页面导航：首页 → 网络编程 → JavaScript → 应用技巧 → 正文内容

静态网页加密

发布：dxy 发布日期：2006-11-14 字体：[增加减小] 类型：转载

前两天看见有人问静态网页加密问题，就写了这个代码
稍微有些长，解释一下思路：
加密时：先把用户的密钥A用md5加密为B,然后用B异或源文件S0得到目标文件S1，把S1存入js变量中。
解密时：询问密钥，然后操作同加密。
因为用了md5，个人认为没有密钥的时候是无法破解的（暴力除外）
大家试用一下

点击运行可以看到效果:

<html>  
<head>  
<title>Web Encoder</title>  
<style>  
body {  
    font-size:12px;  
    line-height:12px;  
    background-Color:buttonface;  
    border-width:0px;  
    overflow:auto;  
    margin:0px;  
    padding:4px;  
}

#t1, #t2 {  
    width:100%;  
    height:40%;  
    border-width:1px;  
    overflow:auto;  
    height:expression((document.body.clientHeight-100)/2);  
}

input {  
    border-width:1px;  
    padding-left:10px;  
    padding-right:10px;  
    margin:4px;  
}  
</style>  
<script>  
function webEncode(){  
    strSource=escape(XOR(t1.value,STR.md5(p1.value)));  
    //strSource=t1.value;  
    strOut="<script>\r\nstrHTML=\"\";\r\n";  
    for(var i=0;i+70<strSource.length;i+=70){  
        strOut+="strHTML+=\""+addSlash(strSource.substring(i,i+70))+"\";\r\n";  
    }  
    strOut+="strHTML+=\""+addSlash(strSource.substring(i,strSource.length))+"\";\r\n";  
    strOut+=XOR+"\r\n";  
      
