• 3354阅读
  • 0回复

解密ASP源代码 [复制链接]

上一主题 下一主题
离线cai
 

只看楼主 倒序阅读 0楼 发表于: 2005-12-12
从网上兴致冲冲地下载了ASP源代码,准备学习研究的时候.
一打开文件,天书般的代码.很让人郁闷吧 :(
在网上是找到了解密的方法,得一个文件挨一个文件地
打开,复制,粘贴,解密,再复制,再粘贴,再保存......
如果一个ASP程序有几百个文件???

解决办法来了..

decode.asp

<% @Language="JavaScript" %>
<%

/*
*--------------- decode.asp -----------------
* 功能:遍历某个目录下的所有文件,对加密过的.asp文件
*     进行解密,并写入源文件中.
* 实例:单个文件解密
* Response.Write(DncodeFile(Server.MapPath("conn.asp")));
* 实例:目录下所有文件解密.
* DncodeFolderFiles(Server.MapPath("xml"))
* author:wanghr100(灰豆宝宝.net)
* update:2004-5-17 11:31
*--------------- decode.asp -----------------
*/

function DncodeFile(sFilePath)
{
/*
*--------------- DncodeFile(sFilePath) -----------------
* DncodeFile(sFilePath)
* 功能:打开文件sFilePath,Encode解密,重写该文件.
* 参数:sFilePath,字符串,文件的路径.
* 返回:sFilePath,文件的路径.
* 实例:Response.Write(DncodeFile(Server.MapPath("conn.asp")));
* author:wanghr100(灰豆宝宝.net)
* update:2004-5-17 0:58
*--------------- DncodeFile(sFilePath) -----------------
*/
  var ForReading = 1, ForWriting =2, ForAppending =8;
  var fso = Server.CreateObject("Scripting.FileSystemObject");
  var f = fso.OpenTextFile(sFilePath,ForReading,true);
  sFileText = f.ReadAll();
  f.Close();
  sDncodeText = strdec(sFileText)
  var f = fso.OpenTextFile(sFilePath,ForWriting,true);
  f.Write(sDncodeText);
  f.Close();
  //return sDncodeText;
  return sFilePath;
}

function GetFilesPath(sFolderPath)
{
/*
*--------------- GetFilesPath(sFolderPath) -----------------
* GetFilesPath(sFolderPath)
* 功能:遍历sFolderPath目录下的所有文件.返回数组.存储文件路径.
* 参数:sFolderPath,字符串,目录绝对路径.
* 实例:Response.Write(GetFilesPath(Server.MapPath("xml")))
* update:2004-5-12 8:33
* author:wanghr100(灰豆宝宝.net)
*--------------- GetFilesPath(sFolderPath) -----------------
*/
  var sFilePath = new Array();
  var fso = Server.CreateObject("Scripting.FileSystemObject");
  var oFolder = fso.GetFolder(sFolderPath);
  var oSubFolders = oFolder.SubFolders;
  var oFiles = oFolder.Files;
  icount = oFiles.Count;

  var enmFiles = new Enumerator(oFiles);
  for(;!enmFiles.atEnd();enmFiles.moveNext())
  {
    sFilePath[sFilePath.length] = enmFiles.item().Path
  }

  var enmFolders = new Enumerator(oSubFolders);
  for(;!enmFolders.atEnd();enmFolders.moveNext())
  {
    /* Old 数组成了多维. */
    //sFilePath[sFilePath.length]=GetFilesPath(enmFolders.item().Path);
    /* Add 2004-5-17 11:09 只为一维数组 */
    sFilePath=sFilePath.concat(GetFilesPath(enmFolders.item().Path));
  }

  return sFilePath;

}

function GetFileType(sFileName)
{
/*
*--------------- GetFileType(sFileName) -----------------
* GetFileType(sFileName)
* 功能:通过后缀,取得sFileName的文件类型.
* 参数:sFileName,字符串,文件名.
* 实例:Response.Write(GetFileType("decode.asp"))
* update:2004-5-13 8:33
* author:wanghr100(灰豆宝宝.net)
*--------------- GetFileType(sFileName) -----------------
*/
  sFileName = String(sFileName);
  return sFileName.split(".")[sFileName.split(".").length-1];
}

