Encrypting?

Discussion in 'ASP General' started by Paulo, Jul 24, 2009.

  1. Paulo

    Paulo Guest

    Hi, I saw a MS application to encrypt/hide the asp classic source code. But
    it was a long time ago.

    Do you know it? Do you use it? How do I download it? If you have the link
    please send me.

    Thanks
     
    Paulo, Jul 24, 2009
    #1
    1. Advertising

  2. Paulo

    Bob Barrows Guest

    Paulo wrote:
    > Hi, I saw a MS application to encrypt/hide the asp classic source
    > code. But it was a long time ago.
    >
    > Do you know it? Do you use it? How do I download it? If you have the
    > link please send me.
    >

    Don't bother with it. It only "hides" the code from the honest guys. If you
    must, try googling "script encrypter". Hint: you will get more hits if you
    google "script decrypter".

    --
    Microsoft MVP - ASP/ASP.NET - 2004-2007
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows, Jul 24, 2009
    #2
    1. Advertising

  3. Paulo

    Paulo Guest

    I found it Bob:
    http://msdn.microsoft.com/en-us/library/cbfz3598(VS.85).aspx
    SRCENC.exe

    Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
    machine to use it.
    I'll have to move to asp.net to preserve my source. I did not want to, but
    no choice.

    Thanks


    "Bob Barrows" <> escreveu na mensagem
    news:...
    > Paulo wrote:
    >> Hi, I saw a MS application to encrypt/hide the asp classic source
    >> code. But it was a long time ago.
    >>
    >> Do you know it? Do you use it? How do I download it? If you have the
    >> link please send me.
    >>

    > Don't bother with it. It only "hides" the code from the honest guys. If
    > you must, try googling "script encrypter". Hint: you will get more hits if
    > you google "script decrypter".
    >
    > --
    > Microsoft MVP - ASP/ASP.NET - 2004-2007
    > Please reply to the newsgroup. This email account is my spam trap so I
    > don't check it very often. If you must reply off-line, then remove the
    > "NO SPAM"
    >
     
    Paulo, Jul 24, 2009
    #3
  4. Paulo

    Bob Barrows Guest

    You will NOT be preserving your source. Even (especially) with .Net

    Paulo wrote:
    > I found it Bob:
    > http://msdn.microsoft.com/en-us/library/cbfz3598(VS.85).aspx
    > SRCENC.exe
    >
    > Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
    > machine to use it.
    > I'll have to move to asp.net to preserve my source. I did not want
    > to, but no choice.
    >
    > Thanks
    >
    >
    > "Bob Barrows" <> escreveu na mensagem
    > news:...
    >> Paulo wrote:
    >>> Hi, I saw a MS application to encrypt/hide the asp classic source
    >>> code. But it was a long time ago.
    >>>
    >>> Do you know it? Do you use it? How do I download it? If you have the
    >>> link please send me.
    >>>

    >> Don't bother with it. It only "hides" the code from the honest guys.
    >> If you must, try googling "script encrypter". Hint: you will get
    >> more hits if you google "script decrypter".
    >>
    >> --
    >> Microsoft MVP - ASP/ASP.NET - 2004-2007
    >> Please reply to the newsgroup. This email account is my spam trap so
    >> I don't check it very often. If you must reply off-line, then remove
    >> the "NO SPAM"


    --
    Microsoft MVP - ASP/ASP.NET - 2004-2007
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows, Jul 24, 2009
    #4
  5. Paulo

    Paulo Guest

    Why not? Thanks

    "Bob Barrows" <> escreveu na mensagem
    news:%23mP%...
    > You will NOT be preserving your source. Even (especially) with .Net
    >
    > Paulo wrote:
    >> I found it Bob:
    >> http://msdn.microsoft.com/en-us/library/cbfz3598(VS.85).aspx
    >> SRCENC.exe
    >>
    >> Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
    >> machine to use it.
    >> I'll have to move to asp.net to preserve my source. I did not want
    >> to, but no choice.
    >>
    >> Thanks
    >>
    >>
    >> "Bob Barrows" <> escreveu na mensagem
    >> news:...
    >>> Paulo wrote:
    >>>> Hi, I saw a MS application to encrypt/hide the asp classic source
    >>>> code. But it was a long time ago.
    >>>>
    >>>> Do you know it? Do you use it? How do I download it? If you have the
    >>>> link please send me.
    >>>>
    >>> Don't bother with it. It only "hides" the code from the honest guys.
    >>> If you must, try googling "script encrypter". Hint: you will get
    >>> more hits if you google "script decrypter".
    >>>
    >>> --
    >>> Microsoft MVP - ASP/ASP.NET - 2004-2007
    >>> Please reply to the newsgroup. This email account is my spam trap so
    >>> I don't check it very often. If you must reply off-line, then remove
    >>> the "NO SPAM"

    >
    > --
    > Microsoft MVP - ASP/ASP.NET - 2004-2007
    > Please reply to the newsgroup. This email account is my spam trap so I
    > don't check it very often. If you must reply off-line, then remove the
    > "NO SPAM"
    >
     
    Paulo, Jul 24, 2009
    #5
  6. Paulo

    Bob Barrows Guest

    Because it's the nature of the beast. Anyone with Reflector (and this isn't
    even required) can rebuild a dll's source code.
    Face it, there is nothing you can do in ASP, or ASP.Net, that someone else
    can't do. It's just not that hard to do.

