| Author |
 Topic Search  Topic Options
|
neotrix 
Mod Builder Group
Joined: 09 November 2003
Location: Pakistan
Status: Offline
Points: 433
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: Encrypting ASP Code ?!?
Posted: 01 August 2004 at 3:43am |
Hello, Dose anyone noe how can i encrypt my ASP page before i give out its source files,
i just want the users to run the programe on their site, and not to edit it..
I downloaded one script from some site, and i was astonished to see its source, it is something like
<%#@~^7xMAAA==@#@&qW,1}KPv?d/bWU`rqd)9:k E#,rI, jn/kkKxcJ(dVDGEa)NskUE*#PP4x~IdaWUk+cD+9kMnmD`EVKorUcl/aE# @#@&q6~)waVbmCYrG `Ef8ETorUTJ#xomVd+,P4+U,r P 2MDK.PM+dEs+~U6Y@#@&q6Pba2sk1lDkGxcEtlab1^W!xOdr#@!@*Er P)1G~vb2aVbmlDkKU`r1;:zm^G!xYkE#,@*',)2w^k1lOkGUvJ\lX)m1W;UD /Jbb,K4+ ~tlazm1WE Yk]+mm4+9'P.!+PAs/PHma)m1W!xO/ ]nmm4+9xsmVdn@#@&@#@&9b:~1!hBKGD1!:~!/.Vb/O@#@& lxJ1l/cI;EdO`rlr#b@#@&;k+.'"n;!+dOvJEdnMJb@#@&!MW ;aqG'I;!n/D`EMMW;2&fJ*@#@&@#@&q6~C'rJ,Y4+U@#@&a mp;djtKAsKDh@#@&2Vdn&0~l{E^kdDJ,Ytx@#@&ddkdY`/n .k@#@&As/q0,CxJNbYEPO4x@#@&i3NbY@#@&AV/n(6PC' rdm\nrPDt+ @#@&7?m\n@#@&2sdq0,C'rPNs~J,K4+U@# @&7G+sP`d+M@#@&3^/+(W,lxJ [bYLMW!w0KDsEP:tnx@#@&7(6P?d/bWxvE(/zNskUJb~:tnx,3NbY!.KEwoGM:@#@&Ask+(6Pm'JNbOoMW;wrPP4x@#@&7:{I+$;n/D`r:E#@#@&iqWPsxJG+snD+J~P4+UP@#@&id(6PU+/kkKU`rqdb9:rUr#P:4+ Pfs!DKEaP!DG;aq9P@#@&dAVdn@#@&d739kOMMG!w~VDKEw&f@#@&dAx[P&0@#@&AV/(0,l'rdC\oMW;wE~:tnx@#@&dUl-nVDW;2,M.W!2&f@#@&2^/+&0,C'r/4WSN8sKoJ,Ptx@#@&7(0,?/dkGUvJ(/z[:bxEb,KtnU,?4WS9~SGT@#@&2Vk+&WPm'ED/nO(lx9Ak9Ytr~Ptx@#@&7IndY$l [bNO4,j/n.@#@&3Vkn@#@&7"+kwW / MkO+,J(U7lVb[PmmYbGU),J,[~l@#@&Ax[P&W@#@&@#@&v[aa::[a:a[:[a:[a[aa[a[:a@#@&jj~P] nk+Y~Cx9k9O4``/Db@#@&v[a:a[:a[a::[aa::[a:a[:[a@#@& dU+Y,ZKUx{?nD7+. ;D+mO+}4L^O`rbGr9A /KxU+1OkKxEb@#@&P7/KxURtG9+~{%>
|
So how do i encode my ASP Page ?!? plus, is there any way to Decode this back ?!?
|
|
|
 |
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 01 August 2004 at 11:41am |
Try a google for "encrypt asp source". Often it's done through a server-side component which would be need to be installed on the other machines. Don't recall any free ones, but there may be some.
Another way of doing it is to create a dll containing the bulk of your code, but you'd probably have to rethink your app to be based upon classes, methods, and properties.
ASP.net may be your best bet.
|
Lead me not into temptation... I know the short cut, follow me.
|
|
ljamal
Mod Builder Group
Joined: 16 April 2003
Status: Offline
Points: 888
|
Post Options
Thanks(0)
Quote Reply
Posted: 01 August 2004 at 3:06pm |
|
Microsoft released an encryption program,but there are so many decryption programs for it that's only a n00b wouldn't be able to access your un-encrypted code.
|
|
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 01 August 2004 at 3:39pm |
The microsoft script encoder isn't much for security as ljamal said. It's kind of like removing whitespace and line breaks from your html to make your code harder to read - annoying but not effective.
If you do use the script encoder, convert the asp text files to unicode first so thay can be read on machines that have a different local than the one you encoded them on.
If you encode plain text scripts on a machine with an english local then try to run it on a machine with say an asian language local, they won't decode properly for execution.
Edited by dpyers
|
Lead me not into temptation... I know the short cut, follow me.
|
|
neotrix
Mod Builder Group
Joined: 09 November 2003
Location: Pakistan
Status: Offline
Points: 433
|
Post Options
Thanks(0)
Quote Reply
Posted: 02 August 2004 at 7:56am |
so ??
what do we conclude from this ??
meanz asp Cannot be encoded 
|
|
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 02 August 2004 at 8:25am |
Not reliably without a 3rd party component installed for the web server.
You best be would be to do the app as a .net application. You can then just distribute the dll and the code to display the pages. The logic will be embedded in the dll. Not impossible to decomplie a dll and read code, but a lot harder than ms script encoder.
You could use vb to create a dll to use with classic asp as I noted above, but the dll would need to be registered on the web server. With .net. you don't need to register.
Encoding/hiding the source is something that would normally be specified as a design goal. You would build the site around the constraints imposed by whatever tool/technology you decided to use for the encryption. Very hard to do it reliably after the code has been produced.
Edited by dpyers
|
Lead me not into temptation... I know the short cut, follow me.
|
|
neotrix
Mod Builder Group
Joined: 09 November 2003
Location: Pakistan
Status: Offline
Points: 433
|
Post Options
Thanks(0)
Quote Reply
Posted: 02 August 2004 at 9:42am |
|
no, but how could this neeed any componenct ?? i am running this over my PWS.. *without* any component ... i only downloaded it and its workign ?!?
|
|
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 02 August 2004 at 10:33am |
Windows script encoder doesn't need a component, but does need to be installed on the webserver the script will run on.
But as noted, it's not a reliable method. The more reliable script encoders are components that need to be installed, registered, and often configured..
|
Lead me not into temptation... I know the short cut, follow me.
|
|