/* Start 解密实现:李辉煌 Start*/
function screncode(s,l)
{enc=new ActiveXObject("Scripting.Encoder");
return enc.EncodeScriptFile("."+l,s,0,l+"cript");
}


  var STATE_COPY_INPUT     = 100
  var STATE_READLEN     = 101
  var STATE_DECODE     = 102
  var STATE_UNESCAPE     = 103

  var pick_encoding = new Array(
    1, 2, 0, 1, 2, 0, 2, 0, 0, 2, 0, 2, 1, 0, 2, 0,
    1, 0, 2, 0, 1, 1, 2, 0, 0, 2, 1, 0, 2, 0, 0, 2,
    1, 1, 0, 2, 0, 2, 0, 1, 0, 1, 1, 2, 0, 1, 0, 2,
    1, 0, 2, 0, 1, 1, 2, 0, 0, 1, 1, 2, 0, 1, 0, 2
  )

  var rawData = new Array(
    0x64,0x37,0x69, 0x50,0x7E,0x2C, 0x22,0x5A,0x65, 0x4A,0x45,0x72,
    0x61,0x3A,0x5B, 0x5E,0x79,0x66, 0x5D,0x59,0x75, 0x5B,0x27,0x4C,
    0x42,0x76,0x45, 0x60,0x63,0x76, 0x23,0x62,0x2A, 0x65,0x4D,0x43,
    0x5F,0x51,0x33, 0x7E,0x53,0x42, 0x4F,0x52,0x20, 0x52,0x20,0x63,
    0x7A,0x26,0x4A, 0x21,0x54,0x5A, 0x46,0x71,0x38, 0x20,0x2B,0x79,
    0x26,0x66,0x32, 0x63,0x2A,0x57, 0x2A,0x58,0x6C, 0x76,0x7F,0x2B,
    0x47,0x7B,0x46, 0x25,0x30,0x52, 0x2C,0x31,0x4F, 0x29,0x6C,0x3D,
    0x69,0x49,0x70, 0x3F,0x3F,0x3F, 0x27,0x78,0x7B, 0x3F,0x3F,0x3F,
    0x67,0x5F,0x51, 0x3F,0x3F,0x3F, 0x62,0x29,0x7A, 0x41,0x24,0x7E,
    0x5A,0x2F,0x3B, 0x66,0x39,0x47, 0x32,0x33,0x41, 0x73,0x6F,0x77,
    0x4D,0x21,0x56, 0x43,0x75,0x5F, 0x71,0x28,0x26, 0x39,0x42,0x78,
    0x7C,0x46,0x6E, 0x53,0x4A,0x64, 0x48,0x5C,0x74, 0x31,0x48,0x67,
    0x72,0x36,0x7D, 0x6E,0x4B,0x68, 0x70,0x7D,0x35, 0x49,0x5D,0x22,
    0x3F,0x6A,0x55, 0x4B,0x50,0x3A, 0x6A,0x69,0x60, 0x2E,0x23,0x6A,
    0x7F,0x09,0x71, 0x28,0x70,0x6F, 0x35,0x65,0x49, 0x7D,0x74,0x5C,
    0x24,0x2C,0x5D, 0x2D,0x77,0x27, 0x54,0x44,0x59, 0x37,0x3F,0x25,
    0x7B,0x6D,0x7C, 0x3D,0x7C,0x23, 0x6C,0x43,0x6D, 0x34,0x38,0x28,
    0x6D,0x5E,0x31, 0x4E,0x5B,0x39, 0x2B,0x6E,0x7F, 0x30,0x57,0x36,
    0x6F,0x4C,0x54, 0x74,0x34,0x34, 0x6B,0x72,0x62, 0x4C,0x25,0x4E,
    0x33,0x56,0x30, 0x56,0x73,0x5E, 0x3A,0x68,0x73, 0x78,0x55,0x09,
    0x57,0x47,0x4B, 0x77,0x32,0x61, 0x3B,0x35,0x24, 0x44,0x2E,0x4D,
    0x2F,0x64,0x6B, 0x59,0x4F,0x44, 0x45,0x3B,0x21, 0x5C,0x2D,0x37,
    0x68,0x41,0x53, 0x36,0x61,0x58, 0x58,0x7A,0x48, 0x79,0x22,0x2E,
    0x09,0x60,0x50, 0x75,0x6B,0x2D, 0x38,0x4E,0x29, 0x55,0x3D,0x3F
  )

  var transformed = new Array()
  for (var i=0; i<3; i++) transformed = new Array()
  for (var i=31; i<=126; i++) for (var j=0; j<3; j++) transformed[j][rawData[(i-31) * 3 + j]] = (i==31) ? 9 : i
 
  var digits = new Array()
  for (var i=0; i<26; i++)
  {
    digits["A".charCodeAt(0)+i] = i
    digits["a".charCodeAt(0)+i] = i+26
  }
  for (var i=0; i<10; i++)   digits["0".charCodeAt(0)+i] = i+52
  digits[0x2b] = 62
  digits[0x2f] = 63

