looking for good javascript unescape encoder

M

mistral

David Dorward пиÑал(а):
mistral wrote:
Neeed good javascript unescape encoder, to protect javascript code.
Some advices?

-----------------------

<citation>
"The problem with all of these methods is that script is insecure. You
can't make insecure script secure by writing more script!"
</citation>

sorry, you dont understand me. I do not need security. I need obfuscate
script.
 
D

David Dorward

sorry, you dont understand me. I do not need security. I need obfuscate
script.

Why? To stop people from reading the source? So you want to SECURE the
source? So you need security?
 
M

mistral

David Dorward пиÑал(а):
Why? To stop people from reading the source? So you want to SECURE the
source? So you need security?

Can you answer on my_specific_question,_please???????
Do not mix the "security" and "preventing from reading source" . This
is completely different thing? No any secure in Internet. But it
possible obfuscate script a little, accurately and error-free, just
make for someone difficult to read and he will lazy spend time to
decode script.

Is there some good obfuscator script, unescape, or another? READY
script - online tool or desktop application.
 
M

Matt Kruse

mistral said:
Can you answer on my_specific_question,_please???????

You will not get much help here, as most knowledgable users realize that
javascript obfuscation is a complete waste of time.
 
M

mistral

Matt Kruse пиÑал(а):
You will not get much help here, as most knowledgable users realize that
javascript obfuscation is a complete waste of time.

I just amazed, its absolutely the wrong way, for me.
Well, is there a *normal* users, not highly "knowledgable users", which
capable think normally and can answer?

which from this two scripts is better, have more sense, etc:

http://dean.edwards.name/packer/
http://scriptasylum.com/tutorials/encdec/javascript_encoder.html

First script does not use ''unescape", second based on unesacpe.
 
P

pegasusflightresources

mistral said:
Matt Kruse пиÑал(а):


I just amazed, its absolutely the wrong way, for me.
Well, is there a *normal* users, not highly "knowledgable users", which
capable think normally and can answer?

which from this two scripts is better, have more sense, etc:

http://dean.edwards.name/packer/
http://scriptasylum.com/tutorials/encdec/javascript_encoder.html

First script does not use ''unescape", second based on unesacpe.

Dear sir,
If you wish to obfuscate some script, you will probably have to use
some kind of algorithm to encode the script. Through this algorithm,
you can then decode the obfuscated script to run it. I am not adept at
all in any creation of algorithm, but you can probably talk to your
local math major or something and ask for their advice. If you find
one, you can easily transform the written equations into JavaScript
quickly. It isn't exactly an already created script, but it is easy
enough to create.

I am sorry for the tangent, but that is what I will contribute.

I have the honor to remain your most humble and Ob't Sv't in our war
against the King.
 
L

Lasse Reichstein Nielsen

mistral said:
Can you answer on my_specific_question,_please???????
Do not mix the "security" and "preventing from reading source" . This
is completely different thing? No any secure in Internet. But it
possible obfuscate script a little, accurately and error-free, just
make for someone difficult to read and he will lazy spend time to
decode script.

Is there some good obfuscator script, unescape, or another?

What properties should it have? I.e., by what measure should it
be "good"? Anything that makes Javascript not immediately readable
should suffice as I understand you. Anything above that would
be aiming for security, not obfuscation, which you don't want.

A simple obfuscator is:
----
<textarea cols="72" rows="10" id="input">input here</textarea>
<br>
<input type="button" value="obfuscate" onclick="
function lz(s,n) {
s = '000' + s; // sufficient for n<=4.
return s.substring(s.length-n);
}
var inp = document.getElementById('input').value;
var scr = document.getElementById('script').checked;
var res = [];
if (scr) { res.push('<script type=\'text/javascript\'>'); }
res.push('eval(\'');
for(var i = 0; i < inp.length; i++) {
var c = inp.charCodeAt(i);
var ch = c.toString(16);
if (c < 256) {
res.push('\\x', lz(ch,2));
} else {
res.push('\\u', lz(ch,4));
}
}
res.push('\');');
if (scr) { res.push('<\/script>'); }
var out = document.getElementById('output');
out.value = res.join('');
out.select();
">
<input type="checkbox" id="script" checked="checked"><label for="script">include &lt;script...>...&lt/script></label>
<br>
<textarea cols="72" rows="10" id="output" readonly="readonly"></textarea>

----
Is it "good"? That depends entirely on your requirements.
It obviously obfuscates.


