Board logo

标题: 网页制作中页面的加密和破解 [打印本页]
作者: admin    时间: 2008-1-19 23:24     标题: 网页制作中页面的加密和破解

当你在浏览网页时,看到一个很漂亮的特效,你查看源代码时看到的是一队乱码,那多扫兴呀!根据本人的研究,总结出了三种解密方法,与大家分享!!7 U: I; W- N7 x( L& a( W. {3 y

" @% e" M2 p" l, ~; Q& Z4 C* X7 c7 B4 Q0 B
方法一:
. A. [* L& ~- L
  h, [: i9 g3 F9 g3 @0 }
& x6 ~: Z) C( @2 X  有一种加密的办法是采用javascript的escape()函数,把某些符号、汉字等变成乱码,以达到迷惑人的目的。解密这种代码的办法是采用其反函数加以还原。下面是一个经过加密的例子:
% \* T+ {* \; G7 ?2 m. t, i$ l- S+ {- g' h9 V% k% n- I  g
<HTML>  s0 V" L# F1 C( }2 {$ y) c# w6 [
<SCRIPT LANGUAGE="javascript">
$ |, q+ Q- F, w0 m$ n" wvar Words ="%3Chtml%3E%3Cbody%20bgcolor%3D%22red%22%3E%3Cp%3E%u8FD9%u662F%u4F8B%u5B50%uFF01%uFF01%uFF1A%uFF09%3C/p%3E%3C/body%3E%3C/html%3E"
! M' K) x. x, B6 [& Yvar NewWords;
7 E% `% X. F" ]6 R! P$ ?NewWords = unescape(Words);
0 g5 h6 D5 |, \; F" Y( p. U" Cdocument.write(NewWords)
1 E6 s+ I9 ^% d' A' R  D$ j7 O6 j</SCRIPT>
1 W8 m6 C( f3 c<BODY>
3 L7 Z1 @* _+ C* t</BODY>
7 j5 v/ X) u, I3 l6 _, h0 q! ?</HTML>
2 K# O& n: e) z2 |6 o/ Y
9 K3 k$ p5 @4 M4 M& j6 C  这种文件最好解密,一看就明白,关键是unescape()函数起了还原源代码的作用。要想看到加密前的代码是什么样子,可以用下面的办法:
% E1 Q4 E; l5 P2 s3 {* x9 R! B" g" g& b2 h; Z$ g  d: m
<HTML><SCRIPT LANGUAGE="javascript">
8 m1 [2 y1 Y" V6 T+ qvar Words ="%3Chtml%3E%3Cbody%20bgcolor%3D%22red%22%3E%3Cp%3E%u8FD9%u662F%u4F8B%u5B50%uFF01%uFF01%uFF1A%uFF09%3C/p%3E%3C/body%3E%3C/html%3E"* Q4 R9 z5 L4 {! |8 r$ V* ?
var NewWords;8 V% Z$ z5 e* J
NewWords = unescape(Words);
0 E) M7 g( E& T$ C7 @& b1 Q' gNewWords=NewWords.toString();$ \/ D+ }# C  p( |
function password(){
9 t2 G2 T& w8 z4 P, Ndocument.pw.txtpw.value=NewWords;  }. G( P0 r; S, r: z
}% S+ s( R# C; U
</SCRIPT>: k( V( m7 w% M0 u* n* t
<BODY>
3 [( n* m" ]0 I$ C/ l<form name=pw>
7 n! b, G, j  P! E  C<input type=button onclick="password()" value="解密">
; c/ e( u$ l# b  Q<br>( M, c$ v  O, {4 J2 Z! R- K
<textarea name="txtpw" cols="100" rows="100"></textarea>
% x  M! q' o3 C3 W</form>9 a, y4 O: D( D& o( b" j% E
</BODY>' Y- X6 F' [6 ]* d) f' v
</HTML>
' u  e% c1 T0 d) m
, F3 T, A( J$ @4 w( n) f, H方法二:
2 [4 t4 P0 O/ y" |
/ D5 z# H; I$ W( t+ P; k" o/ \  有一个软件叫HTMLEncrypt.exe,它就是把源代码进行加密的软件,这个软件的加密的原理是把字符转换成Unicode代码。下面的例子是一个分帧的页面:; S/ E  h% S5 [! ]  i
; n2 p% x; e% n
<html><head><script>. o% v0 V! z/ C% g8 Q
function Carbosoft( s ) { var sRet=""; for(j=0; j< s.length; j++ ){ var n= s.charCodeAt(j); if (n>=8364) {n = 128;} sRet += String.fromCharCode( n - 3 ); } return( sRet ); }
4 s, |; F( Y" Fvar sJsCmds ="" +
