Windows Script Encoder Algorithm Analysis and Deciphering BY LAKE2 (http://mrhupo.126.com)
Everyone must be very familiar with the script, huh, huh, the script is simple and no need to compile, so it is very convenient. However, one disadvantage of the script is that it cannot protect the script, because anyone who gets a script can open with Notepad to see content. This is not safe, such as your intellectual property rights may not be guaranteed; the ASP file connected to the database on the web server will leak SQL username password; analysis source code finds design vulnerabilities ...
Oh, but Microsoft has developed a script encoder to make up for the shortage of scripts. The script encoder encodes the script code in the file, other content is not moving and displayed in a normal text, and the encoded program can be executed directly by the corresponding program, the execution result is the same as the uncoded program. This is not the scope of this article. Interested to download it, Microsoft also comes with Chinese instructions. Download address: http://www.microsoft.com/downloads/details.aspx? FamilyId = 6A326D9C-F47E-4C92-B42A-B3D43029E96F & DisplayLANG = zh-CN
The purpose of this paper is to analyze the encryption algorithm of the script encoder and find out the deciphering method, the content may be boring, if you are interested, continue. Let me talk about it, the decryption software of the script encoder has already been there (you can see http://www.9cbs.net/cnshare/soft/13/13303.shtm), here is the analysis - "Take people fish, It is better to teach people to fish.
Are you also interested? Oh, that's good, wait for me to get the tool. There are not many things, notepad, Script Encoder program, ASCII code table, a draft paper foot. Oh, I used pure cryptography to analyze the decipherment, so I don't need to negotiate the procedure (then I will not comply): P
Here first gives a cryptographic term - selecting a plaintext attack: an attacker can get a ciphertext corresponding to any plain text. Now there is an encryption program in our hands, you can construct any text to encrypt the ciphertext, which meets the conditions for selecting a clear text attack.
The script encoder can process the files such as ASP, HTM, VBS, JS, encrypt scripts in the file. For example, ASP, HTM, encrypt "<%" "%>" and "
