频道栏目
首页 > 安全 > 网络安全 > 正文

关于网页脚本解密

2004-11-19 08:11:51           
收藏   我要投稿

一网友给我一加密网页“太乙奇門六壬排盤程式”,其中脚本采用微软工具进行了加[VBScript.Encode],说是用解密软件不能解密,我看后发现页面编码是UTF-8,改为ANSI后,使用scrdec顺利解密,看来编码问题有的时候满有用的,对于解密失败的朋友可以尝试看下编码格式,因为现在的解码工具好像是针对ANSI编码的!

附scrdec1.3源代码[c代码]:

/**********************************************************************/
/* scrdec.c - Decoder for Microsoft Script Encoder                    */
/* Version 1.3                                                        */
/*                                                                    */
/* COPYRIGHT:                                                         */
/* (c)2000/2001 MrBrownstone, mrbrownstone@virtualconspiracy.com      */
/* Some changes by Joe Steele to correct minor stuff                  */
/*                                                                    */
/* DISCLAIMER:                                                        */
/* This program is for demonstrative and educational purposes only.   */
/* Use of this program is at your own risk. The author cannot be held */
/* responsible if any laws are broken by use of this program.         */
/*                                                                    */
/* If you use or distribute this code, this message should be held    */
/* intact. Also, any program based upon this code should display the  */
/* copyright message and the disclaimer.                              */
/**********************************************************************/

#include
#include
#include

#define LEN_OUTBUF 64
#define LEN_INBUF 1024

#define STATE_INIT_COPY  100
#define STATE_COPY_INPUT 101
#define STATE_SKIP_ML  102
#define STATE_CHECKSUM  103
#define STATE_READLEN  104
#define STATE_DECODE  105
#define STATE_UNESCAPE  106
#define STATE_FLUSHING  107
#define STATE_DBCS   108
#define STATE_INIT_READLEN 109

unsigned char rawData[292] = {
        0x64,0x37,0x69, 0x50,0x7E,0x2C, 0x22,0x5A,0x65, 0x4A,0x45,0x72,
        0x61,0x3A,0x5B, 0x5E,0x79,0x66, 0x5D,0x59,0x75, 0x5B,0x27,0x4C,
        0x42,0x76,0x45, 0x60,0x63,0x76, 0x23,0x62,0x2A, 0x65,0x4D,0x43,
        0x5F,0x51,0x33, 0x7E,0x53,0x42, 0x4F,0x52,0x20, 0x52,0x20,0x63,
        0x7A,0x26,0x4A, 0x21,0x54,0x5A, 0x46,0x71,0x38, 0x20,0x2B,0x79,
        0x26,0x66,0x32, 0x63,0x2A,0x57, 0x2A,0x58,0x6C, 0x76,0x7F,0x2B,
        0x47,0x7B,0x46, 0x25,0x30,0x52, 0x2C,0x31,0x4F, 0x29,0x6C,0x3D,
        0x69,0x49,0x70, 0x3F,0x3F,0x3F, 0x27,0x78,0x7B, 0x3F,0x3F,0x3F,
        0x67,0x5F,0x51, 0x3F,0x3F,0x3F, 0x62,0x29,0x7A, 0x41,0x24,0x7E,
        0x5A,0x2F,0x3B, 0x66,0x39,0x47, 0x32,0x33,0x41, 0x73,0x6F,0x77,
        0x4D,0x21,0x56, 0x43,0x75,0x5F, 0x71,0x28,0x26, 0x39,0x42,0x78,
        0x7C,0x46,0x6E, 0x53,0x4A,0x64, 0x48,0x5C,0x74, 0x31,0x48,0x67,
        0x72,0x36,0x7D, 0x6E,0x4B,0x68, 0x70,0x7D,0x35, 0x49,0x5D,0x22,
        0x3F,0x6A,0x55, 0x4B,0x50,0x3A, 0x6A,0x69,0x60, 0x2E,0x23,0x6A,
        0x7F,0x09,0x71, 0x28,0x70,0x6F, 0x35,0x65,0x49, 0x7D,0x74,0x5C,
        0x24,0x2C,0x5D, 0x2D,0x77,0x27, 0x54,0x44,0x59, 0x37,0x3F,0x25,
        0x7B,0x6D,0x7C, 0x3D,0x7C,0x23, 0x6C,0x43,0x6D, 0x34,0x38,0x28,
        0x6D,0x5E,0x31, 0x4E,0x5B,0x39, 0x2B,0x6E,0x7F, 0x30,0x57,0x36,
        0x6F,0x4C,0x54, 0x74,0x34,0x34, 0x6B,0x72,0x62, 0x4C,0x25,0x4E,
        0x33,0x56,0x30, 0x56,0x73,0x5E, 0x3A,0x68,0x73, 0x78,0x55,0x09,
        0x57,0x47,0x4B, 0x77,0x32,0x61, 0x3B,0x35,0x24, 0x44,0x2E,0x4D,
        0x2F,0x64,0x6B, 0x59,0x4F,0x44, 0x45,0x3B,0x21, 0x5C,0x2D,0x37,
        0x68,0x41,0x53, 0x36,0x61,0x58, 0x58,0x7A,0x48, 0x79,0x22,0x2E,
        0x09,0x60,0x50, 0x75,0x6B,0x2D, 0x38,0x4E,0x29, 0x55,0x3D,0x3F,
        0x51,0x67,0x2f
} ;

const unsigned char pick_encoding[64] = {
1, 2, 0, 1, 2, 0, 2, 0, 0, 2, 0, 2, 1, 0, 2, 0,
1, 0, 2, 0, 1, 1, 2, 0, 0, 2, 1, 0, 2, 0, 0, 2,
1, 1, 0, 2, 0, 2, 0, 1, 0, 1, 1, 2, 0, 1, 0, 2,
1, 0, 2, 0, 1, 1, 2, 0, 0, 1, 1, 2, 0, 1, 0, 2
};

unsigned char transformed[3][128];
int digits[0x7b];

unsigned char unescape (unsigned char c)
{
 static unsigned char escapes[] = "#&!*$";
 static unsigned char escaped[] = " <>@";
 int i=0;

 if (c > 127)
  return c;
 while (escapes[i])
 {
  if (escapes[i] == c)
   return escaped[i];
  i++;
  }
 return ?;
}

void maketrans (void)
{
 int i, j;

 for (i=31; i<=127; i++)
  for (j=0

相关TAG标签 脚本 网页
上一篇:交换机及路由器如何更加安全
下一篇:木马客户端与服务端隐蔽通讯解析
相关文章
图文推荐

关于我们 | 联系我们 | 广告服务 | 投资合作 | 版权申明 | 在线帮助 | 网站地图 | 作品发布 | Vip技术培训 | 举报中心

版权所有: 红黑联盟--致力于做实用的IT技术学习网站