Obfuscation of client-side scripts for WWW
Below is a sample input file before obfuscation and encoding.
'~~Author~~. Mythran
'~~Email_Address~~. kip_potter@hotmail.com
'~~Script_Type~~. vbscript
'~~Sub_Type~~. Html
'~~Keywords~~. date picker, calendar, calender, calinder, vbscript, script, no javascript
'~~Comment~~.
'A calendar which allows you to select a date, then dynamically insert the date you selected into a text box on another page.
'~~Script~~.
'Put the following into a file called date-picker.asp in the same
'directory you are going to have the asp files, or another directory
'where ALL asp files on your site will use it.
Option Explicit
function OBJNAME(n): n = n & "":OBJNAME=n:end function:
Dim CalendarWindow ' Window created by Window.Open
Dim HelpWindow ' Help Window created by Window.Open
Dim FormElement ' Text box which the date will be stored in
Dim CurMonth ' Current month
Dim CurYear ' Current year
Dim FirstWDay ' First day of week for month's first day
Dim CurWeekDay ' Current Week Day
Dim DOMonth ' Day Of Month (NonLeap Year)
Dim LDOMonth ' Day Of Month (Leap Year)
Dim Months ' Month Names
DOMonth = Array(0,31,28,31,30,31,30,31,31,30,31,30,31)
LDOMonth = Array(0,31,29,31,30,31,30,31,31,30,31,30,31)
Months = Array("","January","February","March","April","May","June","July","August","September","October","November","December")
Private Sub StartCalendar(Element)
Set FormElement = Element
CurMonth = DatePart("m", Date)
CurYear = DatePart("yyyy", Date)
CurWeekDay = DatePart("w", Date)
FirstWDay = Calc_First_Day_Of_Month()
' Open a new blank window WHOLE PROCESS
OpenNewWindow
End Sub
'''''''''''''''''''''''''''
'''''''''''''''''''''''''''
'' Window Functions ''
'''''''''''''''''''''''''''
'''''''''''''''''''''''''''
'' Open a new blank window
Public Sub OpenNewWindow()
Set CalendarWindow = Window.Open("","Calendar","width=275,height=205,status=no,resizable=no,top=200,left=200")
WriteHead
End Sub
'''''''''''''''''''''''''''''''''''''
'' Re-Open window for next year/month
Public Sub NextWindow()
CalendarWindow.Document.Write ""
CalendarWindow.Document.Close
OpenNewWindow()
End Sub
Private Sub WriteHead
WPrint "<html><head><title>Merced County Calendar</title>" & vbCrlf
WPrint "<style>"
WPrint "TD {"
WPrint " background-color: #888888;"
WPrint " font: 8pt Verdana;"
WPrint " color: #FFFFFF;"
WPrint " text-decoration: None;"
WPrint "}"
WPrint "BODY {"
WPrint " background-color: Black;"
WPrint " color: #AAAAAA;"
WPrint " font: 8pt Verdana;"
WPrint "}"
WPrint "A {"
WPrint " color: #FFFFFF;"
WPrint " font: 8pt Verdana;"
WPrint " cursor: hand;"
WPrint " text-decoration: None;"
WPrint "}"
WPrint "TD.Titles {"
WPrint " font: 10pt Verdana;"
WPrint " text-align: center;"
WPrint " color: #000000;"
WPrint " background-color: #e0e0e0;"
WPrint " font-weight: Bold;"
WPrint "}"
WPrint "</style>"
WriteBody
End Sub
Public Sub WriteBody()
WPrint "<body>"
WPrint "<div align=""center"" style=""font: 10pt Verdana;"">"
WPrint "<a onClick=""window.opener." & OBJNAME("PrevYear") & "()""><<</a> "
WPrint "<a onClick=""window.opener." & OBJNAME("PrevMonth") & "()""><</a> "
WPrint "<b>" & Months(CurMonth) & ", " & CurYear & "</b> "
WPrint "<a onClick=""window.opener." & OBJNAME("NextMonth") & "()"">></a> "
WPrint "<a onClick=""window.opener." & OBJNAME("NextYear") & "()"">>></a>"
WPrint "</div>"
WPrint "<table width=""100%"" align=""center"" bgcolor=""White"">"
WPrint "<tr>"
WPrint "<td width=""14%"" class=""Titles"">Sun</td>"
WPrint "<td width=""14%"" class=""Titles"">Mon</td>"
WPrint "<td width=""14%"" class=""Titles"">Tue</td>"
WPrint "<td width=""14%"" class=""Titles"">Wed</td>"
WPrint "<td width=""14%"" class=""Titles"">Thu</td>"
WPrint "<td width=""14%"" class=""Titles"">Fri</td>"
WPrint "<td width=""14%"" class=""Titles"">Sat</td>"
WPrint "</tr>"
PrintDaysOfTheMonth
WPrint "</table>"
WPrint "<br><br><br><br><div align=""center""><a onClick=""window.opener." & OBJNAME("ShowHelp") & "()"">Help</a></div>"
WPrint "</body></html>"
End Sub
Private Sub PrintDaysOfTheMonth()
Dim intCtr, theWeekDay
If (Calc_Month_Length(CurMonth, CurYear) <= 0) Then
Exit Sub
End If
For theWeekDay = 1 to Calc_First_Day_Of_Month()-1
WPrint "<td width=""14%""> </td>"
Next
For intCtr = 1 To (Calc_Month_Length(CurMonth, CurYear))
If ((theWeekDay = 7) OR (theWeekDay = 1)) Then
WPrint "<td width=""14%"" style=""color: #AAAAAA;""><a onclick=""vbScript:Window.opener." & OBJNAME("CloseWindow") & "(" & intCtr & ")"">" & intCtr & "</a></td>"
If (theWeekDay = 7) Then
WPrint "</tr><tr>"
theWeekDay = 1
Else
theWeekDay = theWeekDay + 1
End If
Else
WPrint "<td width=""14%""><a onclick=""vbScript:Window.opener." & OBJNAME("CloseWindow") & "(" & intCtr & ")"">" & intCtr & "</a></td>"
theWeekDay = theWeekDay + 1
End If
Next
WPrint "</tr>"
End Sub
Public Sub WPrint(strText)
CalendarWindow.Document.Write strText & vbCrlf
End Sub
Public Sub CloseWindow(DayOfMonth)
Window.FormElement.Value = CStr(CurMonth & "/" & DayOfMonth & "/" & CurYear)
CalendarWindow.Close
End Sub
'''''''''''''''''''''''''''
'''''''''''''''''''''''''''
'' Calculation Functions ''
'''''''''''''''''''''''''''
'''''''''''''''''''''''''''
'' Calculate what weekday the first day of the month resides
'' on.
Public Function Calc_First_Day_Of_Month()
Calc_First_Day_Of_Month = DatePart("w", CDate(CurMonth & "/1/" & CurYear))
End Function
'' Calculate how long this month is in days, 28, 29, 30, or 31.
Public Function Calc_Month_Length(MonthNum, theYear)
If ((theYear MOD 4) = 0) Then
If (((theYear MOD 100) = 0) AND ((theYear MOD 400) <> 0)) Then
Calc_Month_Length = DOMonth(MonthNum)
Else
Calc_Month_Length = LDOMonth(MonthNum)
End If
Else
Calc_Month_Length = DOMonth(MonthNum)
End If
End Function
'''''''''''''''''''''''
'' Set up previous year
Public Sub PrevYear()
CurYear = CurYear - 1
'CurMonth is same as before
'CurWeekDay is same as before
FirstWDay = Calc_First_Day_Of_Month()
Call NextWindow
End Sub
''''''''''''''''''''''''
'' Set up previous month
Public Sub PrevMonth()
If (CurMonth = 1) Then
CurYear = CurYear - 1
CurMonth = 12
Else
CurMonth = CurMonth - 1
End If
FirstWDay = Calc_First_Day_Of_Month()
Call NextWindow
End Sub
'''''''''''''''''''
'' Set up next Year
Public Sub NextYear()
CurYear = CurYear + 1
FirstWDay = Calc_First_Day_Of_Month()
Call NextWindow()
End Sub
''''''''''''''''''''
'' Set up next month
Public Sub NextMonth()
If (CurMonth = 12) Then
CurYear = CurYear + 1
CurMonth = 1
Else
CurMonth = CurMonth + 1
End If
FirstWDay = Calc_First_Day_Of_Month()
Call NextWindow
End Sub
''''''''''''''
'' Help Window
Public Sub ShowHelp()
Set HelpWindow = Window.Open("","Help","width=275,height=250,status=no,resizable=no,top=200,left=485")
With HelpWindow.Document
.Write "<html><head><title>Calendar Help</title></head>" & vbCrlf
.Write "<style>" & vbCrlf
.Write "BODY {" & vbCrlf
.Write " font: 8pt Verdana;" & vbCrlf
.Write " color: #e0e0e0;" & vbCrlf
.Write " background-color: #000000;" & vbCrlf
.Write "}" & vbCrlf
.Write "</style>" & vbCrlf
.Write "<body>" & vbCrlf
.Write "<div align=""center"" style=""font: 14pt Verdana;"">Calendar Help</div><hr>" & vbCrlf
.Write "To find a specific date, click on the use the navigation symbols located on either side" & vbCrlf
.Write "of the Month and Year. They look like either of these: <<, <, >, or >>.<br>" & vbCrlf
.Write "<< - Previous Year<br>< - Previous Month<br>> - Next Month<br>>> - Next Year<br>" & vbCrlf
.Write "<br>"
.Write "To select a month and place it into the date text box, just click on the date."
.Write "<br><br><div align=""center""><input type=""button"" value=""Close Help"" onClick=""window.close()""></div>"
.Write "</body></html>" & vbCrlf
End With
End Sub
'Now in the header section of the asp file you are going to use please the following script tags:
'<script language="vbscript" src="date-picker.asp"></script>
'Name a form:
'<form name="frmSomething" method="POST" action="test.asp">
'Name a textbox (or other element):
'<input type="text" name="txtDate">
'Now, add an image near the textbox, such as immediately after.
'<img src="show_calendar.gif" onclick="VBScript:StartCalendar(frmSomething.txtDate)">
'That should be it. I do ask that if you use this script, please make sure my name and stuff is kept in the date-picker file you are using.
'Thank You,
'Mythran (Kip C. Potter)
Below is that file with just obfuscation applied (though by default VBS-Obfus applies encoding too). No encoding was applied to the result of obfuscation, so it still looks like difficult-to-understand VBScript code.
