Code=unescape (code);
var c=string.fromcharcode (code.charcodeat (0)-code.length);
for (Var i=1;i<code.length;i++)
return C;
}
Eval (uncompile ("O%CD%D1%D7%E6%9CJ%U9EF3%UFA73%UF1D4%U14F1%U7EE1KD"));
</SCRIPT>
Vii. use of the wrong

Using Try{}catch (e) {} structure to test and decrypt the code, although the idea is very good (hehe, Kua), because the practicality is not big, I just give an example
<script language= "JavaScript" >
var a= ' alert ("I love Together");
var c= "";
for (Var i=0;i<a.length;i++)
alert (c);
The above is the encryption code, of course, if the real use of this method, will not write encryption on the
Now the variable c is the encrypted code.
The following function T () First assumes that the initial password is 0 and decrypts the execution,
If you encounter an error, add the password by 1, and then decrypt it until it runs correctly.
var d=c; Save the encrypted code
var b=0; Assuming the initial password is 0
T ();
function T () catch (e) {
C= "";
for (Var i=0;i<d.length;i++)
B+=1;
T ();
SetTimeout ("t ()", 0);
}
}
</SCRIPT>

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.