Страницы

воскресенье, 30 сентября 2012 г.

VBShaker. Обфускация VBScript кода.

Написал сервис обфускации VBScript кода. На JavaScript.

HTA:
<html>
<head>
 <title>VBShaker - VBScript code obfuscation</title>
 <meta http-equiv=content-type content="text-html; charset=windows-1251">
    <meta http-equiv=MSThemeCompatible content=yes>
    <hta:application             
  icon=wscript.exe
        scroll=no
  windowstate=maximize
  version="1.0"
    >
</head>
<style type="text/css">
 textarea {width:49%; height:93%; font: normal 12px sans-serif}
 #scr1 {float:left;}
 #scr2 {float:right;}
 #btn,#btn1 {position:relative; font: bold 12px sans-serif; width:100px; height:25px; cursor:hand;}
 #btn {float:left; margin:0px 3px 3px 0px;}
 #btn1 {float:right; margin:0px 0px 3px 3px;}
 #tip {display:none; position:absolute; background:#fff; top:3px;left:110px; color:#000; padding:3px; font: bold italic 12px sans-serif;
  opacity:0.8;
  filter:alpha(opacity=80);
  filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=80);  
  -moz-opacity:0.8;  
 }
 #clr {clear:both;}
 #chk{float:left; position:relative;font: bold italic 12px sans-serif;}
 input {vertical-align:middle; margin:4px;}
 #min1,#max1,#proc1,#proc2 {height:18px; width:25px; font: bold 12px sans-serif;}
 #cr {font: bold italic 12px sans-serif; text-align: center;}
 