option explicit: :function OBJNAME(z14851c4b0f):z14851c4b0f=z14851c4b0f&"":OBJNAME=z14851c4b0f: _
end function:Dim z46d942ada2:Dim z702cea96f0:Dim za46aa47f3e:Dim zf326326684:Dim _
z27005b7a98:Dim z480be6922c:Dim z99483bbe5a:Dim zbac279de45:Dim zd825e25ad5:Dim _
z77592bc850:zbac279de45=Array((&he1d+5202-&H226f),(&he64+2696-&H18cd), _
(&h1d45+331-&H1e74),(&hf34+780-&H1221),(&h1316+3660-&H2144),(&h6c0+4889-&H19ba), _
(&h14c5+2208-&H1d47),(&hbf1+1946-&H136c),(&hbbd+776-&Hea6),(&h9a1+7392-&H2663), _
(&he4f+5205-&H2285),(&h1b31+83-&H1b66),(&heab+113-&Hefd)):zd825e25ad5=Array( _
(&h228a+803-&H25ad),(&h4de+7853-&H236c),(&hcb+6155-&H18b9),(&hfe2+540-&H11df), _
(&hdc5+1812-&H14bb),(&h3ce+5375-&H18ae),(&h403+5512-&H196d),(&h4fe+3546-&H12b9), _
(&h931+6457-&H224b),(&h1199+3076-&H1d7f),(&h8ca+2227-&H115e),(&h17c+1634-&H7c0), _
(&h172e+2070-&H1f25)):z77592bc850=Array("","January","February","March","April", _
"May","June","July","August","September","October","November","December"): _
Private Sub StartCalendar(zb9b4ee1e46):Set za46aa47f3e=zb9b4ee1e46:zf326326684= _
DatePart("m",Date):z27005b7a98=DatePart("yyyy",Date):z99483bbe5a=DatePart("w", _
Date):z480be6922c=z5432fa9477():ze8c4fa6420:End Sub:Public Sub ze8c4fa6420():Set _
z46d942ada2=Window.Open("","Calendar", _
"width=275,height=205,status=no,resizable=no,top=200,left=200"):zf71078d0b9:End _
Sub:Public Sub za44378e4e2():z46d942ada2.Document.Write "":z46d942ada2.Document. _
Close:ze8c4fa6420():End Sub:Private Sub zf71078d0b9:z3aa9a20d50 _
"<html><head><title>Merced County Calendar</title>"&vbCrlf:z3aa9a20d50 "<style>" _
:z3aa9a20d50 "TD {":z3aa9a20d50 " background-color: #888888;":z3aa9a20d50 _
" font: 8pt Verdana;":z3aa9a20d50 " color: #FFFFFF;":z3aa9a20d50 _
" text-decoration: None;":z3aa9a20d50 "}":z3aa9a20d50 "BODY {":z3aa9a20d50 _
" background-color: Black;":z3aa9a20d50 " color: #AAAAAA;":z3aa9a20d50 _
" font: 8pt Verdana;":z3aa9a20d50 "}":z3aa9a20d50 "A {":z3aa9a20d50 _
" color: #FFFFFF;":z3aa9a20d50 " font: 8pt Verdana;":z3aa9a20d50 _
" cursor: hand;":z3aa9a20d50 " text-decoration: None;":z3aa9a20d50 "}": _
z3aa9a20d50 "TD.Titles {":z3aa9a20d50 " font: 10pt Verdana;":z3aa9a20d50 _
" text-align: center;":z3aa9a20d50 " color: #000000;":z3aa9a20d50 _
" background-color: #e0e0e0;":z3aa9a20d50 " font-weight: Bold;":z3aa9a20d50 _
"}":z3aa9a20d50 "</style>":z3f3da32a80:End Sub:Public Sub z3f3da32a80(): _
z3aa9a20d50 "<body>":z3aa9a20d50 _
"<div align=""center"" style=""font: 10pt Verdana;"">":z3aa9a20d50 _
"<a onClick=""window.opener."&"z004751ab46"&"()""><<</a> ": _
z3aa9a20d50 "<a onClick=""window.opener."&"zeda1f8d5d2"& _
"()""><</a> ":z3aa9a20d50 "<b>"&z77592bc850(zf326326684)&", "& _
z27005b7a98&"</b> ":z3aa9a20d50 "<a onClick=""window.opener."& _
"z07249a2371"&"()"">></a> ":z3aa9a20d50 _
"<a onClick=""window.opener."&"z39dd568c55"&"()"">>></a>":z3aa9a20d50 "</div>": _
z3aa9a20d50 "<table width=""100%"" align=""center"" bgcolor=""White"">": _
z3aa9a20d50 "<tr>":z3aa9a20d50 "<td width=""14%"" class=""Titles"">Sun</td>": _
z3aa9a20d50 "<td width=""14%"" class=""Titles"">Mon</td>":z3aa9a20d50 _
"<td width=""14%"" class=""Titles"">Tue</td>":z3aa9a20d50 _
"<td width=""14%"" class=""Titles"">Wed</td>":z3aa9a20d50 _
"<td width=""14%"" class=""Titles"">Thu</td>":z3aa9a20d50 _
"<td width=""14%"" class=""Titles"">Fri</td>":z3aa9a20d50 _
"<td width=""14%"" class=""Titles"">Sat</td>":z3aa9a20d50 "</tr>":z72eb6574ae: _
z3aa9a20d50 "</table>":z3aa9a20d50 _
"<br><br><br><br><div align=""center""><a onClick=""window.opener."& _
"z3329df96de"&"()"">Help</a></div>":z3aa9a20d50 "</body></html>":End Sub:Private _
Sub z72eb6574ae():Dim zdb1b67612f,z2e94873d68:If(zacae73b69d(zf326326684, _
z27005b7a98)<=(&h669+4527-&H1818))Then:Exit Sub:End If:For z2e94873d68= _
(&hb49+5448-&H2090) to z5432fa9477()-(&h434+4638-&H1651):z3aa9a20d50 _
"<td width=""14%""> </td>":Next:For zdb1b67612f=(&h921+7093-&H24d5) To( _
zacae73b69d(zf326326684,z27005b7a98)):If((z2e94873d68=(&h1544+2766-&H200b))OR( _
z2e94873d68=(&h1703+2376-&H204a)))Then:z3aa9a20d50 _
"<td width=""14%"" style=""color: #AAAAAA;""><a onclick=""vbScript:Window.opener." _
&"zf5e813d5b0"&"("&zdb1b67612f&")"">"&zdb1b67612f&"</a></td>":If(z2e94873d68= _
(&h3f+1587-&H66b))Then:z3aa9a20d50 "</tr><tr>":z2e94873d68=(&h13e8+2808-&H1edf): _
Else:z2e94873d68=z2e94873d68+(&h148f+2411-&H1df9):End If:Else:z3aa9a20d50 _
"<td width=""14%""><a onclick=""vbScript:Window.opener."&"zf5e813d5b0"&"("& _
zdb1b67612f&")"">"&zdb1b67612f&"</a></td>":z2e94873d68=z2e94873d68+ _
(&hf84+5131-&H238e):End If:Next:z3aa9a20d50 "</tr>":End Sub:Public Sub _
z3aa9a20d50(z718d5a466b):z46d942ada2.Document.Write z718d5a466b&vbCrlf:End Sub: _
Public Sub zf5e813d5b0(z20d5612395):Window.za46aa47f3e.Value=CStr(zf326326684& _
"/"&z20d5612395&"/"&z27005b7a98):z46d942ada2.Close:End Sub:Public Function _
z5432fa9477():z5432fa9477=DatePart("w",CDate(zf326326684&"/1/"&z27005b7a98)):End _
Function:Public Function zacae73b69d(z88c3293bcc,zd8e70f6ef2):If((zd8e70f6ef2 _
MOD (&h1c9e+2123-&H24e5))=(&h1712+3361-&H2433))Then:If(((zd8e70f6ef2 MOD _
(&hf50+5362-&H23de))=(&hba2+5014-&H1f38))AND((zd8e70f6ef2 MOD _
(&h1956+3372-&H24f2))<>(&he75+5764-&H24f9)))Then:zacae73b69d=zbac279de45( _
z88c3293bcc):Else:zacae73b69d=zd825e25ad5(z88c3293bcc):End If:Else:zacae73b69d= _
zbac279de45(z88c3293bcc):End If:End Function:Public Sub z004751ab46(): _
z27005b7a98=z27005b7a98-(&h198d+3229-&H2629):z480be6922c=z5432fa9477():Call _
za44378e4e2:End Sub:Public Sub zeda1f8d5d2():If(zf326326684=(&h3c6+8862-&H2663)) _
Then:z27005b7a98=z27005b7a98-(&h8c0+1433-&He58):zf326326684=(&hd68+5431-&H2293): _
Else:zf326326684=zf326326684-(&h93b+3693-&H17a7):End If:z480be6922c=z5432fa9477( _
):Call za44378e4e2:End Sub:Public Sub z39dd568c55():z27005b7a98=z27005b7a98+ _
(&hacc+2982-&H1671):z480be6922c=z5432fa9477():Call za44378e4e2():End Sub:Public _
Sub z07249a2371():If(zf326326684=(&ha98+6282-&H2316))Then:z27005b7a98= _
z27005b7a98+(&h91a+6187-&H2144):zf326326684=(&h9ae+3567-&H179c):Else:zf326326684 _
=zf326326684+(&h1726+2123-&H1f70):End If:z480be6922c=z5432fa9477():Call _
za44378e4e2:End Sub:Public Sub z3329df96de():Set z702cea96f0=Window.Open("", _
"Help","width=275,height=250,status=no,resizable=no,top=200,left=485"):With _
z702cea96f0.Document:.Write "<html><head><title>Calendar Help</title></head>"& _
vbCrlf:.Write "<style>"&vbCrlf:.Write "BODY {"&vbCrlf:.Write _
" font: 8pt Verdana;"&vbCrlf:.Write " color: #e0e0e0;"&vbCrlf:.Write _
" background-color: #000000;"&vbCrlf:.Write "}"&vbCrlf:.Write "</style>"&vbCrlf _
:.Write "<body>"&vbCrlf:.Write _
"<div align=""center"" style=""font: 14pt Verdana;"">Calendar Help</div><hr>"& _
vbCrlf:.Write _
"To find a specific date, click on the use the navigation symbols located on either side" _
&vbCrlf:.Write _
"of the Month and Year. They look like either of these: <<, <, >, or >>.<br>"& _
vbCrlf:.Write _
"<< - Previous Year<br>< - Previous Month<br>> - Next Month<br>>> - Next Year<br>" _
&vbCrlf:.Write "<br>":.Write _
"To select a month and place it into the date text box, just click on the date." _
:.Write _
"<br><br><div align=""center""><input type=""button"" value=""Close Help"" onClick=""window.close()""></div>" _
:.Write "</body></html>"&vbCrlf:End With:End Sub:
Below is that file with obfuscation and encoding applied. As you can see, there is no resemblense of the original or just obfuscated file. (Users of standards non-compliant browsers like Opera6 or Konqueror, please see the sample here).
