Since 2003 Microsoft has provided a command line script encoder available from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e7877f67-c447-4873-b1b0-21f0626a6329&DisplayLang=en This tool encodes the script so it can't be read by a casual user but is no protection against a determined hacker.
Usage:
screnc ScriptFile
Note: You will need to install the download and also add the directory to your path to use it.
If you have a vbe script which you need to view/edit use create a new .vbs file and add the following in it:
option explicit
Dim oArgs, txtFileName
'Optional argument : the encoded filename
txtFileName=""
Set oArgs = WScript.Arguments
Select Case oArgs.Count
Case 0 'No Arg, popup a dialog box to choose the file
txtFileName=BrowseForFolder("Choose an encoded file", &H4031, &H0011)
Case 1
If Instr(oArgs(0),"?")=0 Then '-? ou /? => aide
txtFileName=oArgs(0)
End If
Case Else
WScript.Echo "Too many parameters"
End Select
Set oArgs = Nothing
If txtFileName<>"" Then
Dim fso
Set fso=WScript.CreateObject("Scripting.FileSystemObject")
If fso.FileExists(txtFileName) Then
Dim oFile,txtFileContents
Set oFile = fso.OpenTextFile(txtFileName, 1)
txtFileContents=oFile.readAll
oFile.close
Set oFile=Nothing
Const TagInit="#@~^" '#@~^awQAAA==
Const TagFin="==^#~@" '& chr(0)
Dim lStartCode, lExitCode
Do
lExitCode=0
lStartCode=Instr(txtFileContents,TagInit)
If lStartCode>0 Then
If (Instr(lStartCode,txtFileContents,"==")-lStartCode)=10 Then 'If "==" follows the tag
lExitCode=Instr(lStartCode,txtFileContents,TagFin)
If lExitCode>0 Then
txtFileContents=Left(txtFileContents,lStartCode-1) & _
Decode(Mid(txtFileContents,lStartCode+12,lExitCode-lStartCode-12-6)) & _
Mid(txtFileContents,lExitCode+6)
End If
End If
End If
Loop Until lExitCode=0
writeToFile txtFileName & ".vbs", txtFileContents
WScript.Echo txtFileContents
Else
WScript.Echo txtFileName & " not found"
End If
Set fso=Nothing
Else
WScript.Echo "Please give a filename"
WScript.Echo "Usage : " & wscript.fullname & " " & WScript.ScriptFullName & ""
End If
Sub writeToFile(txtFileName, txtFileContents)
Dim txtstr
Set txtstr = fso.CreateTextFile(txtFileName, True)
txtstr.write txtFileContents
txtstr.close
Set txtstr=Nothing
End Sub
Function Decode(txtBinChars)
Dim se,i,c,j,index,txtBinCharsTemp
Dim tDecode(127)
Const Combinaison="1231232332321323132311233213233211323231311231321323112331123132"
Set se=WSCript.CreateObject("Scripting.Encoder")
For i=9 to 127
tDecode(i)="JLA"
Next
For i=9 to 127
txtBinCharsTemp=Mid(se.EncodeScriptFile(".vbs",string(3,i),0,""),13,3)
For j=1 to 3
c=Asc(Mid(txtBinCharsTemp,j,1))
tDecode(c)=Left(tDecode(c),j-1) & chr(i) & Mid(tDecode(c),j+1)
Next
Next
'Next line we correct a bug, otherwise a ")" could be decoded to a ">"
tDecode(42)=Left(tDecode(42),1) & ")" & Right(tDecode(42),1)
Set se=Nothing
txtBinChars=Replace(Replace(txtBinChars,"@&",chr(10)),"@#",chr(13))
txtBinChars=Replace(Replace(txtBinChars,"@*",">"),"@!","<")
txtBinChars=Replace(txtBinChars,"@$","@")
index=-1
For i=1 to Len(txtBinChars)
c=asc(Mid(txtBinChars,i,1))
If c<128 Then index=index+1
If (c=9) or ((c>31) and (c<128)) Then
If (c<>60) and (c<>62) and (c<>64) Then
txtBinChars=Left(txtBinChars,i-1) & Mid(tDecode(c),Mid(Combinaison,(index mod 64)+1,1),1) & Mid(txtBinChars,i+1)
End If
End If
Next
Decode=txtBinChars
End Function
Function BrowseForFolder(ByVal pstrPrompt, ByVal pintBrowseType, ByVal pintLocation)
Dim ShellObject, pstrTempFolder, x
Set ShellObject=WScript.CreateObject("Shell.Application")
On Error Resume Next
Set pstrTempFolder=ShellObject.BrowseForFolder(&H0,pstrPrompt,pintBrowseType,pintLocation)
BrowseForFolder=pstrTempFolder.ParentFolder.ParseName(pstrTempFolder.Title).Path
If Err.Number<>0 Then BrowseForFolder=""
Set pstrTempFolder=Nothing
Set ShellObject=Nothing
End Function
Usage:
YourDecryptScriptName.vbs FileToDecrypt.vbe
The script will decode the vbe file, display it in a message box and also create/overwrite a new file called FileToDecrypt.vbe.vbs which you can edit
No comments:
Post a Comment