    //below code load the STR object  
    strOut+="var STR =\r\n{\r\n\thexcase : 0,  \/* hex output format. 0 - lowercase; 1 - ";  
    strOut+="uppercase        *\/\r\n\tb64pad  : \"\", \/* base-64 pad character. \"=\" for ";  
    strOut+="strict RFC compliance   *\/\r\n\tchrsz   : 8,  \/* bits per input character";  
    strOut+=". 8 - ASCII; 16 - Unicode      *\/\r\n\t\r\n\tb64_hmac_md5:\r\n\t\tfunction(key, ";  
    strOut+="data) { return binl2b64(core_hmac_md5(key, data)); },\r\n\t\t\r\n\tb64_md5:\r\n";  
    strOut+="\t\tfunction(s){ return binl2b64(core_md5(str2binl(s), s.length * this.c";  
    strOut+="hrsz));},\r\n\t\t\r\n\tbinl2b64:\r\n\t\tfunction(binarray){\r\n\t\t  var tab = \"ABCDE";  
    strOut+="FGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+\/\";\r\n\t\t  var";  
    strOut+=" str = \"\";\r\n\t\t  for(var i = 0; i < binarray.length * 4; i += 3)\r\n\t\t  {";  
    strOut+="\r\n\t\t    var triplet = (((binarray[i   >> 2] >> 8 * ( i   %4)) & 0xFF) ";  
    strOut+="<< 16)\r\n\t\t                | (((binarray[i+1 >> 2] >> 8 * ((i+1)%4)) & ";  
    strOut+="0xFF) << 8 )\r\n\t\t                |  ((binarray[i+2 >> 2] >> 8 * ((i+2)%";  
    strOut+="4)) & 0xFF);\r\n\t\t    for(var j = 0; j < 4; j++)\r\n\t\t    {\r\n\t\t      if(i ";  
    strOut+="* 8 + j * 6 > binarray.length * 32) str += this.b64pad;\r\n\t\t      else ";  
    strOut+="str += tab.charAt((triplet >> 6*(3-j)) & 0x3F);\r\n\t\t    }\r\n\t\t  }\r\n\t\t  r";  
    strOut+="eturn str;\r\n\t\t},\r\n\t\t\r\n\tbinl2hex:\r\n\t\tfunction(binarray){\r\n\t\t  var hex_t";  
    strOut+="ab = this.hexcase ? \"0123456789ABCDEF\" : \"0123456789abcdef\";\r\n\t\t  var ";  
    strOut+="str = \"\";\r\n\t\t  for(var i = 0; i < binarray.length * 4; i++)\r\n\t\t  {\r\n\t\t";  
    strOut+="    str += hex_tab.charAt((binarray[i>>2] >> ((i%4)*8+4)) & 0xF) +\r\n\t\t";  
    strOut+="           hex_tab.charAt((binarray[i>>2] >> ((i%4)*8  )) & 0xF);\r\n\t\t ";  
    strOut+=" }\r\n\t\t  return str;\r\n\t\t},\r\n\t\r\n\tbinl2str:\r\n\t\tfunction(bin){\r\n\t\t  var st";  
    strOut+="r = \"\";\r\n\t\t  var mask = (1 << this.chrsz) - 1;\r\n\t\t  for(var i = 0; i <";  
    strOut+=" bin.length * 32; i += this.chrsz)\r\n\t\t    str += String.fromCharCode((";  
    strOut+="bin[i>>5] >>> (i % 32)) & mask);\r\n\t\t  return str;\r\n\t\t},\r\n\t\t\r\n\tbit_rol:";  
    strOut+="\r\n\t\tfunction(num, cnt){return (num << cnt) | (num >>> (32 - cnt));},\r\n";  
    strOut+="\t\t\r\n\tcore_hmac_md5:\r\n\t\tfunction(key, data){\r\n\t\t  var bkey = str2binl(k";  
    strOut+="ey);\r\n\t\t  if(bkey.length > 16) bkey = core_md5(bkey, key.length * this";  
    strOut+=".chrsz);\r\n\t\t\r\n\t\t  var ipad = Array(16), opad = Array(16);\r\n\t\t  for(var";  
    strOut+=" i = 0; i < 16; i++)\r\n\t\t  {\r\n\t\t    ipad[i] = bkey[i] ^ 0x36363636;\r\n\t\t";  
    strOut+="    opad[i] = bkey[i] ^ 0x5C5C5C5C;\r\n\t\t  }\r\n\t\t\r\n\t\t  var hash = core_md";  
    strOut+="5(ipad.concat(str2binl(data)), 512 + data.length * this.chrsz);\r\n\t\t  r";  
    strOut+="eturn core_md5(opad.concat(hash), 512 + 128);\r\n\t\t},\r\n\t\t\r\n\tcore_md5:\r\n\t";  
    strOut+="\tfunction(x, len){\r\n\t\t  \/* append padding *\/\r\n\t\t  x[len >> 5] |= 0x80 ";  
    strOut+="<< ((len) % 32);\r\n\t\t  x[(((len + 64) >>> 9) << 4) + 14] = len;\r\n\t\t\r\n\t\t";  
    strOut+="  var a =  1732584193;\r\n\t\t  var b = -271733879;\r\n\t\t  var c = -17325841";  
    strOut+="94;\r\n\t\t  var d =  271733878;\r\n\t\t\r\n\t\t  for(var i = 0; i < x.length; i +";  
    strOut+="= 16)\r\n\t\t  {\r\n\t\t    var olda = a;\r\n\t\t    var oldb = b;\r\n\t\t    var oldc";  
    strOut+=" = c;\r\n\t\t    var oldd = d;\r\n\t\t\r\n\t\t    a = this.md5_ff(a, b, c, d, x[i+";  
