To hack this de facto world standard of protection I need 5-7 minutes. Very strong cipher :) I must tell you how you can do it. Maybe I save some money for people,
who want to buy this do-nothing software. So, I start.
1. Analyzing document.
See on HTML-code below inscription
The source code of this page is encrypted with... The content of the document makes impression complete
abracadabra: text is not quite readable, it is not divided into lines and paragraphs, the width of the text exceeds the width of screen considerably.
But we make sure that this is HTML and not something else by finding at the beginning and at the end of the document standard tags:
<html>,
<head> and others.
The small formatting clears the situation - all content of page is placed in a script, being in a logical heading between the descriptors
<script> and
</script>.
... ... ...

The language of script is not indicated, but I know that it is set as default as JavaScript.
It is necessary to say that I almost do not know Javascript. I remember only some general information about syntax, for example, that after operators
they put semicolon and variable value placed between single apostrophes. Great! A few minutes after I diligently tap the Enter key after every combination
of symbols: "
';" (don't forget to use the search). Now the code is clearly visible. A result is represented in a browser
without changes. I do a back-up copy. Let's study the structure of protection script. At the beginning we see the code. As far as I understand these are
the starting settings and checking. Next we see:
I don't understand anything :(
Continue investigation.
OOO0=new Array();

A few kilobytes of abracadabra are appropriated a variable. Look like that this variable contains the coded text. Continue investigation...
Next I see:
OO00='fu';
OO0O='uxoRqZXEpNDrITBy';
OO00+='nction __'+'__(_'+'O0){';
Interesting. Look here OO00='
fu'; OO00+='
nction
__'+'__(_'+'O0){'; You see word
function?
The variable OO00 will contain the
function __(_O0){;. It is already something clever. Obviously the function of decoding begins to
gather. Pay attention to this line: OO0O='of uxoRqZXEpNDrITBy'; Probably, it is the key which is used for enciphering. Continue research in a hope to
understand something, because this key is not interest for us. The other area of code make me think:
OOOO='v%61r%20l%32%3D%77i\156%64ow%2E%6F%70er\ …’;
We have already seen it :) Looks like a piece of sly Shell-code. But at the same time it is clear that it is not binary data. Probably, it is a text
coded by standard facilities of JavaScript. All right, I hope it will soon be clear. Turn the castor of scrolling of the mouse. Aha!
There is an increase of variable of OO0[0]:
OOO0[0]
+=
(many kilobytes of abracadabra)
Looks like some binary encrypted data.
Scroll the next...
Again the acquainted combination:
OO00+='
eva';
O000='lQZhNcMgBOBwqMIbPObOkEFOOiJnVfQX';
OO00+='
l(
unes'+'
cape(_O0))}';
eval(OO00);
O0O0='sEOYyCfDJRGissrwXOgPOOnrulOOWFkmKjoFBhvZ';
OO00='';
And below OOOO
+='%20Ar%72a\171%28%29%2C%6C%30%3Dnew%20…;
What to say, all put into places. Judge for yourself:again there is an increase of variables OOO0[0] and OOOO, a few service variables are entered,
a function is constructed. By the way, it is quite clearly which function: eval(unescape(_O0))
After that finally
OO00 = function(_O0){(_eval(unescape(_O0))}
The function of eval() executes the programmatic code passed to it. Such the compiler itself in a compiler. But what does procedure of unescape() do? It
converts the hexadecimal Unicode into a string. It mean unescape() decodes a line.
All absolutely clear - unescape brings content over of variable of OOOO to the normal kind, to executable JS-code. Thus, it appears that the coded
program which decrypts OOO0[0] - text of document is kept in this variable. Reading documents on this function, I understood that the code of
program-decipherer had been initially coded by the built-in function of escape() in order to frighten off inexperienced hackers, - in fact, in a
document in this case there almost will be not a single intelligent operator.
Great, all is clear now. It is time to get a code, decrypting the content of the document.
2. Decrypting content of document.
We must find ALL value of OOOO variable (or other contains not binary code like
%20A\162ra%79%28%29%2C\154%30%3D). In my case I
have 3 part of OOOO variable. After that we must use
unescape function to this variable for decode it. And finally we have decoded text.
We put it into text field TT. You can see 100% working code:
<body>
<input id="decrypted" type="text" style="width: 800px; height: 100px">
<script>
OOOO='\166ar%20\154%32%3D\167i%6E\144\...';
OOOO+='%20A\162ra%79%28%29%2C\154%30%...';
OOOO+=''k%3Bde%66\141u\154\164%3A%6C%31...';
decrypted.value=unescape(OOOO);
</script>
After putting this page into browser we can copy/paste from text field the following decrypting program:
var l2=window.opera?1:0;
function l3(l4){
l5=/zc/g;
l6=String.fromCharCode(0);
l4=l4.replace(l5,l6);
var l7=new Array(),l8=_1=l4.length,l9,lI,il=16256,_1=0,I=0,li='';
do{
l9=l4.charCodeAt(_1);
lI=l4.charCodeAt(++_1);
l7[I++]=lI+il-(l9<<7)
}while(_1++<l8);
var l1=new Array(),l0=new Array(),Il=128;
do{
l0[Il]=String.fromCharCode(Il)
}while(--Il);
Il=128;
l1[0]=li=l0[l7[0]];
ll=l7[0];
_l=1;
var l_=l7.length-1;
while(_l<l_){
switch(l7[_l]<Il?1:0){
case 0 :
l0[Il]=l0[ll]+String(l0[ll]).substr(0,1);
l1[_l]=l0[Il];
if(l2){li+=l0[Il]};
break;
default:l1[_l]=l0[l7[_l]];
if(l2){li+=l0[l7[_l]]};
l0[Il]=l0[ll]+String(l0[l7[_l]]).substr(0,1);
break
};
Il++;
ll=l7[_l];
_l++
};
if(!l2){return(l1.join(''))}
else{return li}
};
var lO='';
for(ii=0;ii<OOO0.length;ii++)
{lO+=l3(OOO0[ii])
};
if(naa) {document.write(lO)};
This is the decoding code of the text which is kept in the variable OOO0[0]. A bit confusing. But fortunately, we don't need to understand what exactly
this program does. We are interested in the last line, in its very part
document.write(lO). Obviously, that exactly this variable of lO will
contain the final (deciphered) code of the page.
Thus, there is the last jerk to success. Remove OOOO and functions
eval() and
unescape() (does not forget to do back-up
copies just in case). Then repeat the act which we have just done, for reliability instead of conclusion of the deciphered code in the alphanumeric field,
we put it in a text file. For this purpose we replace the line of
if(naa){document.write(lO)}; with such sequence
of commands (or comment out this line, adding commands below):
var fs = new ActiveXObject("Scripting.FileSystemObject");
var decfile = fs.OpenTextFile("finaldecoded.html", 2, true);
decfile.WriteLine(lO);
decfile.Close();
Voila. We got the deciphered file :)
For decoding of files, treated by this program, neither thorough knowledge of script language nor algorithms of encoding was required. Just a little attention
and non-standard approach was enough. A few minutes - and I have a script, decoding any file, treated by this program. But in fact I do not write harmful software
and do not trench not upon whose copyrights.