  function unescape(char)
  {
    var escapes = "#&!*$"
    var escaped = "\r\n<>@"

    if (char.charCodeAt(0) > 126)   return char
    if (escapes.indexOf(char) != -1)   return escaped.substr(escapes.indexOf(char), 1)
    return "?"
  }
 
  function decodeBase64(string)
  {
    var val = 0
    val += (digits[string.substr(0,1).charCodeAt(0)] << 2)
    val += (digits[string.substr(1,1).charCodeAt(0)] >> 4)
    val += (digits[string.substr(1,1).charCodeAt(0)] & 0xf) << 12
    val += ((digits[string.substr(2,1).charCodeAt(0)] >> 2) << 8)
    val += ((digits[string.substr(2,1).charCodeAt(0)] & 0x3) << 22)
    val += (digits[string.substr(3,1).charCodeAt(0)] << 16)
    return val
  }

  function strdec(encodingString)
  {
   
    var marker = "#@~^"
    var stringIndex = 0
    var scriptIndex = -1
    var unEncodingIndex = 0
    var char = null
    var encodingLength = unEncodinglength = 0
    var state = STATE_COPY_INPUT
    var unEncodingString = ""
    var re, arr
   
    while(state)
    {
        switch (state)
        {
          case (STATE_COPY_INPUT) :
            scriptIndex = encodingString.indexOf(marker, stringIndex)
            if (scriptIndex != -1)
            {
                unEncodingString += encodingString.substring(stringIndex, scriptIndex)
                scriptIndex += marker.length
                state = STATE_READLEN
            }
            else
            {
                stringIndex = stringIndex==0 ? 0 : stringIndex
                unEncodingString += encodingString.substr(stringIndex, encodingString.length)
                state = 0
            }
            break
         
          case (STATE_READLEN)   :
            encodingLength = encodingString.substr(scriptIndex, 6)
            unEncodinglength = decodeBase64(encodingLength)
            scriptIndex += (6 + "==".length)
            state = STATE_DECODE
            break
           
          case (STATE_DECODE) :
            if (!unEncodinglength)
            {
                stringIndex = scriptIndex + "DQgAAA==^#~@".length
                unEncodingIndex = 0
                state = STATE_COPY_INPUT
                break
            }
            char = encodingString.substr(scriptIndex, 1)
            if (char == "@")   state = STATE_UNESCAPE
            else
            {
                if (char.charCodeAt(0) < 0xFF)
                {
                  unEncodingString += String.fromCharCode(transformed[pick_encoding[unEncodingIndex%64]][char.charCodeAt(0)])
                  unEncodingIndex++
                }
                else
                {
                  unEncodingString += char
                }              
                scriptIndex++
                unEncodinglength--
                break
            }
           
          case STATE_UNESCAPE:
            unEncodingString += unescape(encodingString.substr(++scriptIndex, 1))
            scriptIndex++; unEncodinglength -=2
            unEncodingIndex++
            state = STATE_DECODE
            break
        }
    }
   
    re = new RegExp("(JScript|VBscript).encode", "gmi")
    while(arr = re.exec(unEncodingString)) unEncodingString = RegExp.leftContext + RegExp.$1 + RegExp.rightContext
    return unEncodingString
  }

/* End 解密实现:李辉煌 End*/


function DncodeFolderFiles(sFolderPath)
{
/*
*--------------- DncodeFolderFiles(sFolderPath) -----------------
* DncodeFolderFiles(sFolderPath)
* 功能:遍历sFolderPath目录下的所有文件,对加密过的.asp文件
*     进行解密,并写入源文件中.
* 实例:DncodeFolderFiles(Server.MapPath("xml"));
* author:wanghr100(灰豆宝宝.net)
* update:2004-5-17 8:07
*--------------- DncodeFolderFiles(sFolderPath) -----------------
*/
  var arrFiles = GetFilesPath(sFolderPath)
  for(var i=0;i<arrFiles.length;i++)
  {
    if(GetFileType(arrFiles)=="asp")
    {
        Response.Write(DncodeFile(arrFiles))
        Response.Write("OK.<br>")
    }
  }
}

//取得xml目录下的所有文件.解密.
DncodeFolderFiles(Server.MapPath("xml"))
//取得t.asp.解密.
Response.Write(DncodeFile(Server.MapPath("t.asp")))
%>
grant all privileges on *.* to 'a'@'localhost' identified by 'a' with grant option;flush privileges;
快速回复
限100 字节
 
上一个 下一个