/L
 
M

mistral

Lasse Reichstein Nielsen пиÑал(а):
Can you answer on my_specific_question,_please???????
Do not mix the "security" and "preventing from reading source" . This
is completely different thing? No any secure in Internet. But it
possible obfuscate script a little, accurately and error-free, just
make for someone difficult to read and he will lazy spend time to
decode script.

Is there some good obfuscator script, unescape, or another?

What properties should it have? I.e., by what measure should it
be "good"? Anything that makes Javascript not immediately readable
should suffice as I understand you. Anything above that would
be aiming for security, not obfuscation, which you don't want.

A simple obfuscator is:
----
<textarea cols="72" rows="10" id="input">input here</textarea>
<br>
<input type="button" value="obfuscate" onclick="
function lz(s,n) {
s = '000' + s; // sufficient for n<=4.
return s.substring(s.length-n);
}
var inp = document.getElementById('input').value;
var scr = document.getElementById('script').checked;
var res = [];
if (scr) { res.push('<script type=\'text/javascript\'>'); }
res.push('eval(\'');
for(var i = 0; i < inp.length; i++) {
var c = inp.charCodeAt(i);
var ch = c.toString(16);
if (c < 256) {
res.push('\\x', lz(ch,2));
} else {
res.push('\\u', lz(ch,4));
}
}
res.push('\');');
if (scr) { res.push('<\/script>'); }
var out = document.getElementById('output');
out.value = res.join('');
out.select();
">
<input type="checkbox" id="script" checked="checked"><label
for="script">include &lt;script...>...&lt/script></label>
<br>
<textarea cols="72" rows="10" id="output"
readonly="readonly"></textarea>

----
Is it "good"? That depends entirely on your requirements.
It obviously obfuscates.

==============

well, I just wanted to hear opinions those users who uses or used some
obfuscators.

What is good? good obfuscator provide code that work on most
javascript enabled browsers, that will be able to open scrambled
documents without distortion. Making them extermely difficult to study,
analyse, reuse for users, while fully retaining functionality of the
original code.
The protected form will still be the usual script, thus it will work on
all platforms the original code worked on.
Obfuscation (scrambling) of JavaScript and JScript standalone files,
flexible settings for obfuscation that allow to fine-tune level of
scrambling(include unescape); checking of missing and/or extra
semicolons in JavaScript, JScript code; generate new non-understandable
names and rename functions and variables depending on user settings;
remove comments and white spaces, reducing the file size and minimizing
the loading time; pack the code as a long line add finishing ";" when
appropriate; work with command line.

I tried script sample you show, it not work.

Mistral
--------------------------
 
E

Evertjan.

mistral wrote on 22 jun 2006 in comp.lang.javascript:
Is there some good obfuscator script, unescape, or another? READY
script - online tool or desktop application.

===== obfuscatorScript.html ===========

<script type='text/obfuscatorScript' id='S'>
ine g = 'boshfpngbeFpevcg guebhtu EBG13';
g = 'Guvf vf n qrzb bs ' + g;
qbphzrag.jevgr(g);
</script>


<script type='text/javascript'>
var __b__ = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
__b__ = __b__ + __b__.substr(0,13);
__b__ = __b__ + __b__.toLowerCase();
var __a__=document.getElementById('S').text;
eval(__a__.replace(/(.)/g,
function(c){
return((d=__b__.indexOf(c))<0)?
c:__b__.charAt(d+13)}))
</script>

===========================

btw: eval is evil.
 
M

mistral

Evertjan. пиÑал(а):
mistral wrote on 22 jun 2006 in comp.lang.javascript:
Is there some good obfuscator script, unescape, or another? READY
script - online tool or desktop application.
----------------------------------------------------------

===== obfuscatorScript.html ===========

<script type='text/obfuscatorScript' id='S'>
ine g = 'boshfpngbeFpevcg guebhtu EBG13';
g = 'Guvf vf n qrzb bs ' + g;
qbphzrag.jevgr(g);
</script>


<script type='text/javascript'>
var __b__ = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
__b__ = __b__ + __b__.substr(0,13);
__b__ = __b__ + __b__.toLowerCase();
var __a__=document.getElementById('S').text;
eval(__a__.replace(/(.)/g,
function(c){
return((d=__b__.indexOf(c))<0)?
c:__b__.charAt(d+13)}))
</script>

===========================

btw: eval is evil.
 