option explicit:dIm xAFcfo: xAFcfo = unescape("dIm xJLgnp%3a xJLgnp %3d unescape%28%22ph1ME3exjIqeZwrgmM12oMKMb3cZCYFN0Mj3ew8M1ZoIIsMhwMI0Z3sMSggZQNkJJwXwbZjMXZsZaw0ZvdWIaYIZmNJhuxPM8gvtUcsYWfVGktkxAJZwrwXJzwrJIJaweZvdqYaccf0KucaxlIcdQN6ZZ2XwbdjgrdctqgKtvZqIaIssaYqwc2bgJwB2x3I2VNv2oMeYnMJ2VwmwVNctQYastZ4ZOZ4tiZOdytRsYdAhAtt2bMbtPgbdsdaMedfJWcGcGvFGksYYWsGM2gVgExutQYWJ4xGxeIavwMLhIgKwb2EMbJlIcZQh6tZgX2XJP2HJsJqwKdfdWIqccYWsGMJwVMm2phIt6sqsteMewug0wewKgJRsIJ6NAZdgHMHdzgrtYdWMKtfJGsaYqvFW6scIGIaN02Lh4NKYn20MfwZgp3YwHhuM52F2ot6Iq0o2p2UM1ZlYsJ6hkZZMXgHtPMrtsdG2KdftWsWYcx9IctAxkdJMb2rZjgXJYJW2eJvdWYGsYeIKpKuv5sqhRYsdQh6tt2rwrJzwbdYZGw0ZfZGsGcG1VWkcYIqIqgYgXMtwR2hNs2p3fwU20cDMtwpwCwVNYJAsGeYwCgHwd2RtRIIZkh6dtgHwbZj2bJIZG20d1dWcWsscaYawZ2V2CMF3sZkIqsdeX0bKrKb0rKXdlcItkhkdtMr2rZj2btsdGgeJvJaIqIGLpGkscsGcqMM2V2oNKZ6sGZyxqNKIavggfxs2uMHgo2rZRsId636JJ2rgHZjgHtItWguZ1taYqYshDcIdQxkZdwXMXdz2bZsdqwetvJqcqssuHIa3RscJAN6ddgbwXJ52bJstagKtLtWYacWfFqksYcacWMJ2VMmgFhsZ6sqcJ02u2uMegKgK2t7YsdkxkdZgb2Ht5MXZstqgetfdqcGIscGIqwwgVMUNeZ6Yqtihqh0Yqf2gfhc2u2rMEMrZRIIJ6x6ZJgHwHJjMHdctqwKtLtqYWcqvpWQYcsGIGwZ3fhshdMphIdkcG2i2bME2uZRsItAhQdt2bwbtzwbJstq20dvZGIqYYYqcqheMf34x0s92KgfwZwFNsgHh0Mz2pgotAcWKU2p2UM1t7YsZAxAdZwrgXZzgXdsZWMKJvdaYqYcxDYcZAcGfVqQh6JdgrwHZ5MbtIdW2uJvZWYqIcfe0ucUvewjN0w8wvxtsaNRcYJQ3kdZwXgrdP2rZItqged1dWcasYsasawgwp2ENKJksaJXtqhGx0saf2wfNc2ugHMU2HJlcIdQNkZZgH2HJ5wrtYZqwet1ZasWIW1pWQcIcWsWN02LhyheY9gr2SgzwN2Ut6cqgJgL2EhKgfhcdBcsJQ3QttMXgrdzgXtYZW2KdvZGYGccYGcawdwFMCgp3ItQYqIttaJqZatGdWdaZlIct6x6dZ2rwHZzMXJsdWMeZvJasWIavFGQIYIWIq2IMrwJwRwNxcwVxfgEweI9wt2F28MVxcZQsqsd2vJq21dGw1JGJ7scZ6N6JZ2HwXdjMXdIJGgetLtGYWcssWcWwwgVMEN0ITN3gLgjwNMiNut6sGusgpMmMuJBcYZ6hAdt2Hwrdj2btsJGgKtLtGYWYG1pa6IsNnIIZAhAtZ2rgHJ5grtIJaMeZ1taYWssdSIVxZ3K3j2C21doYcd63IWLtNvMYYqsWLFqQ3AZdMX2rtPMbJYdaMuJftWcONkthtrJigKtvgrJKZ2tMMYY5JQNQtuJ2geZzJedYgbwe2HJcIU0u2FMthvw9M1gE3eco1NhIgzhK2vIahkZNJXZO2edLgXtKJMZMwIsMhg2Ied3s2SMMJkK1gEg0sGLdNL2cZkIq1paAfa3Lgswm2j2tsG1t3vgsYahAMMJfwvtytXJtMKd1gcZqI436JcdWwuJfZ2dHtYZJJzt1sjtQv3wz2Uwe2pNhsUxQMbtKdg2XwbtKJNw2ttwLIU12gHg831w1Z90ZfZN0hII4x62wZJtIdgZtZctMJ2tyZucMYGvVqAssIVccs2x6tYJGM0d1JgJHdcdtJzJ1YwIssFscY2NQtcJNJGZadvgItxMHdztys5Z6hAJudgweJzt0dc2H20wrZIsoudMm2F3tgLtA0v2UMKIWvJNfwsdA1W3vwIMm2PwZsauMhL2EwdNKwPMVwUYaYafpq6NkJvZ0ZJtYMgMXJzdeJxJ3YyYPJAxQJfJKtddcgw2XdPZudNdhdnue2XhK21LGwr3c30I4YcxxsIY8edu0gXheMvI4NQggJZtcdwJZJcJMdMd4ZeIMcIsVtXcpcIsMNQZcZNZqtGZ1gIZhwHJzJOYPsPJA0v2UweIqLpaQYWKgNfME2JNKM52VwUJA1qN1gcgSg5gdIGegh1goMZ3ugjwVwocahAMXgtgHgLZxdt2YJ2dPMKcihAJyd4MJdddsZ5JZMs2ZgdcSNAw0tigLJhtWw2tg2vggtIczZA0Pg2YyYO3AguZOwLt3tWggtgMvgwZccqIWfVWQKnuV00saYOs2wytMt2w0s7ZZd5tedJY9sgu4dHd1wutGs5Y5J9sOIw2iZ5Jr2XIRtrZKJXZGsTcguO21tj2ZcPYjfKMigfgEdkePw2Y4cisONQ20tigvJxJGMgZw2L2MdYYqeD0FeesqcqfpqQsyc22ygsJ1JjY7d3JXtJZscTYMKOdYJggeZXIzs5dnciYM2yd522deIRtvZqZyZ2IDsguydHwu2edccjsP0X0U0KIOc4xk20tOM1JhJWMgZwg12wdsIqKneVKKYWcaLVG6Yys2gygJguJuYBZeZGd2Jqs9s2u4ZbMIJsdaYPYjdStosyYg2yJvwfcBZPZatZJ1cTYw0ydIJZgXJ5sjsjYzLK2ygv2UdAhAMH2tMXwfJNtJgctgJ5wKt9hkgIMXgJtIJ3d5g0gLdKtLIycqvVqAxAJiZywtJddct5Jt2IMZ2tcPdAKLg83Z2vJAh6wHwtMrwfZxtJ2ItgZPM0Z9Nkg0JOZIJLMLZYJ1Mbw0Jfsi3Qtyt4gJZtZstjtJMY2JgJcjJAu1goM0ca0PwgdAeLg8xdw1t6N6grwdwbwfthZtwYJMZ520d9saLVqkNAgsMHMJdId3dPgugfJKdfIyNQtyJOgJJdJIZzJtgIwtgtszJAu1gU2usqezwMdAKfwoweIqe2hvMowJxuM5wpwoZQvGh1wI28M52tYqLt3vMYYGh6datqZ0ZxJvdb2H2Yt0ZwIOY5ZAcavpWk3QJcZxZWdWJ1wIZ32Hd5JydDhQZYdhdaZGtf2IJ3MHt5dOsnsycg24t5wwdOcBtJdtJidZsncMuOZrJxJcw1sjZAh6Z0JitqMIg1dgJ5JYtcgZJTxAdvJeJZtYMggrZjJeZNZNI4YPJAKJwHwC2SIGcaLFqQ3QwbJeJKZZdxtiwfteMfdcJke1MUweYafZx12sJA1q31gcgSMj2dsqftxfMYIah6Mf2e2rdbMMty2KdLg0tYY4c5tQKzMgYihQMMdZJYtwJJZYZgt2ZOJKd9sOYg24Z3JrJ3YRddthdNsTsMKitOZyw2cjYPIWLVWAL02yML2od6hQtcdNZqdaJvMsJNMHJ5tiJTx6dIJxZWdaZvgcZxgXt5tisDc4Y2g4gMJJdLcRtLtXJNcnIgK4dHtHZdZ5YzZA36wgZttItgJZtcJgtgtyJ0tTYOIMg4JHwHJ2JGclJYJed4JfYTYguOJsdeJat5I5sGLpWAZ6uvg8xtM1dAx6g2tdZsJwJdZsJwtMJidet9xA22tJdct2JtJYdMZwJiZuc9cOcw2OJbZ4tNJWsRJrtKZKJzIDcMeyJH2vdHJ4IztAuL2EgKcGuPMwt6x6ZeJ4tq2I21tgJztctYgJtTIqvVWkNktvJeZJtc2wwXt5duZNtNIiczZQetgXwCg8YaNk2rZeZKdtdNZiwfdKM1Jsdkevwog0cq1ZNv2Ydk1qhvMI2SM52tsWvZ3vMIYGNAZZZ5g0wedvtMZ4wJtLZfIiYjJkNkdIZhJqJGJL2cJhMXZPJyJ9cqvVqA3QtIdhJWJWdfwIthwXdPtOsBsOcwMOtXMuJaM1cBZYZJteZfInYwuidctMdtdwcPd6NkJKdytqwcwvJwt5ZIds2ZJ936tLdKdtJYg22rZjJKJNJ3cisjt6KdMXMSMSIq3AwXJ0duZdJxZOg1JKMvZcsOc5tQIG1FWQuvMogKIa1ZxvwYJk1WhvgsgCgzMdcafthLwsYa3AdqdxZIJ0JzwHZYtZZhtrIOIjZAu5gwcyxQwwddtsZMttdstMd2ZyJ0ZTYiswwiMMdscltetcZHJ5I9cwK4JHdbdwZXIPcjfegOML2ot6savpWQ3QdcZNdWtqJLMId3wXdzdOd9h6dsdhZatqZ1wIJN2HZPJyIBsycgwOdItgJuIRZsdWtWdfsnYMuOMHddd4cztA3kwgZddYtwtZtsd2tgtyteZTY4cgMywbJiwHYlJbZYtsdysns2eOggJvd1sjtAuLMmhdgvZkcaLpGQhAwwZZtctgtJdYdMZgJOZetnxAwMJdZstgJZZctMZMt4t0c7I4Iw2iJHtIwgwMY7dIZXdLtdY9Y20yJHwsJMthczdkevgo2eYquPgMtk36dKJOZW2c2vJMtjJYJYMZtnNkZ1tKtZJI2Mgbd5deJxdhIiszdksqfVakKt2rwm28sWxA2HZ0Z0JddxtygvZewLJItQeLMEMKYG1thf2Itk1q31wI2m2PwJYG1dx12scqNQJZdtJIZ5wK2MJPdM2ug1Y4YzZA1ZwfNKYq36JhJadYgtwLMbJjt22gdWZTLhMzgUguMFxNYEeFNqgf2UIiYIYsYWvpW6ISsIKiw12mNGsIs8YYxNgPwuNKgOZDZcZNtLsSwiMvw52x2yx0Z9dct1dasS3J30MHN0hf3JJDMogFs8hIMLNtgz3AgrwsMC21dTwEwpYSxeMVxqZ9ZYZGtGImwCwfwg30dDt0ZiJfccY5Z6vxgj3e24sGcWfpqQNQdxZGdI2JgLwHZztggMZGYoKKMFgdx1wnM1MEx0dkcUv33Iwzxug1caccd8wONKw9M8ZoJmMOgvMHwKdoZCxeM5xegSMLtEKZ2HMSgv2Eg0wXhsYqeO2L28haZ8YVNewjN0w8gfJoZCYFM4M1gHg0ZUsIc2sqvVGkNw2IeJhIgmMgJQIE1hxcgP3eM1sascJ8ht30hPMmgLdEcssw32wceZ3YwCMwdAIU133s2jxKw1cGcI0cuVK0v5IahlscI2xwgIKZNY2C2MZAYofN3swj3Kg1YWcqvVGkccIWIa22wF2EhuZQcqJixGhusWvwwfxsM0grgUMrZRcIsMxMMseJ3YgSwgZAIE13NYM5NK2fsGYIIGcqgZwpMSwVNstQYqYJwvtWw1Zq2vJatRssIg3MwseZxsw82gJAYUvxhYgzh02LYGIGvFqQcIYGIq2swrgJwlMN3s2F31gUweYDgdwpMSMVxYJ6saYZJGdWZGZqtqJatRIcI2x2MseJ3YwS2MZQIE1h3cMPh0wLIWIsNDcccghggceZhsgSw2tkIoLhNYgPxeM1cWYItSIVhthuhzwmgfJUcYY2xMMYet3sM8MwIqvpqkJkcoL3xIwPxu2LIGIYtmwYMVg0hjZEIIY23ggI0Z3sgCg2dAsEv3NIg5hKw1cGsWvFa6csZ8wuw5N2cWwbMCMzg32UtnYIYcMJwLMEh0g1xsIsYccq3txehPgC2fdDsYss2wwVME3utkIaJHdKhahKYaL2MfNcwuwrgogbZ7YIYsJUKZwH28wfwUgu2rhYcGuy2LM8NaZSIV20wjhgZodCgONYJEsss2sGLpGQhM2I0ZNcg8MMJkco13hYgjheMLcWsGLVWAYI1e2FYaM22P2UMKcWwXcG3tNWw1Md252w2zgZYqMeMHNuw1ICsqgdgC25wtg7cG2pwUsWNegOg1Yq3L3dM1sqx0M4wLcWMowbxgMz2xMrxewjwVwUsqhd3PwTwIgVgmhZYaMCwpgtMXhKgf2uYqMFMEYW2LMPNe2iwfNYcaNZM520gvcscqvVqQcghg2c0Z3IgmM2Z6YoL3hcMPNKwLcaYWLFG6ss2F22Yq3u2Ogvca0TMpgUhug4cWMr2Ewesa1zwLMHNYcEIasqLuw4M135IWMS2pgFglsa28gPMRMLIWg1g5huwO21xIcagVMMYG3ugig1xJgvdAYGdSZ8smcaJSY8sqdUY8Ya2phYcadoJUcod8McNstEsIc2YqLVaANM2YetNY2SMMJAIUfhNYM5xKwvIqYaLpakYsZCd8sGs9YWfGNc2fNggPwVxfNZcWLzMvgHNst8MINYJUtSIWYDYW1qxIM1Ng25gphv3Zcqun2Vgohu2OZCgYhcdodEYas9Yauo2v343esqu9gF2ox0M4tCwsNYJUZodEcaYTYWKEMfNiNucqf5wf2HhYJC2sNIZUIcsGvFaAs2xgMs0ZxIwmgwdAsE1NNYg5NKgLYqYctCwYNYJUIYJAYoL33YM5h0gvIqYG1pGksYvKwpYW3d2f2mwLwdNKIGgXIGw9MpwEhegiIqwXMoMKIGhGgm2rgJMfcagjN0sWg52Uh02VcW3uw4gfcqw0gbhuMvYaNe2LN4h0cWgYgVNis8sGgQxvNthuIaMdMmgjwJ2lIG2FgUYW3KwOMvsGwu2b3uw1cocsYGfFG6JAsEf33YgP3ugvYasa1FakIcdCMcNIJEZmMc3sJoJC2Kw5xwIa2rw8MzwhwEdncIYc2dM12oN021hIIcccJoJ825wohWNf30sqNKx5NWwLJTYYsI2YhvhKN02VgEcYsYIWx2wbMSxfwftnIIcYKZMC2phZgLsaKyMfwmhaIYccIagpgEKdMSMjMdwBZDIYYYxxw5gUgK2FhxcEgdwmwVhd21I4YjsYcItUtCsV20wj32ZoYIYWLFG6ZkIEv33cgzxK2fYacYZSIVwYwpMeNPtUt8sVwiheg9wmdocIY2xggc0thYwCgMJ6K1goMKsW1NMPNegyd6ufgo2usqfdhLwItkGQ%252522%252529%25253a%25253afunction ST990d62110f%252528ST7ef49b8f9c%252529%25253adim STcfcdad7cc8%252528255%252529%25252cST046f209af3%252528255%252529%25252cSTb44a9d7fbc%25253aif %252528%252526h6cc%25252b2292%25252d%252526Hfbf%252529%25253d%252528%252526h2e0%25252b892%25252d%252526H65b%252529 then%25253adim ST257f19f2de%25253aST257f19f2de%25253d%252522azAZ09%252522%25253adim STcbc0a8054c%25253aSTcbc0a8054c%25253d0%25253afor STb44a9d7fbc%25253d%252528%252526h183%25252b2735%25252d%252526Hc31%252529 to len%252528ST257f19f2de%252529step %252528%252526h183%25252b3953%25252d%252526H10f2%252529%25253adim ST6aae9aa58d%25253aST6aae9aa58d%25253dasc%252528mid%252528ST257f19f2de%25252cSTb44a9d7fbc%25252c1%252529%252529%25253adim ST4c5388d34f%25253aST4c5388d34f%25253dasc%252528mid%252528ST257f19f2de%25252cSTb44a9d7fbc%25252b1%25252c1%252529%252529%25253awhile ST6aae9aa58d%25253c%25253dST4c5388d34f%25253adim ST808bc1bf2d%25253aST808bc1bf2d%25253dSTcbc0a8054c mod 16%25253aSTcfcdad7cc8%252528ST6aae9aa58d%252529%25253dST808bc1bf2d%25252a%252528%252526h196f%25252b3266%25252d%252526H2621%252529%25253aST046f209af3%252528ST6aae9aa58d%252529%25253dST808bc1bf2d%25253aST6aae9aa58d%25253dST6aae9aa58d%25252b%252528%252526h158f%25252b3055%25252d%252526H217d%252529%25253aSTcbc0a8054c%25253dSTcbc0a8054c%25252b%252528%252526h2fc%25252b4833%25252d%252526H15dc%252529%25253awend%25253anext%25253aend if%25253adim STb74fb1bf38%25252cSTc773e12e93%25253aSTc773e12e93%25253dLen%252528ST7ef49b8f9c%252529%25252d%252528%252526h1c20%25252b1050%25252d%252526H2039%252529%25253afor STb44a9d7fbc%25253d%252528%252526h8d8%25252b1952%25252d%252526H1077%252529 to STc773e12e93 step %252528%252526h96b%25252b1665%25252d%252526Hfea%252529%25253aSTb74fb1bf38%25253dSTb74fb1bf38%252526chr%252528STcfcdad7cc8%252528asc%252528Mid%252528ST7ef49b8f9c%25252cSTb44a9d7fbc%25252c%252528%252526h29d%25252b1132%25252d%252526H708%252529%252529%252529%252529%25252bST046f209af3%252528asc%252528Mid%252528ST7ef49b8f9c%25252cSTb44a9d7fbc%25252b%252528%252526h148%25252b6879%25252d%252526H1c26%252529%25252c%252528%252526h1098%25252b1034%25252d%252526H14a1%252529%252529%252529%252529%252529%25253anext%25253aST990d62110f%25253dSTb74fb1bf38%25253aend function%25253a%25253a xyvrqJ %25253d ST990d62110f%252528xyvrqJ%252529%25253a ExEcuTeGLobAL%252528xyvrqJ%252529%25253a xyvrqJ %25253d Empty%25253a %2522%2529%253axFcxlK %253d mID%2528xFcxlK%252c1%252c940%2529%2526mID%2528xFcxlK%252c5568%252c3814%2529%2526mID%2528xFcxlK%252c941%252c4627%2529%2526mID%2528xFcxlK%252c9382%252c6534%2529%253a xFcxlK %253d ExEcUteGlObAL%2528xFcxlK%2529%253a%253a dIm xFcxlK%253a xFcxlK %253d unescape%2528%2522dIm xyvrqJ%25253a xyvrqJ %25253d unescape%252528%252522casWJAMw3L2EMZhuMPMFwEcq0p0YKkuUuHKD0vcyhQtbdet4dfdHgJtK2YJGMMYzZAh6tbdKJytvdbgtte2YtGw2JDhAJbdut4dLZb2dJ0MIZaw2cwIscId6KVucKQeE0reDK1t9h6dHdKd4JvdrMdJeMIdqg2JQcGvFqkwf2ogKsawgxfwogZ3ewjwFMoZAKKg5M9saNQZeZMMuJzJeZs2XMK2XZIdk0uMPgDYW3kdxtGtcMtwvwXJjJ2gMJatA0K252nIa3Q2XJuJMwXwrt0ZhMMtd2LJAeeMzwDYqhAM2tJdcJ2JZdIJMtgJyZet60uw52TcW1FWkYqx6JcJNdWtqtvgIthwXZ5JiJA00gjMncWNQtKtOJGMI2vdwdjtcJswJJ6K0wjwDsqxQdjdzt0tidZMsMcM1dfwXZ6euwjgDsqxQMsgHgdJstxZzMewftutfJk0ugzw9sGh620tOZIZvwvtcZvgXMuJ1dQeKwjg9sGLpaAcqNAJhtNJLZPdIwYgtJOJ1ZGZkNkMYgHgttYZ3J5MKgLZKZLJneHxYhY2bh5YysOI2wydiJKt5sRdbtHtqZOYDIMKy2Jtz2KsPcCcycM2OZHtZ2Z2KIRJgZLJ4s9cwK4JHdgdedac5sSIq1VGksicgM4tHJjd1dhIBZYdxtedNY9I20OdsJt2gdMY5cCsOY2gOJ1gvsldrJXtNtyI9sguiZuwuJ5IPc8cysg24wsZ5tsIBZbJuJ1ZJYDcw0itrZXdYdbYjISYyI22OJbtJgcJgIBteJgtHthYncw0OtItvgrtWsjcSsaLpqAIOcggiMwtLdfYBJKdstdtrI9sg0yJHg2MIg1IPs8s4YggOtbtXgvYBJ2ZvdNd3sTYwuidrgXgYdqYjISIyswM4ZrZIZPdbIBJzd6tJ22tZwuMXdZJsMXJyJWZkef2UweYW1JNLgsdkLGx1MIwmM52JIWft3f2IsGNktZMwtJM02XdZdcgXtitqsyIPJQcGfpq6x6ZtgrMHZPwrtIJG2eJfZWcWcst8McMpMKN5ZEcYJkx6ddwX2XtjgrtYJa2KJLJGsGYafpq6IYZ8wKMP3MsqgX2C2j2xMEtTsIsIwJwL2oxKg1hYYIccYa3Jx0hj2Sg1ZTsIYIw2MFwUxKZAcaZHtG3axucq1wwfhs20Mr2U2XdlcIIsZoYcJANAJJgr2rdzgrdcJa20ZftGIaYW1VqAIId8MHsWgpgU0Z28gzMtwBJTsscc3hMjgEM0MFN3IE2p3GgvwU2LhYIEsssgYsNQJGJqdKtNdfdXMr2ItKtwcccwscYOcPcYccJEZSJ8dmYFgbtEc22U2cxdNWdRsw2UgchtxGdBI2gUgsht3aJlIsdksq1pW63QtJgbwbtPMHJItqMudLZqIqIcJ82bcq2VwUeZMSgz2JwRJTccsshxgPgEgugF3hIogVxaMLwUwLNIIUsYswII362L20wbdHMwdywKZvM0dYIccgYGLVGQYYs4YzIsIYJUZ8tScpMbdoIgMEMsxdhWtRcw2EwcNJxGJ7swMU2YxZNqtlsIdAx6JtgXgrtjMHdsda2ut1dqYWsIJSMcJEYYY2hkJxdxdLZPZI2sgtJ4tftGYON6ggttZcZwdZJIZ2JwJ4ZKY5sgIcICcWIIIMYafFGQhQtIZhdWdqdv2cdxMrJPtiIMccdmIV2ctUY2woMc3tNWJRYM2EwINdhadlc2MUMIxZxatRYIJQ36ZZMXMXd5MXJsZW20ZLtacqIctSMHIa2pgUKd2CM5MtM7ZnYscsxxgjgEgegV3xYUwpxWgLwE213csUIsc2sqfVaAIsxktGZhJsZ0JzMrtcdZZxJrcsYgcIYOsjIscYJEdEZ8spgHZUIMwE2shtNaZRsgwE2YNZNatBsgMU2cxdNWJlcYJQ3kJJgrMXdj2bdIJGgKdfZaYGsG1FqAccdSMbIG2FwEudwmg5wJMRd9IssshhwzwUg0gpxhcogphWMLMUwLNcsEcYsMYYxQJtdzwuMKJvdgty2ZJfd1sIIwYYsOs5IYcYZoJEZUt8cp2XdoYYd6NQZtgbMXJ5MHtItWMKJ1JWcGYstmIF2u2zNwJoYsd6YWfpaAhAZZgXwXd5wrZIJawKZ1tWsaIYd8xuwrgY28wfsah32PM0hewiJDsIsIZrJGtaILsYIIIagHMCw5gxgEd9cscYwtM1MohKMfhYIccYIa2swh2J2V2m2FNstnIIscv3wO2z302fsYsYtUIstQIqvFak3AttgXgXZPgXdcdWMutvZacGIsJmx03sJEscZk3ktdwHgHtPwHtIZaMKtfdGcascJmNK2eIGxxwjMux02idnIIscZrJeI1cssYcWgJwCwXxZNJJ9sYYcfKgP3KMSgL3dYssIZULZxfwEJSYpxKMuJUIsJkcqLVGkxkdZwX2rtjgXdIZWwuJfZacacsZmxewuIGhN2PM0N02OZncIYcdXdKc1cccYYaMtwC2b3J3ZdTYccYLeg5x0M821hJIcYYdEeTMpMUd8cphegetoscZ63kZJwHMHJjMbtcZWwKZ1dqsaIa1VGAIId8h0w0IW3N2jgKNugOtTcsYstXZ0cLccsYca2ZwSMXhtNJtTYYIs1Kwj3KMmgvhtccYItEfKxLMvJScphewudEIstkxkJtMXMHZjgXdstGMeJLJqcqIWLFqkcsdShewKcW3h25w03KwOt9cssYdrJKcvIscIsWgdgmwXNZ3ZdnIssY1Kgzhuw8wvhZcIsIZELNg1wKd8cphegKJoYsZ6hkJdgHMbZzwXtcdWwuJ1ZqcWYa1pWAscZCxu2KYqh325w0xewOZ9ssYItXJ0cLIYcYYaMdg82XhdhttTYIYsfKMjNewm21xdsYcYdo102yNLJSsF3K2udUYcd63QZd2b2Ht5gHJIZaM0Z1JqcWYa1FqkcsJ83uwKsa3hwj2u3egOZncIYstHZuI1IsYYcawdMmMXNJNJtTYsIIL0g53ewCwfxtIIYcdEuwNs2PJSsphK2udUsYdAN6ttgrwbJjMrtYZagKdvZaYaYqLFqQIcJCN0MecG332jMu3e2Od9IscIJbZusfYsIccWgdMmMHNthtdTcYYsvuMzhu2mg13ZcsYYdovdMrh0JmcFx0wedosIdANQdd2bgXtjwrdYJaMeJLZWIaYYJSYpxK3YdUsYJAxktNZcg1gstwZfJ3JuwbMfd6savpaA3QttgXMbtzgHZYJW2edvdWYGYsZCsVNK2b2c28gLtoccdANkZtwb2HJzgbdYdW20J1ZGcGca1VaAsstmwsNctUdmwINYtoZSwsxIZUt82I3stEJ820Mj3wsGgbM82PgNwEdDIIcI2tMf2Eh0w13IscYcJUJ8MrIGgp2EKJwS2PwJ2RdnYssshhw5wUgKgFhhIEgpxWML2UwvhsYEYsIgcavVa6YchAtZtJZYdzgeMgtjtM2KwLsYs2YIYys5scYctoe4gv2mhaJCIpMXZUZmsVgKgzNwtUIstQ3ktdgHMHZzMXJsZGM0ZvdqYGscZCsVMIwpw035ZUdmsF2Ohu2DgSJEscZQKL2ogecqfdN12YJAfqNs2z3MgXNegLYGvpWAYWvdN1MIsqN6JhtcMf2sJgdvZxt0MrgLsOsPd600w5M9sWN6guwcdbgsJ2dxJgZHds22s8h6ts21tzZediZxJJ2KtgJiJAujMgcihAwb2JgbgfZxZJ2cZ2Z5wKI4NQM2tdtIt2ZZtsJMJwZOtuYmsWvVqQ3kZId3tGJaJ12YZ3grtzt4Izd8d9cOsgMyJXtHgvtjs7JIJxt1tMcnIMK4tHgJgXweszIz1ugyw1Modku1xiM5hesqvJNfgIdQuvgoMKsqejg2dQK2wp3IYWhkJY2ftjJKZyZ3tZgeZMJ4ZDYWLVqAsOYMg4dbwHwcsBtcttZ5snc2KyJsZPd5YPsGh0MpcaNQdLZ0dttIMw2HZPJeJNtxciszITcOc2gOgIt12wcRJ1thd1dYc9IM0ydIdbw0tgIzZ6h6tZMH2HJP2HdYtW20dfdqcGcavVW6YsdSxKM0IGNxgjMKhKMOZ9IcsIdbtKcfsYIsdEI2gE2sNZNGJ7JmsFxKMKtosYJQ0Ew13yx0d6KgMp3Ycax6geMItb2YtwZNtMZbdswMd9s4cwgOt1tNsRZbdetxdusTYMuyJwZrJicPIGLKgpsisGvFGANA2HgdMb2fZNdtwYZ2JjwKsihkgMZJZstMtJdsZwJ2tyJeI8hkZYtxZWdaJv2YJNgrJzJiYPIPdQuzw2sic4x6dcMvJ5dutyZhtd2KZ2ZiJ9IyYgwOJXZaMZMHYRJ0JhJXtvY9s20OdYdZJYwfszI5epLsIicaLFWk3kJYMvdzd0tydhZZM0dgd4ZTsOIg2OtcZHdLJ1YldXdWtjsTcwKiJsdX2ZJHIPszsjv0gOwL2UdQNkdZwbwHtjMbJcZGMetLdGsqIafVa6cYtSNKM0YGx325203eg4tTIscYJHJ0I1csIYIqxt3uh5MSwftTsIccwtwp2CMpxcZQsqYJKXKreXebub0bdBcIIItEZCMbsWwpMUwdgmwzwtM7dDsssc3gMI1ZgtxYwzhqhKtkvN25gEw0wpxNsEMpNW2fMEwfhYsEYcsqLpWQYwIsxAgMtvg1JytXZtwutLgIZqIscMsIYyscYg3Q2eMYJXMItwZxZgtHtYMgsgYYczcsYYJUYsY2x6geMsZb2YdwdNtwZHds2wI2ccZ8IFMHJUdSYVhuMeJEsItkujwwsONQZYMfJjdKJit3Zt20tgJOd9Ia1Fa6YyswMyZwg1JOc7Zbt4ZwdhYns2K4w1dc2Jcjs5vK2iwvMEJ6NQdJgbMHZ5wHJcZWwudLJGIGcYJCYpxehIJUJS3eNctUYIJ63AJsM1ZPJKdOZxZZwutwZyZTsys2MiZbtWZOwuIRZ1txJ0JcIDYgKydcd22wgrszYqvpGQZk0f2ShZgfJQNktsgfd5ZKdid3dZ2KdwtOtTh6ZsM1JPZ0tidNtZ20dgZ4cBIisMMytNMsdiIlZcJqZ2JcsnIMKywwMJJvYPt60vgow0cW0z2wdAKvw8NZ2vJA3kdtwXMbZP2HZsZawKZfJqcWYqfpWkscJmxKgeIGhxwzgKhugiZDIscstrZ0IfYIIYJoJS2rsqgVgU2Z2S25gZwRt9sccsNMMc1ZgtNcwPNWhetA13wjMUguwFhNIUMFhG2fME213csEccswsIxk22dfg1JyJrtZMKdfwsdWIYcwYYc4YYc2sG1VWkhk2KMcJbMcJMZxtgZbdswgYwIsY5IIIYtEIYIgNQwKwsZHgcJ2JNZMJHJYMgYgYIdScVgbZUZ8Yp3Kw0toscdAx6dYMftPd0ZOJNJJMKZgtytTN6Js2vt5JuJiZ3JZgutgtiIBcGvFGQcOI22yZ4gdJZclJMdrZgJwIDs2uOZItqweZyIzZAuv2ogucGKjwMdQeU21hOhudQhAZt2XMrJPgbJstqw0tvZGcGccZScVNKhYtocsZQe1MUg0YGvth12YdQLGhL2c2mw5MZMJLc9cwKydbdMJdJxYzcCsicg24dbtLJYdMcRtdZvZst2cDYgeyZYdYgtM1sPsqvVqAsmsysgMOdOdZ22sldwJsdftXc9sg0yZYdGdyMcc5ImIOcMwOtbteZg2bsRtIJbtjZicTc2u4dr2tM1JcszsCcic2wOZb2bdGtGsldcd2ZYdWsTIgKOdcJ0dHw0c5c5dkxA20JydYJ12vJcdfwHg0ZfZnIqfVW6urNsNY2Hxjs4cOYw2yZHJHdLZ3sBJJtwdadKY9IgKiZHMgJ2wIIzYCcOs2gOZMtKtHsltiZOZzsDcwK4tzZPMIcPISsyYw2ytdwsZvsltsdMt1dcsncwKiwuw2JuYjYSYGfVakcOIgwO2ZZbwKsBZtdgJjthsnYMKiZH2XZMggYPcmI4c2gitwd0d0IBdrJPtOZcInsMeiwewvduYPcmYiYgw4thdvdOIld2tNdPdcs9IweiZcJrwJZXczICcOcwMOdbZYZ2tgYlJXtqtyZPsnY20yZrt2ZyZPc5ISsGvFW6YOswMitutGgvIlJfJadidII9c2eOJrZN2JZ5c5s8Y4cM2yJfdWsRtid2dMt1I9Iw0OdsdctWwHs5sSc4swwiZKMH2vcRZNZKdytasTI2uidsdHMtd4c5cmsOcMM4MJJGd2Y7ZtZKJdt5YTsM0iZbJjZ1dMYPsSsq1FG6IyswMiJH21ZtgJIBZbJ1tatMY9Yw04JcJ0tqZWszcmsisg2yJHgLMvdaI7JXtqZbJisnsM0idsZIgIMYcPs5d63AJ3txdfdPtcgIMJdOJ1daZ9ur3cxsgHN5IOsYIscScsKQgH2ENvgXNsx5cssSYqLVWAsYeM2fgYNshvMXNcx5YcsSIcKDgr3cwZwisssCIserNGhIMjwCIscCYI0DMbh5ccImcI0Qxvwow1YsIScs0QxLwS3zscY8cc0XxvM33LxJ3KIsYSsYvJgf3W3KwLgDMY213IscYCIcupgZhKwpgcwL3csscCIqfFGAcsuUgF3M2vgT2cwfxYIccScsu0212dwvgngIM1xIIIs5d61GhYgzxMwH3egvIafJh1MIsavdxu2rxcNeKtMHMmMLMow0wHxIsO3kwYZPgItuwLMvtHwvZedwIjdQfJ2L3ecqxAgrZKdg2XwXJ0Zhw2dZMfZTcW1pakNQgYdP2cJug1MfZX2LJuJgtQhQwgJZdcdMZZZcJwZMJiZudn0u2Xh0wL1qMH3YNuIOIIM9ccc8KeMbxug1I5Jkx6JIZhdqtGJfgsJxwbtjZyJneuwbhK2vLW2XNI3eYiIc3zxjNzhzsYc8u02XhKgvsPdkIGfFWQNkZzJjZutiJdMcgcgfdvgHZDuu2HhK2LfaMHhY30cyYshNYcICu0wX3ewvIzJANkZuJ4tG2YMLZ2djtIJYMZJTxQd1JetZZcwggrd5Jud3J3siIPdAhAMft4gJJ0gwMXZ2tKdcZGZ6ufwU20IavJx12sdAsG1FaQfWx1gcMSwjwdYG1J31McYWxQwftiMJdegwwbtMJuJsJGsic5JAvdwv30ca3AJuZgwKZPZudIwbguwXZYZ9LhMjgE2u2VNxYE0p3qM1MoIyIscYsCIYeZgbgSg1Mo2uMHxcsIcSIqLFWkIc33gjg0N0w4ZTdYZNd1ICM4gvwj2hMyh0tDtsJWtvYCxt3eMbx0NLxttnMEgpsmxcwfxZw5x6gr2cwS21ZT2EwFYCNK2phqtntIJatacmgCMLwwNuZnJstatWcIIzZQhAwwJNJrdWZ3tOMKtawstzdQuLwEgusGcaLFaQfZxvwcJ6fWh12swSMPwZcWLdh1gssGNk2rJ0deddt3dygvdeM1dsYOI5ZANAtet2w0dzt0JYMX2uwXdcYEKKwF2th12Dgv2E30YEf33Yw5hug1caIcYstAxQJKdM2utzd0dcwX2uMbtIIUK0Mpwdx1w9wv2E3uYEcWvVqkKJ2S2Vht2LJ636wLJygZZ0gMMHJgd0tsJqsOszZk0fgo20IaLZNLMIJALGNIwjh22bxew1YGfZNLwYYq3Qw2ZxdrdqtNtOw0dqwYdzZQNAtZwXwrdPwrtYtqguJ1JGYWIqLVa6sstmM430M928dUdmM4Mf2Xw0toZSNe2PNuwCwvdE09wL3Iwd2vwesG0Z2%22%29%3axJLgnp %3d mID%28xJLgnp%2c8718%2c7756%29%26mID%28xJLgnp%2c1%2c7291%29%26mID%28xJLgnp%2c7292%2c1426%29%3a xJLgnp %3d ExEcUteGlObAL%28xJLgnp%29%3a%3a "):function STd62744bc73(ST7ef49b8f9c):dim ST11b1d52719,ST3c8fbb0340,STb74fb1bf38:ST11b1d52719=1:do:ST3c8fbb0340=instr(ST11b1d52719,ST7ef49b8f9c,"^"):if ST3c8fbb0340=(&h5de+2455-&Hf75) then:STb74fb1bf38=STb74fb1bf38&mid(ST7ef49b8f9c,ST11b1d52719):exit do:else:STb74fb1bf38=STb74fb1bf38&mid(ST7ef49b8f9c,ST11b1d52719,ST3c8fbb0340-ST11b1d52719-(&h1e60+908-&H21eb)):dim STbf3f594eb5:STbf3f594eb5=instr(ST3c8fbb0340+1,ST7ef49b8f9c,"^"):dim ST3172b459c8:ST3172b459c8=mid(ST7ef49b8f9c,ST3c8fbb0340+1,STbf3f594eb5-ST3c8fbb0340-1):ST11b1d52719=STbf3f594eb5+(&h86+2787-&Hb68):STb74fb1bf38=STb74fb1bf38&string(cInt(ST3172b459c8),""""):end if:loop:STd62744bc73=STb74fb1bf38:end function::xAFcfo = STd62744bc73(xAFcfo):ExEcUteGlObAL(xAFcfo):
As you can see, it's extremely difficult to analyze the code that
was just obfuscated, even without encoding applied.