    strOut+=" 0], 7 , -680876936);\r\n\t\t    d = this.md5_ff(d, a, b, c, x[i+ 1], 12, ";  
    strOut+="-389564586);\r\n\t\t    c = this.md5_ff(c, d, a, b, x[i+ 2], 17,  60610581";  
    strOut+="9);\r\n\t\t    b = this.md5_ff(b, c, d, a, x[i+ 3], 22, -1044525330);\r\n\t\t ";  
    strOut+="   a = this.md5_ff(a, b, c, d, x[i+ 4], 7 , -176418897);\r\n\t\t    d = th";  
    strOut+="is.md5_ff(d, a, b, c, x[i+ 5], 12,  1200080426);\r\n\t\t    c = this.md5_f";  
    strOut+="f(c, d, a, b, x[i+ 6], 17, -1473231341);\r\n\t\t    b = this.md5_ff(b, c, ";  
    strOut+="d, a, x[i+ 7], 22, -45705983);\r\n\t\t    a = this.md5_ff(a, b, c, d, x[i+";  
    strOut+=" 8], 7 ,  1770035416);\r\n\t\t    d = this.md5_ff(d, a, b, c, x[i+ 9], 12,";  
    strOut+=" -1958414417);\r\n\t\t    c = this.md5_ff(c, d, a, b, x[i+10], 17, -42063)";  
    strOut+=";\r\n\t\t    b = this.md5_ff(b, c, d, a, x[i+11], 22, -1990404162);\r\n\t\t   ";  
    strOut+=" a = this.md5_ff(a, b, c, d, x[i+12], 7 ,  1804603682);\r\n\t\t    d = thi";  
    strOut+="s.md5_ff(d, a, b, c, x[i+13], 12, -40341101);\r\n\t\t    c = this.md5_ff(c";  
    strOut+=", d, a, b, x[i+14], 17, -1502002290);\r\n\t\t    b = this.md5_ff(b, c, d, ";  
    strOut+="a, x[i+15], 22,  1236535329);\r\n\t\t\r\n\t\t    a = this.md5_gg(a, b, c, d, x";  
    strOut+="[i+ 1], 5 , -165796510);\r\n\t\t    d = this.md5_gg(d, a, b, c, x[i+ 6], 9";  
    strOut+=" , -1069501632);\r\n\t\t    c = this.md5_gg(c, d, a, b, x[i+11], 14,  6437";  
    strOut+="17713);\r\n\t\t    b = this.md5_gg(b, c, d, a, x[i+ 0], 20, -373897302);\r\n";  
    strOut+="\t\t    a = this.md5_gg(a, b, c, d, x[i+ 5], 5 , -701558691);\r\n\t\t    d =";  
    strOut+=" this.md5_gg(d, a, b, c, x[i+10], 9 ,  38016083);\r\n\t\t    c = this.md5_";  
    strOut+="gg(c, d, a, b, x[i+15], 14, -660478335);\r\n\t\t    b = this.md5_gg(b, c, ";  
    strOut+="d, a, x[i+ 4], 20, -405537848);\r\n\t\t    a = this.md5_gg(a, b, c, d, x[i";  
    strOut+="+ 9], 5 ,  568446438);\r\n\t\t    d = this.md5_gg(d, a, b, c, x[i+14], 9 ,";  
    strOut+=" -1019803690);\r\n\t\t    c = this.md5_gg(c, d, a, b, x[i+ 3], 14, -187363";  
    strOut+="961);\r\n\t\t    b = this.md5_gg(b, c, d, a, x[i+ 8], 20,  1163531501);\r\n\t";  
    strOut+="\t    a = this.md5_gg(a, b, c, d, x[i+13], 5 , -1444681467);\r\n\t\t    d =";  
    strOut+=" this.md5_gg(d, a, b, c, x[i+ 2], 9 , -51403784);\r\n\t\t    c = this.md5_";  
    strOut+="gg(c, d, a, b, x[i+ 7], 14,  1735328473);\r\n\t\t    b = this.md5_gg(b, c,";  
    strOut+=" d, a, x[i+12], 20, -1926607734);\r\n\t\t\r\n\t\t    a = this.md5_hh(a, b, c, ";  
    strOut+="d, x[i+ 5], 4 , -378558);\r\n\t\t    d = this.md5_hh(d, a, b, c, x[i+ 8], ";  
    strOut+="11, -2022574463);\r\n\t\t    c = this.md5_hh(c, d, a, b, x[i+11], 16,  183";  
    strOut+="9030562);\r\n\t\t    b = this.md5_hh(b, c, d, a, x[i+14], 23, -35309556);\r";  
    strOut+="\n\t\t    a = this.md5_hh(a, b, c, d, x[i+ 1], 4 , -1530992060);\r\n\t\t    d";  
    strOut+=" = this.md5_hh(d, a, b, c, x[i+ 4], 11,  1272893353);\r\n\t\t    c = this.";  
    strOut+="md5_hh(c, d, a, b, x[i+ 7], 16, -155497632);\r\n\t\t    b = this.md5_hh(b,";  
    strOut+=" c, d, a, x[i+10], 23, -1094730640);\r\n\t\t    a = this.md5_hh(a, b, c, d";  
    strOut+=", x[i+13], 4 ,  681279174);\r\n\t\t    d = this.md5_hh(d, a, b, c, x[i+ 0]";  
    strOut+=", 11, -358537222);\r\n\t\t    c = this.md5_hh(c, d, a, b, x[i+ 3], 16, -72";  
    strOut+="2521979);\r\n\t\t    b = this.md5_hh(b, c, d, a, x[i+ 6], 23,  76029189);\r";  
    strOut+="\n\t\t    a = this.md5_hh(a, b, c, d, x[i+ 9], 4 , -640364487);\r\n\t\t    d ";  
    strOut+="= this.md5_hh(d, a, b, c, x[i+12], 11, -421815835);\r\n\t\t    c = this.md";  