    There is no point to even thinking about "protecting" your source code.

    Protect your sensitive data in other places.

    Incidently, that is one place where classic ASP has .Net beat: if one
    creates a COM dll, it is much harder to reverse-engineer what's in that dll.
    Not to say it's impossible, but the result will never be exactly what your
    source contains. Not that it really matters: there is nothing you can do
    with ASP that someone else can't do. You can only protect yourself against
    honest people. And you know what? You don't have to do ANYTHING to protect
    yourself against honest people. :)



    Paulo wrote:
    > Why not? Thanks
    >
    > "Bob Barrows" <> escreveu na mensagem
    > news:%23mP%...
    >> You will NOT be preserving your source. Even (especially) with .Net
    >>
    >> Paulo wrote:
    >>> I found it Bob:
    >>> http://msdn.microsoft.com/en-us/library/cbfz3598(VS.85).aspx
    >>> SRCENC.exe
    >>>
    >>> Unfortunately does NOT work on my XP SP3. I had to connect on a
    >>> win2k machine to use it.
    >>> I'll have to move to asp.net to preserve my source. I did not want
    >>> to, but no choice.
    >>>
    >>> Thanks
    >>>
    >>>
    >>> "Bob Barrows" <> escreveu na mensagem
    >>> news:...
    >>>> Paulo wrote:
    >>>>> Hi, I saw a MS application to encrypt/hide the asp classic source
    >>>>> code. But it was a long time ago.
    >>>>>
    >>>>> Do you know it? Do you use it? How do I download it? If you have
    >>>>> the link please send me.
    >>>>>
    >>>> Don't bother with it. It only "hides" the code from the honest
    >>>> guys. If you must, try googling "script encrypter". Hint: you will
    >>>> get more hits if you google "script decrypter".
    >>>>
    >>>> --
    >>>> Microsoft MVP - ASP/ASP.NET - 2004-2007
    >>>> Please reply to the newsgroup. This email account is my spam trap
    >>>> so I don't check it very often. If you must reply off-line, then
    >>>> remove the "NO SPAM"

    >>
    >> --
    >> Microsoft MVP - ASP/ASP.NET - 2004-2007
    >> Please reply to the newsgroup. This email account is my spam trap so
    >> I don't check it very often. If you must reply off-line, then remove
    >> the "NO SPAM"


    --
    Microsoft MVP - ASP/ASP.NET - 2004-2007
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows, Jul 24, 2009
    #6
  7. Paulo

    Paulo Guest

    Bob Barrows wrote:

    > Because it's the nature of the beast. Anyone with Reflector (and this
    > isn't even required) can rebuild a dll's source code. Face it, there
    > is nothing you can do in ASP, or ASP.Net, that someone else can't do.
    > It's just not that hard to do.
    >
    > There is no point to even thinking about "protecting" your source
    > code.
    >
    > Protect your sensitive data in other places.
    >
    > Incidently, that is one place where classic ASP has .Net beat: if one
    > creates a COM dll, it is much harder to reverse-engineer what's in
    > that dll. Not to say it's impossible, but the result will never be
    > exactly what your source contains. Not that it really matters: there
    > is nothing you can do with ASP that someone else can't do. You can
    > only protect yourself against honest people. And you know what? You
    > don't have to do ANYTHING to protect yourself against honest people.
    > :)
    >
    >
    >
    > Paulo wrote:
    > > Why not? Thanks
    > >
    > >"Bob Barrows" <> escreveu na mensagem
    > > news:%23mP%...
    > > > You will NOT be preserving your source. Even (especially) with
    > > > .Net
    > > >
    > > > Paulo wrote:
    > > > > I found it Bob:
    > > > > http://msdn.microsoft.com/en-us/library/cbfz3598(VS.85).aspx
    > > > > SRCENC.exe
    > > > >
    > > > > Unfortunately does NOT work on my XP SP3. I had to connect on a
    > > > > win2k machine to use it.
    > > > > I'll have to move to asp.net to preserve my source. I did not
    > > > > want to, but no choice.
    > > > >
    > > > > Thanks
    > > > >
    > > > >
    > >>>"Bob Barrows" <> escreveu na mensagem
    > > > > news:...
    > > > > > Paulo wrote:
    > > > > > > Hi, I saw a MS application to encrypt/hide the asp classic
    > > > > > > source code. But it was a long time ago.
    > > > > > >
    > > > > > > Do you know it? Do you use it? How do I download it? If you
    > > > > > > have the link please send me.
    > > > > > >
    > > > > > Don't bother with it. It only "hides" the code from the honest
    > > > > > guys. If you must, try googling "script encrypter". Hint: you
    > > > > > will get more hits if you google "script decrypter".
    > > > > >
    > > > > > --
    > > > > > Microsoft MVP - ASP/ASP.NET - 2004-2007
    > > > > > Please reply to the newsgroup. This email account is my spam
    > > > > > trap so I don't check it very often. If you must reply
    > > > > > off-line, then remove the "NO SPAM"
    > > >
    > > > --
    > > > Microsoft MVP - ASP/ASP.NET - 2004-2007
    > > > Please reply to the newsgroup. This email account is my spam trap
    > > > so I don't check it very often. If you must reply off-line, then
    > > > remove the "NO SPAM"