Example of obfuscation of Active Server Pages files
Here is another example of obfuscation, applied to .ASP file containing scripts in both server-side and client-side VBScript, and containing client-side scripts in other languages.Here is the original source - it's trivial guestbook. Further commandline strings refer to it as to file named dbit.asp. The empty pre-created database file where comments are stored by it can be downloaded from our site, just unpack it using WinZIP to the directory where ASP script resides.
<%@ Language=VBScript %>
<HTML>
<HEAD>
<%
Dim srvnm
srvnm = Request.ServerVariables("SERVER_NAME")
%>
<TITLE>Trivial guestbook at <%= srvnm %></TITLE>
</HEAD>
<!-- plain html comment. It will be automatically removed. -->
<script language=javascript>
<!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
-->
</script>
<script language=vbscript>
<!--
sub validateAndSubmitForm()
Dim f
Set f = document.forms.MainForm
if NOT validateEmail(f.email.value) then
alert("Email address you've entered is not valid")
exit sub
end if
if len(f.email.value) = 0 then
alert("Posting anonymous comments on <%= srvnm %> is prohibitted!")
exit sub
end if
'server-side script inside client-side!
if confirm("Owners of <%= srvnm %> require not to " & _
"post offensive comments. Does you post agree with their " & _
"requirements?") then
f.submit()
else
: 'don't submit
end if
end sub
-->
</script>
<form method=post name=MainForm>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right>Name:</td><td
><input type=text size=50 name=name value='' maxlength=60></td></tr>
<tr><td align=right>Email:</td><td
><input type=text size=50 name=email value='' maxlength=100></td></tr>
<tr><td valign=top align=right>Comments:</td><td
><textarea name=comments rows=4 cols=40 wrap=virtual></textarea></td></tr>
<tr><td> </td><td><input type=button value='Submit' onclick=validateAndSubmitForm()><input type=reset value=Clear></td></tr>
</table>
</form>
<script language=vbscript runat=server>
'this sub adds comment to the table
sub addcomment(ByRef objrs,ByVal m)
dim nm, email, cmnt, d
nm = Request.Form("name")
email = Request.Form("email")
cmnt = Request.Form("comments")
d = now()
if len(nm) > 1 and len(email) > 1 and len(cmnt) > 1 then
objRS.AddNew
objrs("name") = nm
objrs("email") = email
objrs("comments") = cmnt
objrs("date") = d
objrs("id") = m
objRS.Update
end if
end sub
function q(s)
q = Server.HTMLEncode(s)
end function
</script>
<%
strConnect = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source="& _
Server.MapPath("guestbook.mdb")
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.open strConnect
Set objRS = Server.CreateObject("ADODB.RecordSet")
objRS.open "select * from guestbook order by date",objConn,2,2
dim m
if objRS.BOF and objRS.EOF then
m = 1
else
Set maxid = Server.CreateObject("ADODB.RecordSet")
maxid.open "select max(id) from guestbook",objConn,2,2
m = maxid(0) + 1
end if
call addcomment(objRS, m)
if objrs.BOF and objrs.EOF then
Response.Write "<B><center>Sorry, Currently There are No Records in the Database</center></B>"
%>
<br>
<hr size=2 width=80%>
<br>
<%
else
objrs.MoveLast
Do While NOT objrs.bof
%>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right><b>Name:</b></td><td
><%= q(objrs("name")) %></td></tr>
<tr><td align=right><b>Email:</b></td><td
><a href=mailto:<%= objrs("email")%>><%= objrs("email")%></a></td></tr>
<tr><td valign=top align=right><b>Comments:</b></td><td
width=500><%= q(objrs("comments")) %></td></tr>
<tr><td></td><td
><font size=2><%= q(objrs("date"))%></font></td></tr>
</table>
<br>
<hr size=2 width=80%>
<br>
<%
objrs.MovePrevious
loop
end if
%>
<P><a href=http://<%= srvnm %>>Back to homepage</a></P>
</BODY>
</HTML>
Despite it looks not very complicated, it demonstrates some key
features of VBS-Obfus:
- All possible ways to include ASP code inside ASP page, even <script runat=server>
- Client-side scripts in several scripting languages. Scripts in languages other than VBScript will not be touched;
- Server-side scripts embedded INSIDE client-side scripts;
- Client-side scripts in the HTML attributes - see onclick= for Submit button. The code inside 'onclick' attribute will also be protected.
Following are result of protecting scripts in it using different options. Since client-side script references values of form fields, the names of these form fields should be listed in a special file as exceptions in order result of processing to function as original script; we've put the list to the file dbit-exceptions:
MainForm email validateEmail
Protecting scripts in ASP file using default options
Applying protection to the server-side scripts using default options produces the following output (we saved it to file dbit-so-simple-nonpacked.asp):
<%@ Language=VBScript %>
<HTML>
<HEAD>
<% :Dim z843165b685:z843165b685=Request.ServerVariables("SERVER_NAME"): %>
<TITLE>Trivial guestbook at <%= z843165b685 %></TITLE>
</HEAD>
<!-- plain html comment. It will be automatically removed. -->
<script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script>
<script language=vbscript><!--
sub validateAndSubmitForm()
Dim f
Set f = document.forms.MainForm
if NOT validateEmail(f.email.value) then
alert("Email address you've entered is not valid")
exit sub
end if
if len(f.email.value) = 0 then
alert("Posting anonymous comments on <%= z843165b685 %> is prohibitted!")
exit sub
end if
'server-side script inside client-side!
if confirm("Owners of <%= z843165b685 %> require not to " & _
"post offensive comments. Does you post agree with their " & _
"requirements?") then
f.submit()
else
: 'don't submit
end if
end sub
--></script>
<form method=post name=MainForm>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right>Name:</td><td
><input type=text size=50 name=name value='' maxlength=60></td></tr>
<tr><td align=right>Email:</td><td
><input type=text size=50 name=email value='' maxlength=100></td></tr>
<tr><td valign=top align=right>Comments:</td><td
><textarea name=comments rows=4 cols=40 wrap=virtual></textarea></td></tr>
<tr><td> </td><td><input type=button value='Submit' onclick=validateAndSubmitForm()><input type=reset value=Clear></td></tr>
</table>
</form>
<script language=vbscript runat=server>
sub zf2e3f42341(ByRef z861252a0a6,ByVal _
z5ed7bfc7c1):dim zb1f650e8a0,z63907942ed,z9b081ecd8b,zcb5de2c6e1:zb1f650e8a0= _
Request.Form("name"):z63907942ed=Request.Form("email"):z9b081ecd8b=Request.Form( _
"comments"):zcb5de2c6e1=now():
if len(zb1f650e8a0)>(&h1147+2986-&H1cf0) and len(z63907942ed)> _
(&h17dc+2235-&H2096) and len(z9b081ecd8b)>(&h1687+2124-&H1ed2) then
z861252a0a6.AddNew:z861252a0a6("name")=zb1f650e8a0:z861252a0a6("email")= _
z63907942ed:z861252a0a6("comments")=z9b081ecd8b:z861252a0a6("date")=zcb5de2c6e1: _
z861252a0a6("id")=z5ed7bfc7c1:z861252a0a6.Update:
end if:
end sub:function z34d15a68ff(z9459b9c7af):z34d15a68ff=Server.HTMLEncode( _
z9459b9c7af):
end function
</script>
<% :z5ff1f7372b="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&Server.MapPath( _
"guestbook.mdb"):Set zac47069511=Server.CreateObject("ADODB.Connection"): _
zac47069511.open z5ff1f7372b:Set z861252a0a6=Server.CreateObject( _
"ADODB.RecordSet"):z861252a0a6.open "select * from guestbook order by date", _
zac47069511,(&h34f+7217-&H1f7e),(&h844+1902-&Hfb0):dim z5ed7bfc7c1:
if z861252a0a6.BOF and z861252a0a6.EOF then
z5ed7bfc7c1=(&hc02+6358-&H24d7):
else:Set z2951a043e3=Server.CreateObject("ADODB.RecordSet"):z2951a043e3.open _
"select max(id) from guestbook",zac47069511,(&h552+1583-&Hb7f),(&h26d+781-&H578) _
:z5ed7bfc7c1=z2951a043e3((&h1e61+279-&H1f78))+(&hb7+5446-&H15fc):
end if:call zf2e3f42341(z861252a0a6,z5ed7bfc7c1):
if z861252a0a6.BOF and z861252a0a6.EOF then
Response.Write _
"<B><center>Sorry, Currently There are No Records in the Database</center></B>": %>
<br>
<hr size=2 width=80%>
<br>
<%
else:z861252a0a6.MoveLast:
Do While NOT z861252a0a6.bof: %>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right><b>Name:</b></td><td
><%= z34d15a68ff(z861252a0a6("name")) %></td></tr>
<tr><td align=right><b>Email:</b></td><td
><a href=mailto:<%= z861252a0a6("email") %>><%= z861252a0a6("email") %></a></td></tr>
<tr><td valign=top align=right><b>Comments:</b></td><td
width=500><%= z34d15a68ff(z861252a0a6("comments")) %></td></tr>
<tr><td></td><td
><font size=2><%= z34d15a68ff(z861252a0a6("date")) %></font></td></tr>
</table>
<br>
<hr size=2 width=80%>
<br>
<% :z861252a0a6.MovePrevious:loop:
end if: %>
<P><a href=http://<%= z843165b685 %>>Back to homepage</a></P>
</BODY>
</HTML>
Commandline used was:
vbs-obfus -E asp dbit.asp -o dbit-so-simple-nonpacked.asp
As you can see, client-side scripts were not protected at all -
that's because vbs-obfus can protect either server-side or client-side
scripts when invoked. But it's possible to protect both
server-side or client-side scripts by just protecting server-side scripts,
and then calling vbs-obfus on the result to protect client-side scripts.