5 n4 A" u$ ~, z"?kwpoA?khdgA?phwd#kwws0htxly@%Frqwhqw0W|sh%#frqwhqw@%wh{w2kwpo>#fkduvhw@lvr0;;8<04%A?wlwohAZHOFRPH?2wlwohA?phwd#qdph@%JHQHUDWRU%#frqwhqw@%Plfurvriw#IurqwSdjh#613%A?phwd#qdph@%Plfurvriw#Wkhph%#frqwhqw@%qrqh/#ghidxow%A?phwd#qdph@%Plfurvriw#Erughu%#frqwhqw@%qrqh/#ghidxow%A?2khdgA?iudphvhw#erughu@%3%#iudpherughu@%3%#urzv@%-/93%A##?iudph#qdph@%pdlq%#vuf@%xs1kwp%#vfuroolqj@%dxwr%A##?iudph#qdph@%rqolqh%#vuf@%grzq1kwp%#vfuroolqj@%qr%#qruhvl}h#wdujhw@%beodqn%A##?qriudphvA##?erg|A##?sAWklv#sdjh#xvhv#iudphv/#exw#|rxu#eurzvhu#grhvq*w#vxssruw#wkhp1#?2sA##?2erg|A##?2qriudphvA?2iudphvhwA?2kwpoA?irqw#froru@%&33333%A?s#doljq@%fhqwhu%A?vpdooA?irqw#idfh@%Wdkrpd%AWklv#iloh#zdv#hqfu|swhg#xvlqj#dq#xquhjlvwhuhg#yhuvlrq#ri#?d#kuhi@%kwws=22fduer{1wkhgqv1qhw2kwpohqfu|sw1kwp%AKWPO#Hqfu|sw#y413?2dA1?2irqwA?2vpdooA?2sA" +# {6 H( ^- t0 D, r. h6 J- _% i" V
"";
  M7 c6 a' a, Y  bvar s= Carbosoft( sJsCmds);
" C+ x) N* @$ Pdocument.write (s);2 W/ B& ~4 g; C$ j3 }- l
</script>; E+ P3 ?) I( R" _5 m
</head><body></body></html>
) r6 a) I! v$ c4 ~8 U6 X7 _/ W% U
* ~0 ]3 l0 Z# {  从上面可以看出,浏览器解释这写代码前,进行了还原,从而可以得到破解的方法如下:, p5 u& q' Q, ]6 |, K$ q
- T3 j# \' R; [. b" _& n0 W+ W
<script>+ e$ Y5 f0 I* A+ G& r
function Carbosoft( s ) { var sRet=""; for(j=0; j< s.length; j++ ){ var n= s.charCodeAt(j); if (n>=8364) {n = 128;} sRet += String.fromCharCode( n - 3 ); } return( sRet ); }
- ~/ `/ s1 b( g7 Vvar sJsCmds ="" +2 C! u2 a3 C% @" E+ s- L
"?kwpoA?khdgA?phwd#kwws0htxly@%Frqwhqw0W|sh%#frqwhqw@%wh{w2kwpo>#fkduvhw@lvr0;;8<04%A?wlwohAZHOFRPH?2wlwohA?phwd#qdph@%JHQHUDWRU%#frqwhqw@%Plfurvriw#IurqwSdjh#613%A?phwd#qdph@%Plfurvriw#Wkhph%#frqwhqw@%qrqh/#ghidxow%A?phwd#qdph@%Plfurvriw#Erughu%#frqwhqw@%qrqh/#ghidxow%A?2khdgA?iudphvhw#erughu@%3%#iudpherughu@%3%#urzv@%-/93%A##?iudph#qdph@%pdlq%#vuf@%xs1kwp%#vfuroolqj@%dxwr%A##?iudph#qdph@%rqolqh%#vuf@%grzq1kwp%#vfuroolqj@%qr%#qruhvl}h#wdujhw@%beodqn%A##?qriudphvA##?erg|A##?sAWklv#sdjh#xvhv#iudphv/#exw#|rxu#eurzvhu#grhvq*w#vxssruw#wkhp1#?2sA##?2erg|A##?2qriudphvA?2iudphvhwA?2kwpoA?irqw#froru@%&33333%A?s#doljq@%fhqwhu%A?vpdooA?irqw#idfh@%Wdkrpd%AWklv#iloh#zdv#hqfu|swhg#xvlqj#dq#xquhjlvwhuhg#yhuvlrq#ri#?d#kuhi@%kwws=22fduer{1wkhgqv1qhw2kwpohqfu|sw1kwp%AKWPO#Hqfu|sw#y413?2dA1?2irqwA?2vpdooA?2sA" +! @' @7 \2 i- b4 \0 ]1 ~) q; W
"";
& o9 n* N; _: t. N8 avar s= Carbosoft( sJsCmds);5 i: M4 J  C7 }  C/ |
</script>
3 \! n5 A8 S1 T- M; V/ o- S1 m<form name=qq>- R4 a$ r( J  I( ]' a
<textarea name=ww cols=100 rows=10></textarea>) O$ q/ K: Q1 M5 N6 {
<input onclick='ww.value=s' type=button value="解密">6 Q# g7 V, v/ r% H: o8 J
</form>4 w2 u* m1 B3 {; B- S2 d
0 }& _- e6 e1 p( C7 X4 ]
& `. ?$ i7 `9 j
方法三:9 V2 S, b! Y2 u0 ?% W" n

