Windows Script Decoder

Conspiracy Home

Introduction
Download
Usage
Version History
Legal Stuff
Links
Feedback


Script Decoder is a simple Win32 command line executable that is used as follows:

scrdec18 <infile> <outfile> [-cp codepage] [-urldec|-htmldec]
    [-verbose] [-dumb]
There's no fancy stuff like wildcard support or overwriting the input file with the output file. If you really want to do that, just use the DOS for command:
md decoded
for %a in (*.asp) do scrdec18 %a decoded\%a
del *.asp
move decoded\*.asp .
rd decoded
Note that the FOR command does not support long file names on Windows 95/98/Me.
Alternatively, you can use this little VBScript that Gene Naftulyev sent me (thanks dude!), or the further improved version by Ninio Erez.

After running the decoder, you'll see that all garbled blocks of script, like
<%#@~^swIAAA==@#@&@!Z OJz@#@&zJ/WaX.kTtOŠ~8,,R~HbmDKdG0DP;W.wG.mYrW
PzVs~"ko4OkP]+knM\n9R@#@&0!x1OkKx~DrWHZWM.+1YAMGADv#`@#@&~,kW`%>
will have been decoded into their original form. Please note that you will still have to manually strip the '.Encode' out of the 'JScript.Encode' and 'VBScript.Encode' in the <script language=".."> tags!

The script decoder recognizes all encoded blocks that start with the sequence #@~^, so it will correctly decode 'plain files' that only contain script, ASP style blocks <%script%>, and <script language="...">script<script> blocks.

Starting with version 1.2, the script decoder has the ability to use different code pages so it can decode scripts that contain Asian characters. If you want to decode such scripts, just supply the code page identifier as the third parameter.
IdCode Page
932Japanese
936Chinese (Simplified)
950Chinese (Traditional)
949Korean (Wansung)
1361Korean (Johab)
If you want to decode scripts using another code page, then you do not need to specify it.

The -urldec switch allows you to do on-the-fly unescaping of scripts that have been URLEncoded. Such scripts contain characters that have been replaced by a percent sign and a hexadecimal number, for instance %76%61%72%20%72%69. They are usually unescaped by the JScript using the unescape() function. Supplying the -urldec switch to scrdec will save you this effort.

The -htmldec switch pretty much works the same way, only for &amp; style encoding.

There are two more switches. To get a better insight in the workings of the decoder, try -verbose. If you see the decoder skips an encoded block, this might be the result of the HTMLGuardian defeat mechanism. The decoder tries to be smart and recognize blocks that HTMLGuardian inserted in order to deceive it. Sometimes this results in scrdec skipping a genuine encoded block. To disable the defeat mechanism, pass the -dumb switch.

Sexy Lingerie   -   Stout en Lekker   -   Gewillige Sletjes   -   Extreme Sexfilmpjes   -   Gratis Sexfilmpjes   -