</style>

<script language="JavaScript"> 
 function mainFunction() {
  var arrLines;  
  if (document.all){
   arrLines = scr1.value.split("\r\n");
  }
  else {
   arrLines = scr1.value.split("\n");
  }
  var ret = validateValues();
  if (ret != "") {
   alert(ret);
   return;
  }  
  if (chk1.checked) {
   removeComments(arrLines);
  }  
  if (chk2.checked) {
   var nameArr = getVarName(arrLines);
   if (log1.checked) {
    var log = open("","","height=400,width=600");
    if (log != null) {
     var logHTML = ""
     for(var i=0; i<nameArr.length; i++) {   
      logHTML += nameArr[i][0] + " = " + nameArr[i][1] + "<br/>";    
     }    
     log.document.write(logHTML);
     log.focus();
    }
   }
  }
  scr2.value = "";  
  scr2.value = arrLines.join("\n");  
 } 
 function validateValues() { 
  var ret = "";  
  var temp = parseInt(min1.value);
  if (min1.value.search(/\D/)!=-1 || temp < 2 || temp > 255) {
   ret += "min char should be an integer between 2 and 255 \n";
  }
  temp = parseInt(max1.value);
  if (max1.value.search(/\D/)!=-1 || temp < 2 || temp > 255) {
   ret += "max char should be an integer between 2 and 255 \n";
  }
  temp = parseInt(proc1.value);
  if (proc1.value.search(/\D/)!=-1 || temp < 0 || temp > 100) {
   ret += "% letters should be an integer between 0 and 100 \n";
  }
  temp = parseInt(proc2.value);
  if (proc2.value.search(/\D/)!=-1  || temp < 0 || temp > 100) {
   ret += "% upper case should be an integer between 0 and 100 \n";
  }  
  return ret;
 }
 function getVarName(arrLines) {
  var nameArr = [];
  for(var i=0; i<arrLines.length; i++) {   
   if (arrLines[i].search(/\b(?:dim|const|sub|function|public|private|class|property)\b[^(?:\"|_$)]/i)!=-1 &&
    arrLines[i].search(/\b(?:end|class_initialize|class_terminate)\b/i)==-1) {    
    var temp = arrLines[i].replace(/\b(?:dim|const|public|private|sub|function|class|property|get|let|set)\b|\(|\)|,|\d|=.*?(?:,|'.*$|\brem\b.*$|$)/gi," ")
     .replace(/^\s+|\s+$/g,"").split(/\s+/);    
    for(var j=0; j<temp.length; j++) {     
     var nameFound = false;
      for(var k=0; k<nameArr.length; k++) {
       if(temp[j] == nameArr[k][0]) {
        nameFound = true;
        break;
       }
      }
     if(!nameFound) {      
      var newnameFound = true;
      while(newnameFound) {
       var tempName = getRandomName();
       for(var k=0; k<nameArr.length; k++) {
        if (tempName == nameArr[k][1]) {         
         break;
        }
       }
       if (checkRandomName(tempName)) {
        newnameFound = false;
       }
      }      
      nameArr.push([temp[j],tempName,new RegExp('\\b'+temp[j]+'\\b(?!")','g')]);           
     }
    }       
   }   
  }
  for(var i=0; i<arrLines.length; i++) {   
   for(var j=0; j<nameArr.length; j++) {
    arrLines[i] = arrLines[i].replace(nameArr[j][2],nameArr[j][1]);
   }
  }
  return nameArr;
 }
 function getRandomName() {
  var max = parseInt(max1.value);
  var min = parseInt(min1.value);
  var proc = parseInt(proc1.value);
  var procU = parseInt(proc2.value);
  var charArray = ["a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z","_"]  
  if (Math.random() < procU/100) {
   var retArr = [charArray[Math.floor(Math.random() * 26)].toUpperCase()];
  }
  else {
   var retArr = [charArray[Math.floor(Math.random() * 26)]];
  }
  var varLen = Math.floor(Math.random() * (max - min + 1)) + min;  
  for (i=1; i<varLen; i++) {
   if (Math.random() < proc/100) {
    if (Math.random() < procU/100) {
     retArr.push(charArray[Math.floor(Math.random() * 27)].toUpperCase());     
    }
    else {     
     retArr.push(charArray[Math.floor(Math.random() * 27)]);
    }    
   }
   else {
    retArr.push(Math.floor(Math.random() * 10));
   }
  }
  return retArr.join("");
 }
 function checkRandomName(name) {  
  if (name.substring(0,1) == "vb") {
   return false;
  }  
  var arr = ["dim","const","public","private","sub","function","class","property","get","let","set","class_initialize","class_terminate",
   "if","or","and","not","then","else","elseif","end","for","each","in","to","step","next","do","while","loop","until","wend","select","case","exit","with",
   "xor","err","call","on","error","resume","goto","redim","preserve","me","mod","rem","new","true","false","option","explicit",
   "date","dateadd","datediff","datepart","dateserial","datevalue","day","formatdatetime","hour","isdate","minute","month","monthname",
   "now","second","time","timer","timeserial","timevalue","weekday","weekdayname","year",
   "asc","cbool","cbyte","ccur","cdate","cdbl","chr","cint","clng","csng","cstr","hex","oct",
   "formatcurrency","formatdatetime","formatnumber","formatpercent",
   "abs","atn","cos","exp","int","fix","log","oct","rnd","sgn","sin","sqr","tan",
   "array","filter","isarray","join","lbound","split","ubound",
   "instr","instrrev","lcase","left","len","ltrim","rtrim","trim","mid","replace","right","space","strcomp","string","strreverse","ucase",
   "createobject","eval","getlocale","getobject","getref","inputbox","isempty","isnull","isnumeric","isobject","loadpicture","msgbox",
   "rgb","round","scriptengine","scriptenginebuildversion","scriptenginemajorversion","scriptengineminorversion","setlocale","typename","vartype"];     
  for(var i=0; i<arr.length; i++) {
   if(name == arr[i]) {
    return false;
   }
  }  
  return true;
 }
 function removeComments(arrLines) {  
  for(var i=0; i<arrLines.length; i++) {      
   arrLines[i] = arrLines[i].replace(/^\s+|^\s*(?:'|\brem\b).*$|(?:'|\brem\b)[^(?:\"|_$)].*$|\s+$/gi,"");      
   if (arrLines[i].search(/^\s*$/)!=-1) {
    arrLines.splice(i,1);
    i--;    
   }
  } 
 } 
 function clearFunction() {
  scr1.value = "";
  scr2.value = "";
  min1.value = "2";
  max1.value = "10";
  proc1.value = "60";
  proc2.value = "40";
  log1.checked = false;
 }
</script>

<body>
 <button id="btn" onclick="mainFunction()" onmouseover="tip.style.display = 'block'" onmouseout="tip.style.display = 'none'">S H A K E &nbsp;&nbsp;I T</button> 
 <div id="chk">
  <input id="chk1" type="checkbox" checked="checked" />remove comments
  <input id="chk2" type="checkbox" checked="checked" />rename explicitly declared variables
  <input id="min1" type="text" value="2" />min char
  <input id="max1" type="text" value="10" />max char
  <input id="proc1" type="text" value="60" />% letters
  <input id="proc2" type="text" value="40" />% upper case
  <input id="log1" type="checkbox" />log
 </div>
 <button id="btn1" onclick="clearFunction()">C L E A R</button>
 <span id="tip">don't break it, took me time to make it</span>
 <div id="clr"></div>
 <textarea id="scr1"></textarea>
 <textarea id="scr2"></textarea>
 <div id="cr">Copyright © by  <a href="http://www.daspot.ru">Anatoly Demidovich</a></div>
</body>
</html>