# b" s; o7 W. K  J: Q( N7 F  有一种加密方法是每行单独加密,还原起来比较复杂。看一个加密过的原文:  }  R& O! X5 T$ c. Y4 ]5 d
% k7 _" \8 L5 {4 c
<HTML>& j; P( }4 x& ^5 i" E/ G) W% G
<BODY>
0 @$ L  S! Q& h- R; p<SCRIPT LANGUAGE="javascript">
( @4 ^! \+ y9 g, T/ ^function Decode() {
4 Q% T3 }* e* H' d9 d, Xd("FrfmnD");d("FruyvDFgwhqjfWnyeseysuEXpydy%whqjf~J~XWghwEXfkjJpgXDFIgwhqjfD");d("FmufyWrffjKuieqdEX?klfulfK$ajuXWwklfulfEXfubfIrfmnGWwryhgufEsx}{~}XD");d("FfqfnuDejFIfqfnuD");d("FIruyvD");d("FxkvaD");d("FIxkvaD");d("FIrfmnD");d("W");return 0;}
- X2 z# s: [/ X0 H& @: m</SCRIPT>
# a. q2 p) Z7 m9 k7 n' B<SCRIPT LANGUAGE="javascript">% j$ j& Y( z4 e  H4 K, Y+ s* d
function d (enc) {document.write(codeIt(key,enc));}. ]- c5 L, D/ Y6 G# `3 h
var key = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\ \|#$%&\'()*+,-.\/:;<=>?@[\\]^_\t\`{}~\n";function codeIt (mC, eS) {var wTG, mcH = mC.length / 2, nS = "", dv;for (var x = 0; x < eS.length; x++) { wTG = mC.indexOf(eS.charAt(x));if (wTG > mcH) {dv = wTG - mcH; nS = nS + mC.charAt(48 - dv);}else {dv = mcH - wTG;nS = nS + mC.charAt(48 + dv);}}return nS;}
  F9 D  h1 i% \, p5 S$ w</SCRIPT>8 T8 w& |8 Z6 p  t9 s6 m7 a
<SCRIPT LANGUAGE="javascript">. e; h, G) v$ y1 T  E& t( ^
Decode();3 ]( s* e- P/ I
</SCRIPT>
( d- K! H* B/ W4 ^</BODY>& T: F, |2 a( H$ g  v5 ]( f
</HTML>
, K- y. }& A& p! J4 D
7 {% t* c3 \7 P  还原的时候,也必须每行单独解密,用下面的方法可以看到源代码:7 N' P  j" |3 U$ X/ ~$ e

  w$ w& C; u8 C# F5 j) d5 x0 c& p  O<HTML>
! L  L' U6 J3 K% M+ z<BODY>
9 o+ U* n  S& S! ~* Y0 \; C<SCRIPT LANGUAGE="javascript">, r3 P5 A: Y+ u
function Decode() {
  X- z# M$ M# c! f3 ~d("FrfmnD");d("FruyvDFgwhqjfWnyeseysuEXpydy%whqjf~J~XWghwEXfkjJpgXDFIgwhqjfD");d("FmufyWrffjKuieqdEX?klfulfK$ajuXWwklfulfEXfubfIrfmnGWwryhgufEsx}{~}XD");d("FfqfnuDejFIfqfnuD");d("FIruyvD");d("FxkvaD");d("FIxkvaD");d("FIrfmnD");d("W");return 0;}
2 I+ X7 x# \& f& y8 B- _+ s</SCRIPT>+ e9 c* K( x: ~( R
<SCRIPT LANGUAGE="javascript">! `3 z+ L! A9 g/ K  Z
function d (enc) {alert(codeIt(key,enc));}
- S: _3 E' q+ ^1 Pvar key = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\ \|#$%&\'()*+,-.\/:;<=>?@[\\]^_\t\`{}~\n";function codeIt (mC, eS) {var wTG, mcH = mC.length / 2, nS = "", dv;for (var x = 0; x < eS.length; x++) { wTG = mC.indexOf(eS.charAt(x));if (wTG > mcH) {dv = wTG - mcH; nS = nS + mC.charAt(48 - dv);}else {dv = mcH - wTG;nS = nS + mC.charAt(48 + dv);}}return nS;}
% ]1 F8 W7 Q+ Z</SCRIPT>
; M5 e$ Z  J. E. r! s3 [<SCRIPT LANGUAGE="javascript">" H8 U. P% K; d* }4 j
Decode();9 F$ d% j! R1 T# g
</SCRIPT>
# C9 ~! Y) S! M8 I4 e</BODY>- ?' |/ |* N# y; u8 L
</HTML>5 _  S- |7 ?  R. F4 |  v
, M, {9 s: I& M. x& u) R. m
  哈哈!!:=)是不是很精彩!!



欢迎光临 捌玖网络工作室 (http://89w.org/) Powered by Discuz! 7.2