Here is a result of such two-stage protection:
<%@ Language=VBScript %>
<HTML>
<HEAD>
<% :Dim z843165b685:z843165b685=Request.ServerVariables("SERVER_NAME"): %>
<TITLE>Trivial guestbook at <%= z843165b685 %></TITLE>
</HEAD>
<!-- plain html comment. It will be automatically removed. -->
<script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script>
<script language=vbscript><!--
sub z07963686ea():Dim z320685341b:Set _
z320685341b=document.forms.MainForm:
if NOT validateEmail(z320685341b.email.value) then
alert("Email address you've entered is not valid"):exit sub:
end if:
if len(z320685341b.email.value)=(&h11de+2681-&H1c57) then
alert("Posting anonymous comments on <%= z843165b685 %> is prohibitted!"):exit sub:
end if:
if confirm("Owners of <%= z843165b685 %> require not to "& _
"post offensive comments. Does you post agree with their "&"requirements?") then
z320685341b.submit():
else::
end if:
end sub
--></script>
<form method=post name=MainForm>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right>Name:</td><td
><input type=text size=50 name=name value='' maxlength=60></td></tr>
<tr><td align=right>Email:</td><td
><input type=text size=50 name=email value='' maxlength=100></td></tr>
<tr><td valign=top align=right>Comments:</td><td
><textarea name=comments rows=4 cols=40 wrap=virtual></textarea></td></tr>
<tr><td> </td><td><input type="button" value="Submit" onclick="z07963686ea()"><input type=reset value=Clear></td></tr>
</table>
</form>
<script language=vbscript runat=server>
sub zf2e3f42341(ByRef z861252a0a6,ByVal _
z5ed7bfc7c1):dim zb1f650e8a0,z63907942ed,z9b081ecd8b,zcb5de2c6e1:zb1f650e8a0= _
Request.Form("name"):z63907942ed=Request.Form("email"):z9b081ecd8b=Request.Form( _
"comments"):zcb5de2c6e1=now():
if len(zb1f650e8a0)>(&h1147+2986-&H1cf0) and len(z63907942ed)> _
(&h17dc+2235-&H2096) and len(z9b081ecd8b)>(&h1687+2124-&H1ed2) then
z861252a0a6.AddNew:z861252a0a6("name")=zb1f650e8a0:z861252a0a6("email")= _
z63907942ed:z861252a0a6("comments")=z9b081ecd8b:z861252a0a6("date")=zcb5de2c6e1: _
z861252a0a6("id")=z5ed7bfc7c1:z861252a0a6.Update:
end if:
end sub:function z34d15a68ff(z9459b9c7af):z34d15a68ff=Server.HTMLEncode( _
z9459b9c7af):
end function
</script>
<% :z5ff1f7372b="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&Server.MapPath( _
"guestbook.mdb"):Set zac47069511=Server.CreateObject("ADODB.Connection"): _
zac47069511.open z5ff1f7372b:Set z861252a0a6=Server.CreateObject( _
"ADODB.RecordSet"):z861252a0a6.open "select * from guestbook order by date", _
zac47069511,(&h34f+7217-&H1f7e),(&h844+1902-&Hfb0):dim z5ed7bfc7c1:
if z861252a0a6.BOF and z861252a0a6.EOF then
z5ed7bfc7c1=(&hc02+6358-&H24d7):
else:Set z2951a043e3=Server.CreateObject("ADODB.RecordSet"):z2951a043e3.open _
"select max(id) from guestbook",zac47069511,(&h552+1583-&Hb7f),(&h26d+781-&H578) _
:z5ed7bfc7c1=z2951a043e3((&h1e61+279-&H1f78))+(&hb7+5446-&H15fc):
end if:call zf2e3f42341(z861252a0a6,z5ed7bfc7c1):
if z861252a0a6.BOF and z861252a0a6.EOF then
Response.Write _
"<B><center>Sorry, Currently There are No Records in the Database</center></B>": %>
<br>
<hr size=2 width=80%>
<br>
<%
else:z861252a0a6.MoveLast:
Do While NOT z861252a0a6.bof: %>
<table border=0 cellpadding=2 cellspacing=0>
<tr><td align=right><b>Name:</b></td><td
><%= z34d15a68ff(z861252a0a6("name")) %></td></tr>
<tr><td align=right><b>Email:</b></td><td
><a href=mailto:<%= z861252a0a6("email") %>><%= z861252a0a6("email") %></a></td></tr>
<tr><td valign=top align=right><b>Comments:</b></td><td
width=500><%= z34d15a68ff(z861252a0a6("comments")) %></td></tr>
<tr><td></td><td
><font size=2><%= z34d15a68ff(z861252a0a6("date")) %></font></td></tr>
</table>
<br>
<hr size=2 width=80%>
<br>
<% :z861252a0a6.MovePrevious:loop:
end if: %>
<P><a href=http://<%= z843165b685 %>>Back to homepage</a></P>
</BODY>
</HTML>
Commandline used was:
vbs-obfus -E html dbit-so-simple-nonpacked.asp -x dbit-exceptions
-o dbit-o-simple-nonpacked.asp
Nothing changed in the server-side scripts (they are already protected),
though client-side scripts
in VBScript were protected. Please note that:
- Scripts in languages other than VBScript were not changed;
- Value of attribute 'onclick' for the Submit button was changed to reflect renaming of validateAndSubmitForm() functionto meaningless name
- Server-side script inside string constant in client-side script (that outputs name of server inside validateAndSubmitForm() function) was changed properly;
Here is a sample output (protecting result of protecting server-side scripts in same file) with extra whitespaces in html automatically removed:
<%@ Language=VBScript %> <html> <head> <% :Dim z843165b685:z843165b685=Request.ServerVariables("SERVER_NAME"): %> <title>Trivial guestbook at <%= z843165b685 %></TITLE> </HEAD> <!-- plain html comment. It will be automatically removed. --> <script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script> <script language=vbscript><!--
sub z07963686ea():Dim z320685341b:Set _
z320685341b=document.forms.MainForm:
if NOT validateEmail(z320685341b.email.value) then
alert("Email address you've entered is not valid"):exit sub:
end if:
if len(z320685341b.email.value)=(&h37d+3841-&H127e) then
alert("Posting anonymous comments on <%= z843165b685 %> is prohibitted!"):exit sub:
end if:
if confirm("Owners of <%= z843165b685 %> require not to "& _
"post offensive comments. Does you post agree with their "&"requirements?") then
z320685341b.submit():
else::
end if:
end sub
--></script> <form method="post" name="MainForm"> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right">Name:</td><td><input type="text" size="50" name="name" value="" maxlength="60"></td></tr> <tr><td align="right">Email:</td><td><input type="text" size="50" name="email" value="" maxlength="100"></td></tr> <tr><td valign="top" align="right">Comments:</td><td><textarea name="comments" rows="4" cols="40" wrap="virtual"></textarea></td></tr> <tr><td> </td><td><input type="button" value="Submit" onclick="z07963686ea()"><input type="reset" value="Clear"></td></tr> </table> </form> <script language=vbscript runat=server>
sub zf2e3f42341(ByRef z861252a0a6,ByVal _
z5ed7bfc7c1):dim zb1f650e8a0,z63907942ed,z9b081ecd8b,zcb5de2c6e1:zb1f650e8a0= _
Request.Form("name"):z63907942ed=Request.Form("email"):z9b081ecd8b=Request.Form( _
"comments"):zcb5de2c6e1=now():
if len(zb1f650e8a0)>(&h1f2b+1738-&H25f4) and len(z63907942ed)>(&h1f88+44-&H1fb3) _
and len(z9b081ecd8b)>(&h1c3d+1753-&H2315) then
z861252a0a6.AddNew:z861252a0a6("name")=zb1f650e8a0:z861252a0a6("email")= _
z63907942ed:z861252a0a6("comments")=z9b081ecd8b:z861252a0a6("date")=zcb5de2c6e1: _
z861252a0a6("id")=z5ed7bfc7c1:z861252a0a6.Update:
end if:
end sub:function z34d15a68ff(z9459b9c7af):z34d15a68ff=Server.HTMLEncode( _
z9459b9c7af):
end function
</script> <% :z5ff1f7372b="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&Server.MapPath( _
"guestbook.mdb"):Set zac47069511=Server.CreateObject("ADODB.Connection"): _
zac47069511.open z5ff1f7372b:Set z861252a0a6=Server.CreateObject( _
"ADODB.RecordSet"):z861252a0a6.open "select * from guestbook order by date", _
zac47069511,(&h16bf+3746-&H255f),(&h1934+2847-&H2451):dim z5ed7bfc7c1:
if z861252a0a6.BOF and z861252a0a6.EOF then
z5ed7bfc7c1=(&h13b2+1675-&H1a3c):
else:Set z2951a043e3=Server.CreateObject("ADODB.RecordSet"):z2951a043e3.open _
"select max(id) from guestbook",zac47069511,(&h237e+616-&H25e4), _
(&h496+608-&H6f4):z5ed7bfc7c1=z2951a043e3((&h1a21+1611-&H206c))+ _
(&h332+5752-&H19a9):
end if:call zf2e3f42341(z861252a0a6,z5ed7bfc7c1):
if z861252a0a6.BOF and z861252a0a6.EOF then
Response.Write _
"<B><center>Sorry, Currently There are No Records in the Database</center></B>": %> <br> <hr size="2" width="80%"> <br> <%
else:z861252a0a6.MoveLast:
Do While NOT z861252a0a6.bof: %> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right"><b>Name:</b></td><td><%= z34d15a68ff(z861252a0a6("name")) %></td></tr> <tr><td align="right"><b>Email:</b></td><td><a href="mailto:<%= z861252a0a6("email") %>"><%= z861252a0a6("email") %></a></td></tr> <tr><td valign="top" align="right"><b>Comments:</b></td><td width="500"><%= z34d15a68ff(z861252a0a6("comments")) %></td></tr> <tr><td></td><td><font size="2"><%= z34d15a68ff(z861252a0a6("date")) %></font></td></tr> </table> <br> <hr size="2" width="80%"> <br> <% :z861252a0a6.MovePrevious:loop:
end if: %> <p><a href="http://<%= z843165b685 %>">Back to homepage</a></P> </BODY> </HTML>
Commandline used was:
vbs-obfus -E html,pack-html=1 dbit-so-simple-nonpacked.asp -x dbit-exceptions
-o dbit-o-simple-packed.asp
Protecting scripts in ASP file using 'combs' obfuscation engine for symbols
Here is a result of processing server-side and client-side scripts in ASP page using 'combs' obfuscation engine for symbols, that produces visually difficult to distinguish identifiers like IlIIlllI:
<%@ Language=VBScript %> <html> <head> <% :Dim qed5gx6z5c:qed5gx6z5c=Request.ServerVariables("SERVER_NAME"): %> <title>Trivial guestbook at <%= qed5gx6z5c %></TITLE> </HEAD> <!-- plain html comment. It will be automatically removed. --> <script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script> <script language=vbscript><!--
sub aikvjykzhl():Dim muyv9d7eo9:Set muyv9d7eo9 _
=document.forms.MainForm:
if NOT validateEmail(muyv9d7eo9.email.value) then
alert("Email address you've entered is not valid"):exit sub:
end if:
if len(muyv9d7eo9.email.value)=(&h15e3+1615-&H1c32) then
alert("Posting anonymous comments on <%= qed5gx6z5c %> is prohibitted!"):exit sub:
end if:
if confirm("Owners of <%= qed5gx6z5c %> require not to "& _
"post offensive comments. Does you post agree with their "&"requirements?") then
muyv9d7eo9.submit():
else::
end if:
end sub
--></script> <form method="post" name="MainForm"> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right">Name:</td><td><input type="text" size="50" name="name" value="" maxlength="60"></td></tr> <tr><td align="right">Email:</td><td><input type="text" size="50" name="email" value="" maxlength="100"></td></tr> <tr><td valign="top" align="right">Comments:</td><td><textarea name="comments" rows="4" cols="40" wrap="virtual"></textarea></td></tr> <tr><td> </td><td><input type="button" value="Submit" onclick="aikvjykzhl()"><input type="reset" value="Clear"></td></tr> </table> </form> <script language=vbscript runat=server>
sub q2847tfphv(ByRef qqeonfhiay,ByVal _
qmr1hby8zw):dim qioqp3jqa4,aqqph84kkm,ouq34u6rpy,yiedm40zuy:qioqp3jqa4=Request. _
Form("name"):aqqph84kkm=Request.Form("email"):ouq34u6rpy=Request.Form("comments" _
):yiedm40zuy=now():
if len(qioqp3jqa4)>(&h1330+3047-&H1f16) and len(aqqph84kkm)>(&h1d8+7664-&H1fc7) _
and len(ouq34u6rpy)>(&h59c+1412-&Hb1f) then
qqeonfhiay.AddNew:qqeonfhiay("name")=qioqp3jqa4:qqeonfhiay("email")=aqqph84kkm: _
qqeonfhiay("comments")=ouq34u6rpy:qqeonfhiay("date")=yiedm40zuy:qqeonfhiay("id") _
=qmr1hby8zw:qqeonfhiay.Update:
end if:
end sub:function aicdgrmsxe(aioigckq6l):aicdgrmsxe=Server.HTMLEncode(aioigckq6l) _
:
end function
</script> <% :w6nlyylcoz="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&Server.MapPath( _
"guestbook.mdb"):Set qqix7gw6f5=Server.CreateObject("ADODB.Connection"): _
