关于网页脚本解密
一网友给我一加密网页“太乙奇門六壬排盤程式”,其中脚本采用微软工具进行了加[VBScript.Encode],说是用解密软件不能解密,我看后发现页面编码是UTF-8,改为ANSI后,使用scrdec顺利解密,看来编码问题有的时候满有用的,对于解密失败的朋友可以尝试看下编码格式,因为现在的解码工具好像是针对ANSI编码的!
附scrdec1.3源代码[c代码]:
/**********************************************************************/
/* scrdec.c - Decoder for Microsoft Script Encoder */
/* Version 1.3 */
/* */
/* COPYRIGHT: */
/* (c)2000/2001 MrBrownstone, mrbrownstone@virtualconspiracy.com */
/* Some changes by Joe Steele to correct minor stuff */
/* */
/* DISCLAIMER: */
/* This program is for demonstrative and educational purposes only. */
/* Use of this program is at your own risk. The author cannot be held */
/* responsible if any laws are broken by use of this program. */
/* */
/* If you use or distribute this code, this message should be held */
/* intact. Also, any program based upon this code should display the */
/* copyright message and the disclaimer. */
/**********************************************************************/
#include
#include
#include
#define LEN_OUTBUF 64
#define LEN_INBUF 1024
#define STATE_INIT_COPY 100
#define STATE_COPY_INPUT 101
#define STATE_SKIP_ML 102
#define STATE_CHECKSUM 103
#define STATE_READLEN 104
#define STATE_DECODE 105
#define STATE_UNESCAPE 106
#define STATE_FLUSHING 107
#define STATE_DBCS 108
#define STATE_INIT_READLEN 109
unsigned char rawData[292] = {
0x64,0x37,0x69, 0x50,0x7E,0x2C, 0x22,0x5A,0x65, 0x4A,0x45,0x72,
0x61,0x3A,0x5B, 0x5E,0x79,0x66, 0x5D,0x59,0x75, 0x5B,0x27,0x4C,
0x42,0x76,0x45, 0x60,0x63,0x76, 0x23,0x62,0x2A, 0x65,0x4D,0x43,
0x5F,0x51,0x33, 0x7E,0x53,0x42, 0x4F,0x52,0x20, 0x52,0x20,0x63,
0x7A,0x26,0x4A, 0x21,0x54,0x5A, 0x46,0x71,0x38, 0x20,0x2B,0x79,
0x26,0x66,0x32, 0x63,0x2A,0x57, 0x2A,0x58,0x6C, 0x76,0x7F,0x2B,
0x47,0x7B,0x46, 0x25,0x30,0x52, 0x2C,0x31,0x4F, 0x29,0x6C,0x3D,
0x69,0x49,0x70, 0x3F,0x3F,0x3F, 0x27,0x78,0x7B, 0x3F,0x3F,0x3F,
0x67,0x5F,0x51, 0x3F,0x3F,0x3F, 0x62,0x29,0x7A, 0x41,0x24,0x7E,
0x5A,0x2F,0x3B, 0x66,0x39,0x47, 0x32,0x33,0x41, 0x73,0x6F,0x77,
0x4D,0x21,0x56, 0x43,0x75,0x5F, 0x71,0x28,0x26, 0x39,0x42,0x78,
0x7C,0x46,0x6E, 0x53,0x4A,0x64, 0x48,0x5C,0x74, 0x31,0x48,0x67,
0x72,0x36,0x7D, 0x6E,0x4B,0x68, 0x70,0x7D,0x35, 0x49,0x5D,0x22,
0x3F,0x6A,0x55, 0x4B,0x50,0x3A, 0x6A,0x69,0x60, 0x2E,0x23,0x6A,
0x7F,0x09,0x71, 0x28,0x70,0x6F, 0x35,0x65,0x49, 0x7D,0x74,0x5C,
0x24,0x2C,0x5D, 0x2D,0x77,0x27, 0x54,0x44,0x59, 0x37,0x3F,0x25,
0x7B,0x6D,0x7C, 0x3D,0x7C,0x23, 0x6C,0x43,0x6D, 0x34,0x38,0x28,
0x6D,0x5E,0x31, 0x4E,0x5B,0x39, 0x2B,0x6E,0x7F, 0x30,0x57,0x36,
0x6F,0x4C,0x54, 0x74,0x34,0x34, 0x6B,0x72,0x62, 0x4C,0x25,0x4E,
0x33,0x56,0x30, 0x56,0x73,0x5E, 0x3A,0x68,0x73, 0x78,0x55,0x09,
0x57,0x47,0x4B, 0x77,0x32,0x61, 0x3B,0x35,0x24, 0x44,0x2E,0x4D,
0x2F,0x64,0x6B, 0x59,0x4F,0x44, 0x45,0x3B,0x21, 0x5C,0x2D,0x37,
0x68,0x41,0x53, 0x36,0x61,0x58, 0x58,0x7A,0x48, 0x79,0x22,0x2E,
0x09,0x60,0x50, 0x75,0x6B,0x2D, 0x38,0x4E,0x29, 0x55,0x3D,0x3F,
0x51,0x67,0x2f
} ;
const unsigned char pick_encoding[64] = {
1, 2, 0, 1, 2, 0, 2, 0, 0, 2, 0, 2, 1, 0, 2, 0,
1, 0, 2, 0, 1, 1, 2, 0, 0, 2, 1, 0, 2, 0, 0, 2,
1, 1, 0, 2, 0, 2, 0, 1, 0, 1, 1, 2, 0, 1, 0, 2,
1, 0, 2, 0, 1, 1, 2, 0, 0, 1, 1, 2, 0, 1, 0, 2
};
unsigned char transformed[3][128];
int digits[0x7b];
unsigned char unescape (unsigned char c)
{
static unsigned char escapes[] = "#&!*$";
static unsigned char escaped[] = "
<>@";
int i=0;
if (c > 127)
return c;
while (escapes[i])
{
if (escapes[i] == c)
return escaped[i];
i++;
}
return ?;
}
void maketrans (void)
{
int i, j;
for (i=31; i<=127; i++)
for (j=0
- 上一篇:木马客户端与服务端隐蔽通讯解析
- 下一篇:使用反向代理技术保护 Web 服务器
- 文章
- 推荐
- 热门新闻