    Are you saying that the MS languages/platforms are not secure? The
    asp.net generates a dll, so it can be decompiled? 100% reliable?
    And the classic asp encrypted by the MS utility can also be easily
    decrypted? Are you sure man?

    What to trust?

    Many thanks!

    --
     
    Paulo, Jul 25, 2009
    #7
  8. Paulo

    Bob Barrows Guest

    Paulo wrote:
    > Bob Barrows wrote:
    >
    >> Because it's the nature of the beast. Anyone with Reflector (and this
    >> isn't even required) can rebuild a dll's source code. Face it, there
    >> is nothing you can do in ASP, or ASP.Net, that someone else can't do.
    >> It's just not that hard to do.
    >>
    >> There is no point to even thinking about "protecting" your source
    >> code.
    >>
    >> Protect your sensitive data in other places.
    >>
    >> Incidently, that is one place where classic ASP has .Net beat: if one
    >> creates a COM dll, it is much harder to reverse-engineer what's in
    >> that dll. Not to say it's impossible, but the result will never be
    >> exactly what your source contains. Not that it really matters: there
    >> is nothing you can do with ASP that someone else can't do. You can
    >> only protect yourself against honest people. And you know what? You
    >> don't have to do ANYTHING to protect yourself against honest people.
    >> :)

    > Are you saying that the MS languages/platforms are not secure? The


    What is the relevance of "platforms" here? And why limit the question to
    "MS"? Are you telling me that there are uncrackable encrypters for other
    scripting languages?

    See
    http://www.microsoft.com/technet/scriptcenter/resources/qanda/mar06/hey0309.mspx

    > asp.net generates a dll, so it can be decompiled? 100% reliable?


    There are obfuscators that make the process harder, but even then, it is
    possible for a determined person to reverse-engineer a .Net dll. Again, it's
    the nature of the beast.

    Real md5 encryption is possible for data contained in source code, but it's
    not practical to truly encrypt source code.

    > And the classic asp encrypted by the MS utility can also be easily
    > decrypted? Are you sure man?


    Of course I am. Did you not do the google I suggested for script decrypters?
    Actually, "script decoder" gives better results. Here's one:
    http://www.greymagic.com/security/tools/

    If you use a real encrypter on your script, good luck getting it to run.

    --
    Microsoft MVP - ASP/ASP.NET - 2004-2007
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows, Jul 25, 2009
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Marshall Dudley

    encrypting and decrypting with perl

    Marshall Dudley, Jan 27, 2005, in forum: Perl
    Replies:
    1
    Views:
    769
    Brian McCauley
    Jan 27, 2005
  2. Onur Bozkurt

    encrypting query string

    Onur Bozkurt, Jul 23, 2003, in forum: ASP .Net
    Replies:
    8
    Views:
    614
    Munsifali Rashid
    Jul 24, 2003
  3. Elliot M. Rodriguez

    Impersonation Question - Encrypting Passwords

    Elliot M. Rodriguez, Nov 4, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    411
    Elliot M. Rodriguez
    Nov 4, 2003
  4. Mohammad Samara

    Encrypting the source code

    Mohammad Samara, Dec 5, 2003, in forum: ASP .Net
    Replies:
    3
    Views:
    412
    Arun Ganesh [Microsoft MVP]
    Dec 5, 2003
  5. Rob Meade

    Securing/Encrypting QueryStrings

    Rob Meade, Jan 22, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    374
    Rob Meade
    Jan 22, 2004
Loading...

Share This Page