Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > Encrypting?

Reply
Thread Tools

Encrypting?

 
 
Paulo
Guest
Posts: n/a
 
      07-24-2009
Hi, I saw a MS application to encrypt/hide the asp classic source code. But
it was a long time ago.

Do you know it? Do you use it? How do I download it? If you have the link
please send me.

Thanks


 
Reply With Quote
 
 
 
 
Bob Barrows
Guest
Posts: n/a
 
      07-24-2009
Paulo wrote:
> Hi, I saw a MS application to encrypt/hide the asp classic source
> code. But it was a long time ago.
>
> Do you know it? Do you use it? How do I download it? If you have the
> link please send me.
>

Don't bother with it. It only "hides" the code from the honest guys. If you
must, try googling "script encrypter". Hint: you will get more hits if you
google "script decrypter".

--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
 
 
 
Paulo
Guest
Posts: n/a
 
      07-24-2009
I found it Bob:
http://msdn.microsoft.com/en-us/libr...8VS.85%29.aspx
SRCENC.exe

Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
machine to use it.
I'll have to move to asp.net to preserve my source. I did not want to, but
no choice.

Thanks


"Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
news:(E-Mail Removed)...
> Paulo wrote:
>> Hi, I saw a MS application to encrypt/hide the asp classic source
>> code. But it was a long time ago.
>>
>> Do you know it? Do you use it? How do I download it? If you have the
>> link please send me.
>>

> Don't bother with it. It only "hides" the code from the honest guys. If
> you must, try googling "script encrypter". Hint: you will get more hits if
> you google "script decrypter".
>
> --
> Microsoft MVP - ASP/ASP.NET - 2004-2007
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>



 
Reply With Quote
 
Bob Barrows
Guest
Posts: n/a
 
      07-24-2009
You will NOT be preserving your source. Even (especially) with .Net

Paulo wrote:
> I found it Bob:
> http://msdn.microsoft.com/en-us/libr...8VS.85%29.aspx
> SRCENC.exe
>
> Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
> machine to use it.
> I'll have to move to asp.net to preserve my source. I did not want
> to, but no choice.
>
> Thanks
>
>
> "Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
> news:(E-Mail Removed)...
>> Paulo wrote:
>>> Hi, I saw a MS application to encrypt/hide the asp classic source
>>> code. But it was a long time ago.
>>>
>>> Do you know it? Do you use it? How do I download it? If you have the
>>> link please send me.
>>>

>> Don't bother with it. It only "hides" the code from the honest guys.
>> If you must, try googling "script encrypter". Hint: you will get
>> more hits if you google "script decrypter".
>>
>> --
>> Microsoft MVP - ASP/ASP.NET - 2004-2007
>> Please reply to the newsgroup. This email account is my spam trap so
>> I don't check it very often. If you must reply off-line, then remove
>> the "NO SPAM"


--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
Paulo
Guest
Posts: n/a
 
      07-24-2009
Why not? Thanks

"Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
news:%23mP%(E-Mail Removed)...
> You will NOT be preserving your source. Even (especially) with .Net
>
> Paulo wrote:
>> I found it Bob:
>> http://msdn.microsoft.com/en-us/libr...8VS.85%29.aspx
>> SRCENC.exe
>>
>> Unfortunately does NOT work on my XP SP3. I had to connect on a win2k
>> machine to use it.
>> I'll have to move to asp.net to preserve my source. I did not want
>> to, but no choice.
>>
>> Thanks
>>
>>
>> "Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
>> news:(E-Mail Removed)...
>>> Paulo wrote:
>>>> Hi, I saw a MS application to encrypt/hide the asp classic source
>>>> code. But it was a long time ago.
>>>>
>>>> Do you know it? Do you use it? How do I download it? If you have the
>>>> link please send me.
>>>>
>>> Don't bother with it. It only "hides" the code from the honest guys.
>>> If you must, try googling "script encrypter". Hint: you will get
>>> more hits if you google "script decrypter".
>>>
>>> --
>>> Microsoft MVP - ASP/ASP.NET - 2004-2007
>>> Please reply to the newsgroup. This email account is my spam trap so
>>> I don't check it very often. If you must reply off-line, then remove
>>> the "NO SPAM"