E

Evertjan.

mistral wrote on 27 jun 2006 in comp.lang.javascript:
Evertjan. пиÑал(а):


----------------------------------------------------------

===== obfuscatorScript.html ==========
<script type='text/obfuscatorScript' id='S'>
ine g = 'boshfpngbeFpevcg guebhtu EBG13';
g = 'Guvf vf n qrzb bs ' + g;
qbphzrag.jevgr(g);
</script>


<script type='text/javascript'>
var __b__ = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
__b__ = __b__ + __b__.substr(0,13);
__b__ = __b__ + __b__.toLowerCase();
var __a__=document.getElementById('S').text;
eval(__a__.replace(/(.)/g,
function(c){
return((d=__b__.indexOf(c))<0)?
c:__b__.charAt(d+13)}))
</script>

==========================
btw: eval is evil.


and how to implement the snippet into some workable application (html)?

I do not intend to write all your code,
you will have to do something yourself.

This NG is about javascript, not html as such.
 
M

mistral

Evertjan. пиÑал(а):
mistral wrote on 27 jun 2006 in comp.lang.javascript:
Evertjan. пиÑал(а):

mistral wrote on 22 jun 2006 in comp.lang.javascript:

Is there some good obfuscator script, unescape, or another? READY
script - online tool or desktop application.
----------------------------------------------------------

===== obfuscatorScript.html ==========
<script type='text/obfuscatorScript' id='S'>
ine g = 'boshfpngbeFpevcg guebhtu EBG13';
g = 'Guvf vf n qrzb bs ' + g;
qbphzrag.jevgr(g);
</script>


<script type='text/javascript'>
var __b__ = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
__b__ = __b__ + __b__.substr(0,13);
__b__ = __b__ + __b__.toLowerCase();
var __a__=document.getElementById('S').text;
eval(__a__.replace(/(.)/g,
function(c){
return((d=__b__.indexOf(c))<0)?
c:__b__.charAt(d+13)}))
</script>

==========================
btw: eval is evil.


and how to implement the snippet into some workable application
(html)?
I do not intend to write all your code,
you will have to do something yourself.
This NG is about javascript, not html as such.
============================
Have someone advice for real good obfuscator script, not the script
caricature shown?
 
E

Evertjan.

mistral wrote on 28 jun 2006 in comp.lang.javascript:
and how to implement the snippet into some workable application
(html)?



Have someone advice for real good
obfuscator script, not the script caricature shown?

The one I showed you is all there is, because, as you were told,
obfuscation is easily defeated because the client has to be able to read
the original. My code shows that.

Be free to fill in another algorithm, ROT13 is just for demonstration.

btw, did your mother not teach you to say "thank you" when you get free
advice?

Usenet is not a payed helpdesk.
 
M

mistral

Evertjan. пиÑал(а):
mistral wrote on 28 jun 2006 in comp.lang.javascript:
and how to implement the snippet into some workable application
(html)?
you will have to do something yourself.

Have someone advice for real good
obfuscator script, not the script caricature shown?
The one I showed you is all there is, because, as you were told,
obfuscation is easily defeated because the client has to be able to read
the original. My code shows that.
Be free to fill in another algorithm, ROT13 is just for demonstration.

btw, did your mother not teach you to say "thank you" when you get free
advice?

Usenet is not a payed helpdesk.

Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
--------------------------------------------------


Your code is absolutely useless, its caricature. Yes, its a caricature.
To write a good code, a person must have at least 10-15 years of
intensive coding experience.

If you intended to show someone some code snippet, you must first very
good understand what user asks, what user want to know, what user want
to see. And, however, 10-15 years of intensive coding experience.
I'm a happy to get good advices, but not code caricature
 
R

Randy Webb

mistral said the following on 6/28/2006 11:40 AM:

Your code is absolutely useless, its caricature.

What is useless is your ability to determine whether code is useless or not.

If you had bothered testing the code you would know that.
Yes, its a caricature.

No, *you* are a caricature.
To write a good code, a person must have at least 10-15 years of
intensive coding experience.

Then you will never write good code. Besides, if that is your criteria,
you won't find "good code" written in Javascript.
If you intended to show someone some code snippet, you must first very
good understand what user asks, what user want to know, what user want
to see.

Bovine Excrement.
And, however, 10-15 years of intensive coding experience.
I'm a happy to get good advices, but not code caricature

You should take a course on Usenet and learn that this group is a
discussion group. You ask a question, it gets discussed. You get an
answer - great. You don't - get over it.

This is NOT your help desk.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,731
Messages
2,569,432
Members
44,832
Latest member
GlennSmall

Latest Threads

Top