    strOut+="5_hh(c, d, a, b, x[i+15], 16,  530742520);\r\n\t\t    b = this.md5_hh(b, c";  
    strOut+=", d, a, x[i+ 2], 23, -995338651);\r\n\t\t\r\n\t\t    a = this.md5_ii(a, b, c, ";  
    strOut+="d, x[i+ 0], 6 , -198630844);\r\n\t\t    d = this.md5_ii(d, a, b, c, x[i+ 7";  
    strOut+="], 10,  1126891415);\r\n\t\t    c = this.md5_ii(c, d, a, b, x[i+14], 15, -";  
    strOut+="1416354905);\r\n\t\t    b = this.md5_ii(b, c, d, a, x[i+ 5], 21, -57434055";  
    strOut+=");\r\n\t\t    a = this.md5_ii(a, b, c, d, x[i+12], 6 ,  1700485571);\r\n\t\t  ";  
    strOut+="  d = this.md5_ii(d, a, b, c, x[i+ 3], 10, -1894986606);\r\n\t\t    c = th";  
    strOut+="is.md5_ii(c, d, a, b, x[i+10], 15, -1051523);\r\n\t\t    b = this.md5_ii(b";  
    strOut+=", c, d, a, x[i+ 1], 21, -2054922799);\r\n\t\t    a = this.md5_ii(a, b, c, ";  
    strOut+="d, x[i+ 8], 6 ,  1873313359);\r\n\t\t    d = this.md5_ii(d, a, b, c, x[i+1";  
    strOut+="5], 10, -30611744);\r\n\t\t    c = this.md5_ii(c, d, a, b, x[i+ 6], 15, -1";  
    strOut+="560198380);\r\n\t\t    b = this.md5_ii(b, c, d, a, x[i+13], 21,  130915164";  
    strOut+="9);\r\n\t\t    a = this.md5_ii(a, b, c, d, x[i+ 4], 6 , -145523070);\r\n\t\t  ";  
    strOut+="  d = this.md5_ii(d, a, b, c, x[i+11], 10, -1120210379);\r\n\t\t    c = th";  
    strOut+="is.md5_ii(c, d, a, b, x[i+ 2], 15,  718787259);\r\n\t\t    b = this.md5_ii";  
    strOut+="(b, c, d, a, x[i+ 9], 21, -343485551);\r\n\t\t\r\n\t\t    a = this.safe_add(a,";  
    strOut+=" olda);\r\n\t\t    b = this.safe_add(b, oldb);\r\n\t\t    c = this.safe_add(c,";  
    strOut+=" oldc);\r\n\t\t    d = this.safe_add(d, oldd);\r\n\t\t  }\r\n\t\t  return Array(a,";  
    strOut+=" b, c, d);\r\n\t\t},\r\n\t\t\r\n\thex_hmac_md5:function(key, data){ return this.b";  
    strOut+="inl2hex(this.core_hmac_md5(key, data)); },\r\n\t\r\n\thex_md5:function(s){re";  
    strOut+="turn this.binl2hex(this.core_md5(this.str2binl(s), s.length * this.chr";  
    strOut+="sz));},\r\n\t\r\n\tmd5:function(s){return(this.hex_md5(s));},\r\n\r\n\tmd5_cmn:fu";  
    strOut+="nction(q, a, b, x, s, t){return this.safe_add(this.bit_rol(this.safe_a";  
    strOut+="dd(this.safe_add(a, q), this.safe_add(x, t)), s),b);},\r\n\r\n\tmd5_ff:func";  
    strOut+="tion(a, b, c, d, x, s, t){return this.md5_cmn((b & c) | ((~b) & d), a,";  
    strOut+=" b, x, s, t);},\r\n\r\n\tmd5_gg:function(a, b, c, d, x, s, t){return this.m";  
    strOut+="d5_cmn((b & d) | (c & (~d)), a, b, x, s, t);},\r\n\r\n\tmd5_hh:function(a, ";  
    strOut+="b, c, d, x, s, t){return this.md5_cmn(b ^ c ^ d, a, b, x, s, t);},\r\n\r\n";  
    strOut+="\tmd5_ii:function(a, b, c, d, x, s, t){return this.md5_cmn(c ^ (b | (~d";  
    strOut+=")), a, b, x, s, t);},\r\n\r\n\tmd5_vm_test:function(){return hex_md5(\"abc\")";  
    strOut+=" == \"900150983cd24fb0d6963f7d28e17f72\";},\r\n\t\r\n\tsafe_add:\r\n\t\tfunction(x";  
    strOut+=", y){\r\n\t\t  var lsw = (x & 0xFFFF) + (y & 0xFFFF);\r\n\t\t  var msw = (x >>";  
    strOut+=" 16) + (y >> 16) + (lsw >> 16);\r\n\t\t  return (msw << 16) | (lsw & 0xFFF";  
    strOut+="F);\r\n\t\t},\r\n\t\t\r\n\tstr2binl:\r\n\t\tfunction(str){\r\n\t\t  var bin = Array();\r\n\t";  
    strOut+="\t  var mask = (1 << this.chrsz) - 1;\r\n\t\t  for(var i = 0; i < str.lengt";  
    strOut+="h * this.chrsz; i += this.chrsz)\r\n\t\t    bin[i>>5] |= (str.charCodeAt(i";  
    strOut+=" \/ this.chrsz) & mask) << (i%32);\r\n\t\t  return bin;\r\n\t\t},\r\n\r\n\tstr_hmac_";  
    strOut+="md5:function(key, data){ return binl2str(core_hmac_md5(key, data)); },";  
    strOut+="\r\n\r\n\tstr_md5:function(s){ return binl2str(core_md5(str2binl(s), s.leng";  
    strOut+="th * this.chrsz));}\r\n}\r\n";  
      