>
> --
> Microsoft MVP - ASP/ASP.NET - 2004-2007
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>



 
Reply With Quote
 
Bob Barrows
Guest
Posts: n/a
 
      07-24-2009
Because it's the nature of the beast. Anyone with Reflector (and this isn't
even required) can rebuild a dll's source code.
Face it, there is nothing you can do in ASP, or ASP.Net, that someone else
can't do. It's just not that hard to do.

There is no point to even thinking about "protecting" your source code.

Protect your sensitive data in other places.

Incidently, that is one place where classic ASP has .Net beat: if one
creates a COM dll, it is much harder to reverse-engineer what's in that dll.
Not to say it's impossible, but the result will never be exactly what your
source contains. Not that it really matters: there is nothing you can do
with ASP that someone else can't do. You can only protect yourself against
honest people. And you know what? You don't have to do ANYTHING to protect
yourself against honest people.



Paulo wrote:
> Why not? Thanks
>
> "Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
> news:%23mP%(E-Mail Removed)...
>> You will NOT be preserving your source. Even (especially) with .Net
>>
>> Paulo wrote:
>>> I found it Bob:
>>> http://msdn.microsoft.com/en-us/libr...8VS.85%29.aspx
>>> SRCENC.exe
>>>
>>> Unfortunately does NOT work on my XP SP3. I had to connect on a
>>> win2k machine to use it.
>>> I'll have to move to asp.net to preserve my source. I did not want
>>> to, but no choice.
>>>
>>> Thanks
>>>
>>>
>>> "Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
>>> news:(E-Mail Removed)...
>>>> Paulo wrote:
>>>>> Hi, I saw a MS application to encrypt/hide the asp classic source
>>>>> code. But it was a long time ago.
>>>>>
>>>>> Do you know it? Do you use it? How do I download it? If you have
>>>>> the link please send me.
>>>>>
>>>> Don't bother with it. It only "hides" the code from the honest
>>>> guys. If you must, try googling "script encrypter". Hint: you will
>>>> get more hits if you google "script decrypter".
>>>>
>>>> --
>>>> Microsoft MVP - ASP/ASP.NET - 2004-2007
>>>> Please reply to the newsgroup. This email account is my spam trap
>>>> so I don't check it very often. If you must reply off-line, then
>>>> remove the "NO SPAM"

>>
>> --
>> Microsoft MVP - ASP/ASP.NET - 2004-2007
>> Please reply to the newsgroup. This email account is my spam trap so
>> I don't check it very often. If you must reply off-line, then remove
>> the "NO SPAM"


--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
Paulo
Guest
Posts: n/a
 
      07-25-2009
Bob Barrows wrote:

> Because it's the nature of the beast. Anyone with Reflector (and this
> isn't even required) can rebuild a dll's source code. Face it, there
> is nothing you can do in ASP, or ASP.Net, that someone else can't do.
> It's just not that hard to do.
>
> There is no point to even thinking about "protecting" your source
> code.
>
> Protect your sensitive data in other places.
>
> Incidently, that is one place where classic ASP has .Net beat: if one
> creates a COM dll, it is much harder to reverse-engineer what's in
> that dll. Not to say it's impossible, but the result will never be
> exactly what your source contains. Not that it really matters: there
> is nothing you can do with ASP that someone else can't do. You can
> only protect yourself against honest people. And you know what? You
> don't have to do ANYTHING to protect yourself against honest people.
>
>
>
>
> Paulo wrote:
> > Why not? Thanks
> >
> >"Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
> > news:%23mP%(E-Mail Removed)...
> > > You will NOT be preserving your source. Even (especially) with
> > > .Net
> > >
> > > Paulo wrote:
> > > > I found it Bob:
> > > > http://msdn.microsoft.com/en-us/libr...8VS.85%29.aspx
> > > > SRCENC.exe
> > > >
> > > > Unfortunately does NOT work on my XP SP3. I had to connect on a
> > > > win2k machine to use it.
> > > > I'll have to move to asp.net to preserve my source. I did not
> > > > want to, but no choice.
> > > >
> > > > Thanks
> > > >
> > > >
> >>>"Bob Barrows" <(E-Mail Removed)> escreveu na mensagem
> > > > news:(E-Mail Removed)...
> > > > > Paulo wrote:
> > > > > > Hi, I saw a MS application to encrypt/hide the asp classic
> > > > > > source code. But it was a long time ago.
> > > > > >
> > > > > > Do you know it? Do you use it? How do I download it? If you
> > > > > > have the link please send me.
> > > > > >
> > > > > Don't bother with it. It only "hides" the code from the honest
> > > > > guys. If you must, try googling "script encrypter". Hint: you
> > > > > will get more hits if you google "script decrypter".
> > > > >
> > > > > --
> > > > > Microsoft MVP - ASP/ASP.NET - 2004-2007
> > > > > Please reply to the newsgroup. This email account is my spam
> > > > > trap so I don't check it very often. If you must reply
> > > > > off-line, then remove the "NO SPAM"
> > >
> > > --
> > > Microsoft MVP - ASP/ASP.NET - 2004-2007
> > > Please reply to the newsgroup. This email account is my spam trap
> > > so I don't check it very often. If you must reply off-line, then
> > > remove the "NO SPAM"


Are you saying that the MS languages/platforms are not secure? The
asp.net generates a dll, so it can be decompiled? 100% reliable?
And the classic asp encrypted by the MS utility can also be easily
decrypted? Are you sure man?

What to trust?

Many thanks!

--

 
Reply With Quote
 
Bob Barrows
Guest
Posts: n/a
 
      07-25-2009
Paulo wrote:
> Bob Barrows wrote:
>
>> Because it's the nature of the beast. Anyone with Reflector (and this
>> isn't even required) can rebuild a dll's source code. Face it, there
>> is nothing you can do in ASP, or ASP.Net, that someone else can't do.
>> It's just not that hard to do.
>>
>> There is no point to even thinking about "protecting" your source
>> code.
>>
>> Protect your sensitive data in other places.
>>
>> Incidently, that is one place where classic ASP has .Net beat: if one
>> creates a COM dll, it is much harder to reverse-engineer what's in
>> that dll. Not to say it's impossible, but the result will never be
>> exactly what your source contains. Not that it really matters: there
>> is nothing you can do with ASP that someone else can't do. You can
>> only protect yourself against honest people. And you know what? You
>> don't have to do ANYTHING to protect yourself against honest people.
>>

> Are you saying that the MS languages/platforms are not secure? The


What is the relevance of "platforms" here? And why limit the question to
"MS"? Are you telling me that there are uncrackable encrypters for other
scripting languages?

See
http://www.microsoft.com/technet/scr...6/hey0309.mspx

> asp.net generates a dll, so it can be decompiled? 100% reliable?


There are obfuscators that make the process harder, but even then, it is
possible for a determined person to reverse-engineer a .Net dll. Again, it's
the nature of the beast.

Real md5 encryption is possible for data contained in source code, but it's
not practical to truly encrypt source code.

> And the classic asp encrypted by the MS utility can also be easily
> decrypted? Are you sure man?


Of course I am. Did you not do the google I suggested for script decrypters?
Actually, "script decoder" gives better results. Here's one:
http://www.greymagic.com/security/tools/

If you use a real encrypter on your script, good luck getting it to run.

--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Advertisments