Obfustcate VBscript using VB.Net

Question

5.00/5 (1 vote)

See more:

Hello code project i need help how to convert this vbs code to vb.net :

VBS Encrypter :

Randomize
set fso = CreateObject("Scripting.FileSystemObject")
fileName = Inputbox("Enter Path of the File to scramble : ")
set src = fso.OpenTextfile(fileName,1)
body = src.readall
set rep = fso.createtextfile("Obfuscated.vbs",true)
rep.writeline "Execute(" & Obfuscate(body) & " ) "

Function Obfuscate(txt)
enc = ""
for i = 1 to len(txt)
enc = enc & "chr( " & form( asc(mid(txt,i,1)) ) & " ) & "
next
Obfuscate = enc & " vbcrlf "
End Function

Function form(n)

r = int(rnd * 10000)
k = int(rnd * 3)
if( k = 0) then ret = (r+n) & "-" & r
if( k = 1) then ret = (n-r) & "+" & r
if( k = 2) then ret = (n*r) & "/" & r
form = ret
End Function

above vbs code could to obfuscate another vbs file.. so no one can read the vbs original script because was obfuscated. now i want to convert above script to vb.net anybody can help me? or have suggestion how to obfuscate my vbs file using some algorithm? (i mean not using "screnc.exe C:\temp\test.vbs c:\temp\test.vbe")

below code is obfuscated vbs file, using above vbs code :

Execute(chr( 456127/3833 ) & chr( 817650/7110 ) & chr( 759429/7671 ) & chr( 834138/7317 ) & chr( 57960/552 ) & chr( 2549-2437 ) & chr( 1078568/9298 ) & chr( 5143-5097 ) & chr( -8682+8783 ) & chr( 529-430 ) & chr( 673088/6472 ) & chr( 761682/6862 ) & chr( 302336/9448 ) & chr( 9427-9393 ) & chr( 410176/3944 ) & chr( -5271+5372 ) & chr( 796608/7376 ) & chr( 2896-2788 ) & chr( 318792/2872 ) & chr( 1076-1042 ) &  vbcrlf  )

and this is the original vbs code :

wscript.echo "Hello"

Posted 27-May-13 2:22am

Gun Gun Febrianza

Updated 27-May-13 2:52am

v3

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

**Joezer BH** · Answer 1 · 2013-05-27T02:39:00

Solution 1

Here's an article on the subject:
VB.NET String Obfuscation Utility[^]

And here's some VB script that obfuscates a script file:
free-vbscript-obfuscator[^]

Cheers,
Edo

Posted 27-May-13 2:39am

Joezer BH

Updated 27-May-13 4:16am

v2

Comments

Gun Gun Febrianza 27-May-13 8:45am

will my vbs file still can executed when it was obfuscated?

Joezer BH 27-May-13 10:15am

No, it can't be executed like this unless you use the unobfuscate method.

See the following thread that provides script to obfuscate VBS, of course you can run the script that obfuscates from any .NET platform, that will in turn obfuscate the target script file:

http://stackoverflow.com/questions/4252419/free-vbscript-obfuscator

You could of course use an off the shelf obfuscator but I can't vouch for the performance and level of obfuscation.

Gun Gun Febrianza 27-May-13 8:53am

wscript.echo "helloworld" become "loolh heticwdrwle"oc.prs when i using that code so it will make my vbs not work.

Dave Kreskowiak · Answer 2 · 2013-05-27T04:13:00

If you can't convert that code to VB.NET you've got much bigger problems than worrying about obfuscating your VBScript code.

It's very simple. First block of code, up to "Function Obfuscate" just opens and reads the entire contents of a text file and opens a second file for writing. Then it writes the "Execute(" and closing ")" text.

The Obfuscate function just iterstaes over every single character in the text read and calls another function, form(n), to convert the ASCII value of the character to a simple math problem, in text form.

The form(n) function just randomly picks an operator for the math problem, and picks a number to become an operand of the math problem. It should be very obvious what it's doing.

This my be obfuscated on the surface, but it's very easily reversed and put back into its original form. This obfuscation technique gives the reader everything they need to know to reverse it. In my humble opinion, this technique is very weak and I wouldn't waste my time implementing it. On top of that, all it really does is make the .VBS file incredibly huge for what it does and greatly slow down the execution time.

It would take someone who knows what they're doing about 20 minutes, if they type slow, to come up with code that will reverse this.

...wow, I just found where you got this from too...