OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[Full-Disclosure] Online Script Decoder

From: GreyMagic Security (securitygreymagic.com)
Date: Tue Dec 07 2004 - 11:13:30 CST


Windows Script Encoder is a Microsoft tool to encode scripts so that "Web
hosts and Web clients cannot view or modify their source". It encodes the
content of script tags using a very simple encoding algorithm and renames
the scripts "language" attribute from "JScript" or "Javascript" to
"JScript.Encode" and from "VBScript" to "VBScript.Encode".

The online script decoder decodes scripts that were encoded with the
Microsoft Script Encoder (screnc.exe) from
http://www.microsoft.com/downloads/details.aspx?familyid=E7877F67-C447-4873-
B1B0-21F0626A6329&displaylang=en.

Recently, malicious attackers have started to use the Microsoft Script
Encoder in order to evade Anti-virus programs that rely on text-matching for
virus detection. Such encoded scripts also prevent advanced users from
immediately seeing that a script may be trying to exploit a vulnerability in
their browser.

Use this online decoding tool to quickly and automatically reveal the actual
code of any encoded pages and scripts. You can paste an entire page
containing any number of encoded sections or simply provide an encoded page
URL.

http://www.greymagic.com/security/tools/decoder/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html