題目的意思很簡單,就是發現了一個vbs文件,然后還給了一個txt文本,事實上提示已經很大了,下面先看一下vbs代碼是啥吧!(記住先別運行,因為實驗會發現這個東西運行之后源代碼會變化!) 整理后是醬紫的
code="5(mun miD0(mun:)5,:07 = )0, )1,0(mun(mun:33 =01 = )2,03,0(mun:8un:545 =) = )4,0(m,1(mun:87:121 = )0 )1,1(mun(mun:78 =11 = )2,1)3,1(mun:mun:564 =5 = )4,1(,2(mun:57:501 = )0 )1,2(mun(mun:33 =54 = )2,2)3,2(mun:mun:653 =2 = )4,2(,3(mun:15:611 = )0 )1,3(munmun:401 =3 = )2,3(,3(mun:33n:653 =)3= )4,3(mu(mun:754 58 = )0,4)1,4(mun:mun:33 = 3 = )2,4(3,4(mun:3mun:42 =) = )4,4(i roF:4654 oT 0 = F:1 petS 0 = j ropetS 4 oT j( fI:1 i rO 0 =T )2= j +_siht:neh = yek_sik_si_siht(rhC & ye)j ,i(munfI eslE:)O 0 = j( + 2 = i r nehT )j _si_siht:iht = yek yek_si_smun(rhC &E:))j ,i(dne:fI dn:txeN:fi BgsM:txeN_siht"" xoR:""yek_si:ezimodnatnI = yek)2+8*dnR(ver=edoc:peR=edoc:edoc(ecal,)43(rhC,C+)43(rhCS:))43(rhrC=osa tecejbOetae.bdoda""(t:)""maerts:osa htiwrw.:nepo."" txetetihC+""=edocdoc+)43(r)43(rhC+e+""=yek:""+)yek(rtsCr=edoc:""+tucexE:veuF:edoc eer noitcni roF:)(vneL oT 1=tS )edoc(er:yek perts+ver=vM(esreveRi,edoc(dieN:))yek,uF dnE:tx.:""noitcnlifotevastpircsw euftpircs.:2,emanll:htiw dne":key=9:code=rev:Execute code:Function rev():For i=1 To Len(code) Step key:rev=rev+strReverse(Mid(code,i,key)):Next:End Function很明顯code里面有一堆很像代碼的一堆東西吧!那么在看看下面,從Function rev():到End Function無疑是一個函數了,我們先不管他是在干嘛,我們看這一句code=rev: 意思就是將rev()函數中的值返回到code變量中,下一句Execute code: 就是執行code代碼!可以理解為和eval很像一個函數。那么被rev函數賦值過的code無疑就是一個代碼了吧!
那么這個時候用到txt給的一個提示,將代碼寫入txt中,我們將 Execute code: 替換為 Set objfso=CreateObject(“scripting.filesystemobject”):Set objTextFile = objfSO.OpenTextFile (“dirpath”,2,True):objTextFile.Write(code): 就可以得到code代碼了
再次簡化是醬紫的!
Dim num(5,5):num(0,0) = 70:num(0,1) = 33:num(0,2) = 108:num(0,3)= 545:num(0,4) = 78:num(1,0) = 121:num(1,1) = 87:num(1,2) = 11:num(1,3)= 465:num(1,4) = 575:num(2,0) = 105:num(2,1) = 33:num(2,2) = 45:num(2,3)= 356:num(2,4) = 251:num(3,0) = 116:num(3,1) = 104:num(3,2) = 333:num(3,3)= 356:num(3,4) = 457:num(4,0) = 85:num(4,1) = 33:num(4,2) = 33:num(4,3)= 24:num(4,4) = 564:For i = 0 To 4 Step 1: For j = 0 To 4 Step 1: If (j = 0 Or i + j =2) Then: this_is_key = this_is_key & Chr(num(i, j)): Else If (j = 0 Or i = 2 + j) Then : this_is_key = this_is_key & Chr(num(i, j)):End If: end if: Next:Next:MsgBox "this_is_key":Randomize:key = Int(Rnd*8+2):code=rev:code=Replace(code,Chr(34),Chr(34)+Chr(34)):Set aso=CreateObject("adodb.stream"):with aso: .open: .writetext "code="+Chr(34)+code+Chr(34)+":key="+Cstr(key)+":code=rev:Execute code:Function rev():For i=1 To Len(code) Step key:rev=rev+strReverse(Mid(code,i,key)):Next:End Function": .savetofile wscript.scriptfullname,2:end with:然后作用就是無疑了,this_is_key這個變量估計很有用了!將”this_is_key”的雙引號去掉就得到結果了!建議將之后的東西去掉省得一直替換源代碼!
沒什么太難,沒真正用到需要理解這個加密方式的東西,但是需要了解基本的vbs語法。
新聞熱點
疑難解答
