ASP code encrypt hide webshell-vulnerability warning-the black bar safety net

2009-11-24T00:00:00
ID MYHACK58:62200925383
Type myhack58
Reporter 佚名
Modified 2009-11-24T00:00:00

Description

In order to your webshell and more covert! The following will tell you how the ASP code encryption! First of all ASP code is generally plain text, very few encryption, MS have a tool Script Encoder can be encrypted, this stuff can be the official Microsoft site for free download, and there are detailed instructions for use, but after it encrypted the file will have, the administrator to see that sentence know that the asp file is encrypted. But also have the relevant decryption file. This article provides a simple method, you can encrypt ASP code, The main idea is to code to do some operation, such as the all of the code moved a bit, basically even with encryption, the main encryption and decryption functions are as follows: Cr2

function UnEncode(temp) Cr2 but=1 Cr2 for i =1 to len(temp) Cr2 if mid(temp,i,1)<>"soup" then Cr2 pk=asc(mid(temp,i,1))-but Cr2 if pk>1 2 6 then Cr2 pk=pk-9 5 Cr2 elseif pk<3 2 then Cr2 pk=pk+9 5 Cr2 end if Cr2 a=a&chr(pk) Cr2 else Cr2 a=a&vbcrlf Cr2 end if Cr2 next Cr2 UnEncode=a Cr2 end function Cr2 function Encode(temp) Cr2 but=1 Cr2 cc=replace(temp,vbcrlf,"soup") Cr2 for i= 1 to len(cc) Cr2 if mid(cc,i,1)<>"soup" then Cr2 pk=asc(mid(cc,i,1))+but Cr2 if pk>1 2 6 then Cr2 pk=pk-9 5 Cr2 elseif pk<3 2 then Cr2 pk=pk+9 5 Cr2 end if Cr2 a=a&chr(pk) Cr2 else Cr2 a=a& amp;"Tang" Cr2 end if Cr2 next Cr2 ’a=replace(a,"""","""""") Cr2 Encode=a Cr2 end function Cr2

In development, usually when the critical ASP code Encode, and then use the Excute(Uncode(ipaddr))to perform on it. So administrators generally can not directly see the key code, generally in the program do not bring the Encode function only at development time, in addition, UnEncode can also be changed to other function name. Cr2

This way the encryption is relatively simple, the decryption is also very easy. Cr2