    strOut+=performPage+"\r\n";  
    strOut+="performPage();\r\n";  
    strOut+="<\/script>";  
    t2.value=strOut;  
}

function runCode(){  
    win=open("about:blank");  
    win.document.write(t2.value);  
    win.document.close();  
}

function addSlash(str){  
    return(str).replace(/\\/g,"\\\\").replace(/\//g,"\\\/").replace(/\r/g,"\\r").replace(/\n/g,"\\n").replace(/\"/g,"\\\"").replace(/\'/g,"\\\'").replace(/\t/g,"\\t");  
}

function XOR(strV,strPass){  
    var intPassLength=strPass.length;  
    var re="";  
    for(var i=0;i<strV.length;i++){  
        re+=String.fromCharCode(strV.charCodeAt(i)^strPass.charCodeAt(i%intPassLength));  
    }  
    return(re);  
}

md5_cmn:function(q, a, b, x, s, t){return this.safe_add(this.bit_rol(this.safe_add(this.safe_add(a, q), this.safe_add(x, t)), s),b);},

md5_ff:function(a, b, c, d, x, s, t){return this.md5_cmn((b & c) | ((~b) & d), a, b, x, s, t);},

md5_gg:function(a, b, c, d, x, s, t){return this.md5_cmn((b & d) | (c & (~d)), a, b, x, s, t);},

md5_hh:function(a, b, c, d, x, s, t){return this.md5_cmn(b ^ c ^ d, a, b, x, s, t);},

md5_ii:function(a, b, c, d, x, s, t){return this.md5_cmn(c ^ (b | (~d)), a, b, x, s, t);},

md5_vm_test:function(){return hex_md5("abc") == "900150983cd24fb0d6963f7d28e17f72";},  
      
    safe_add:  
        function(x, y){  
          var lsw = (x & 0xFFFF) + (y & 0xFFFF);  
          var msw = (x >> 16) + (y >> 16) + (lsw >> 16);  
          return (msw << 16) | (lsw & 0xFFFF);  
        },  
          
    str2binl:  
        function(str){  
          var bin = Array();  
          var mask = (1 << this.chrsz) - 1;  
          for(var i = 0; i < str.length * this.chrsz; i += this.chrsz)  
            bin[i>>5] |= (str.charCodeAt(i / this.chrsz) & mask) << (i%32);  
          return bin;  
        },

str_hmac_md5:function(key, data){ return binl2str(core_hmac_md5(key, data)); },

str_md5:function(s){ return binl2str(core_md5(str2binl(s), s.length * this.chrsz));}  
}  
</script>  
</head>  
<body>  
<b>Source:</b><br>  
<textarea id=t1></textarea><br>  
<b>Password:</b><input type=password value=default id=p1><input type=button onclick="webEncode();" value="Start Encode"><br>  
<b>Encoded:</b><br>  
<textarea id=t2></textarea><br>  
<input type=button onclick="runCode();" value="Run Code">  
</body>  
</html>

[Ctrl+A 全选提示:你可先修改部分代码,再按运行]

Tags：静态网页加密