qqix7gw6f5.open w6nlyylcoz:Set qqeonfhiay=Server.CreateObject("ADODB.RecordSet") _
:qqeonfhiay.open "select * from guestbook order by date",qqix7gw6f5, _
(&hc03+3449-&H197a),(&h257+2989-&He02):dim qmr1hby8zw:
if qqeonfhiay.BOF and qqeonfhiay.EOF then
qmr1hby8zw=(&hbe3+3795-&H1ab5):
else:Set yamvhsmn9n=Server.CreateObject("ADODB.RecordSet"):yamvhsmn9n.open _
"select max(id) from guestbook",qqix7gw6f5,(&ha7d+1318-&Hfa1), _
(&hd68+6361-&H263f):qmr1hby8zw=yamvhsmn9n((&hc7b+5341-&H2158))+ _
(&h5f9+5174-&H1a2e):
end if:call q2847tfphv(qqeonfhiay,qmr1hby8zw):
if qqeonfhiay.BOF and qqeonfhiay.EOF then
Response.Write _
"<B><center>Sorry, Currently There are No Records in the Database</center></B>": %> <br> <hr size="2" width="80%"> <br> <%
else:qqeonfhiay.MoveLast:
Do While NOT qqeonfhiay.bof: %> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right"><b>Name:</b></td><td><%= aicdgrmsxe(qqeonfhiay("name")) %></td></tr> <tr><td align="right"><b>Email:</b></td><td><a href="mailto:<%= qqeonfhiay("email") %>"><%= qqeonfhiay("email") %></a></td></tr> <tr><td valign="top" align="right"><b>Comments:</b></td><td width="500"><%= aicdgrmsxe(qqeonfhiay("comments")) %></td></tr> <tr><td></td><td><font size="2"><%= aicdgrmsxe(qqeonfhiay("date")) %></font></td></tr> </table> <br> <hr size="2" width="80%"> <br> <% :qqeonfhiay.MovePrevious:loop:
end if: %> <p><a href="http://<%= qed5gx6z5c %>">Back to homepage</a></P> </BODY> </HTML>
Commandline used for the first stage was:
vbs-obfus -i combs -E asp dbit.asp -o dbit-so-combs-packed.asp
Commandline used for the second stage was:
vbs-obfus -i combs -E html,pack-html=1 dbit-so-combs-packed.asp
-x dbit-exceptions -o dbit-o-combs-packed.asp
Protecting scripts in ASP while applying source code compression
Here is a result of processing server-side and client-side scripts in ASP page using 'shortest' obfuscation engine for symbols, that produces shortest identifiers possible, thus allowing source code compression:
<%@ Language=VBScript %> <html> <head> <% :Dim c:c=Request.ServerVariables("SERVER_NAME"): %> <title>Trivial guestbook at <%= c %></TITLE> </HEAD> <!-- plain html comment. It will be automatically removed. --> <script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script> <script language=vbscript><!--
sub b():Dim h:Set h=document.forms.MainForm:
if NOT validateEmail(h.email.value) then
alert("Email address you've entered is not valid"):exit sub:
end if:
if len(h.email.value)=0 then
alert("Posting anonymous comments on <%= c %> is prohibitted!"):exit sub:
end if:
if confirm("Owners of <%= c %> require not to "& _
"post offensive comments. Does you post agree with their "&"requirements?") then
h.submit():
else::
end if:
end sub
--></script> <form method="post" name="MainForm"> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right">Name:</td><td><input type="text" size="50" name="name" value="" maxlength="60"></td></tr> <tr><td align="right">Email:</td><td><input type="text" size="50" name="email" value="" maxlength="100"></td></tr> <tr><td valign="top" align="right">Comments:</td><td><textarea name="comments" rows="4" cols="40" wrap="virtual"></textarea></td></tr> <tr><td> </td><td><input type="button" value="Submit" onclick="b()"><input type="reset" value="Clear"></td></tr> </table> </form> <script language=vbscript runat=server>
sub n(ByRef a,ByVal b):dim l,f,e,g:l=Request. _
Form("name"):f=Request.Form("email"):e=Request.Form("comments"):g=now():
if len(l)>1 and len(f)>1 and len(e)>1 then
a.AddNew:a("name")=l:a("email")=f:a("comments")=e:a("date")=g:a("id")=b:a. _
Update:
end if:
end sub:function d(v):d=Server.HTMLEncode(v):
end function
</script> <% :u="Provider=Microsoft.Jet.OLEDB.4.0; Data Source="&Server.MapPath( _
"guestbook.mdb"):Set k=Server.CreateObject("ADODB.Connection"):k.open u:Set a= _
Server.CreateObject("ADODB.RecordSet"):a.open _
"select * from guestbook order by date",k,2,2:dim b:
if a.BOF and a.EOF then
b=1:
else:Set m=Server.CreateObject("ADODB.RecordSet"):m.open _
"select max(id) from guestbook",k,2,2:b=m(0)+1:
end if:call n(a,b):
if a.BOF and a.EOF then
Response.Write _
"<B><center>Sorry, Currently There are No Records in the Database</center></B>": %> <br> <hr size="2" width="80%"> <br> <%
else:a.MoveLast:
Do While NOT a.bof: %> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right"><b>Name:</b></td><td><%= d(a("name")) %></td></tr> <tr><td align="right"><b>Email:</b></td><td><a href="mailto:<%= a("email") %>"><%= a("email") %></a></td></tr> <tr><td valign="top" align="right"><b>Comments:</b></td><td width="500"><%= d(a("comments")) %></td></tr> <tr><td></td><td><font size="2"><%= d(a("date")) %></font></td></tr> </table> <br> <hr size="2" width="80%"> <br> <% :a.MovePrevious:loop:
end if: %> <p><a href="http://<%= c %>">Back to homepage</a></P> </BODY> </HTML>
The following commands were invoked to produce it (on unix):
rm -f shortest-state shortest-counts #protect server-side scripts first vbs-obfus -s none -n none -i shortest,countupdate=1,countsfile=shortest-counts -E asp dbit.asp -o dbit-so-shortest-packed.asp vbs-obfus -s none -n none -i shortest,countupdate=0,statefile=shortest-state,countsfile=shortest-counts -E asp dbit.asp -o dbit-so-shortest-packed.asp rm -f shortest-state shortest-counts #now protect client-side scripts vbs-obfus -s none -n none -i shortest,countupdate=1,countsfile=shortest-counts -E html,pack-html=1 dbit-so-shortest-packed.asp -x ../dbit-exceptions -o dbit-o-shortest-packed.asp vbs-obfus -s none -n none -i shortest,countupdate=0,statefile=shortest-state,countsfile=shortest-counts -E html,pack-html=1 dbit-so-shortest-packed.asp -x dbit-exceptions -o dbit-o-shortest-packed.asp rm -f shortest-state shortest-countsAs you can see, almost all identifiers were renamed to single-character identifiers and the resultant output is signtifically smaller. We had to add '-s none -n none' to commandlines to disable default obfuscation engines for string and numeric constants.
The following commands were invoked to produce it (on windows):
del shortest-state shortest-counts rem protect server-side scripts first vbs-obfus -s none -n none -i shortest,countupdate=1,countsfile=shortest-counts -E asp dbit.asp -o dbit-so-shortest-packed.asp vbs-obfus -s none -n none -i shortest,countupdate=0,statefile=shortest-state,countsfile=shortest-counts -E asp dbit.asp -o dbit-so-shortest-packed.asp del shortest-state shortest-counts rem now protect client-side scripts vbs-obfus -s none -n none -i shortest,countupdate=1,countsfile=shortest-counts -E html,pack-html=1 dbit-so-shortest-packed.asp -x ../dbit-exceptions -o dbit-o-shortest-packed.asp vbs-obfus -s none -n none -i shortest,countupdate=0,statefile=shortest-state,countsfile=shortest-counts -E html,pack-html=1 dbit-so-shortest-packed.asp -x dbit-exceptions -o dbit-o-shortest-packed.asp del shortest-state shortest-counts
Protecting only client-side scripts in ASP files
In previous samples with our guestbook we've shown protecting both server-side and client-side scripts in ASP page, by protecting server-side scripts during the first stage and protecting client-side scripts during the second one. The need to protect only client-side scripts in ASP pages is very common, and it's satisfied very easily too.Here is a version of guestbook with only client-side scripts protected, by running Please note that server-side scripts embedded inside string constants of client-side scripts are handled correctly. Extra white spaces in html were eliminated (due to presence of pack-html=1 option for html extractor in the commandline):
<%@ Language=VBScript %> <html> <head> <%
Dim srvnm
srvnm = Request.ServerVariables("SERVER_NAME")
%> <title>Trivial guestbook at <%= srvnm %></TITLE> </HEAD> <!-- plain html comment. It will be automatically removed. --> <script language=javascript><!--
//example of script on different scripting language
function validateEmail(email)
{
return email.indexOf('@')==-1 ? false : true;
}
--></script> <script language=vbscript><!--
sub z07963686ea():Dim z320685341b:Set _
z320685341b=document.forms.MainForm:
if NOT validateEmail(z320685341b.email.value) then
alert("Email address you've entered is not valid"):exit sub:
end if:
if len(z320685341b.email.value)=(&h4f0+5154-&H1912) then
alert("Posting anonymous comments on <%= srvnm %> is prohibitted!"):exit sub:
end if:
if confirm("Owners of <%= srvnm %> require not to "& _
"post offensive comments. Does you post agree with their "&"requirements?") then
z320685341b.submit():
else::
end if:
end sub
--></script> <form method="post" name="MainForm"> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right">Name:</td><td><input type="text" size="50" name="name" value="" maxlength="60"></td></tr> <tr><td align="right">Email:</td><td><input type="text" size="50" name="email" value="" maxlength="100"></td></tr> <tr><td valign="top" align="right">Comments:</td><td><textarea name="comments" rows="4" cols="40" wrap="virtual"></textarea></td></tr> <tr><td> </td><td><input type="button" value="Submit" onclick="z07963686ea()"><input type="reset" value="Clear"></td></tr> </table> </form> <script language=vbscript runat=server>
'this sub adds comment to the table
sub addcomment(ByRef objrs,ByVal m)
dim nm, email, cmnt, d
nm = Request.Form("name")
email = Request.Form("email")
cmnt = Request.Form("comments")
d = now()
if len(nm) > 1 and len(email) > 1 and len(cmnt) > 1 then
objRS.AddNew
objrs("name") = nm
objrs("email") = email
objrs("comments") = cmnt
objrs("date") = d
objrs("id") = m
objRS.Update
end if
end sub
function q(s)
q = Server.HTMLEncode(s)
end function
</script> <%
strConnect = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source="& _
Server.MapPath("guestbook.mdb")
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.open strConnect
Set objRS = Server.CreateObject("ADODB.RecordSet")
objRS.open "select * from guestbook order by date",objConn,2,2
dim m
if objRS.BOF and objRS.EOF then
m = 1
else
Set maxid = Server.CreateObject("ADODB.RecordSet")
maxid.open "select max(id) from guestbook",objConn,2,2
m = maxid(0) + 1
end if
call addcomment(objRS, m)
if objrs.BOF and objrs.EOF then
Response.Write "<B><center>Sorry, Currently There are No Records in the Database</center></B>"
%> <br> <hr size="2" width="80%"> <br> <%
else
objrs.MoveLast
Do While NOT objrs.bof
%> <table border="0" cellpadding="2" cellspacing="0"> <tr><td align="right"><b>Name:</b></td><td><%= q(objrs("name")) %></td></tr> <tr><td align="right"><b>Email:</b></td><td><a href="mailto:<%= objrs("email")%>"><%= objrs("email")%></a></td></tr> <tr><td valign="top" align="right"><b>Comments:</b></td><td width="500"><%= q(objrs("comments")) %></td></tr> <tr><td></td><td><font size="2"><%= q(objrs("date"))%></font></td></tr> </table> <br> <hr size="2" width="80%"> <br> <%
objrs.MovePrevious
loop
end if
%> <p><a href="http://<%= srvnm %>">Back to homepage</a></P> </BODY> </HTML>
Commandline used was:
vbs-obfus -E html,pack-html=1 dbit.asp -x dbit-exceptions -o dbit-simple-cliside-packed.asp
See more VBScript and ASP obfuscation samples and VBScript obfuscation presets available in VBScript and ASP Obfuscator.
