Page 5 of 5

Re: Best way to obfuscate a Batch File?

Posted: 13 Dec 2017 06:04
by kumarchat
This doesn't work if I use a HTA application for generating input HTML boxes inside the batch script. The HTML box displays the entire code, any way to do the same?

Re: Best way to obfuscate a Batch File?

Posted: 13 Dec 2017 08:03
by Squashman
Dave, they also posted on SO

Re: Best way to obfuscate a Batch File?

Posted: 11 May 2018 08:26
by FifthAxiom
Hi Dave,

There is an error in the batch file. It has to do with re-calling the obfuscated batch file with full path. The problem is you can't determine whether the batch is started from an active console or from the Explorer. Furthermore the pushd and popd commands will not work. I would advise to change the following line:
echo (setlocal enableDelayedExpansion^&for /l %%%%N in (0 1 93) do set "^!@hi@:~%%%%N,1^!=^!@lo@:~%%%%N,1^!")^&cmd /c ^^^^^""%%~f0" ^^!@args@^^!"
echo (setlocal enableDelayedExpansion^&for /l %%%%N in (0 1 93) do set "^!@hi@:~%%%%N,1^!=^!@lo@:~%%%%N,1^!")^&cmd /c ^^^^^""%%~0" ^^!@args@^^!"
I've tested the changes and gave me no errors, even when executed from a parent or child folder.

But hey, thank you for your script. It helped me a lot. Great work!

Re: Best way to obfuscate a Batch File?

Posted: 11 Aug 2019 09:50
by Curious
dbenham wrote:
06 Aug 2017 16:35

Edit 2017-08-31: Bug fix from penpen applied - Added dot to FOR /F delims and bumped version to 1.1
Edit 2017-10-11: Better obscured character mapping in obfuscated file, and bumped version to 1.2
It works great but kasperksy and ESET detect obcusated batch file like a virus, any idea for solve this?

Thanks

Re: Best way to obfuscate a Batch File?

Posted: 14 Jan 2020 00:36
by duongbangxanh
dbenham wrote:
11 Oct 2017 13:49
Here is how I would do that. My testing shows that it preserves quoted arguments just fine.

Better to transfer control to Unobfuscate.bat, without CALL. This way there is no need for EXIT /B or GOTO :Label.
I went with the version 1.2 definition of @hi@ to better hide the mapping, just in case a user looks at that source code.

Mybatobfuscated.bat

Code: Select all

@if not defined @lo@ Unobfuscate.bat "%~f0" %*
%Á%%æ%%ä%%é%%ð%%¡%%ð%%ç%%ç%
%ô%%æ%%õ%%í%%ð%%ä%%â%%í%%¡%%æ%%ï%%â%%ã%%í%%æ%%å%%æ%%í%%â%%ú%%æ%%å%%æ%%ù%%ñ%%â%%ï%%ô%%ê%%ð%%ï%

%Ó%%Æ%%Î%%¡%%ô%%æ%%õ%%¡%%ç%%ê%%í%%æ%%¡%%ï%%â%%î%%æ%
%ô%%æ%%õ%%¡%%£%%ç%%ï%%¾%%~n1%£%
.............. truncated for brevity
Unobfuscate.bat

Code: Select all

@echo off
setlocal disableDelayedExpansion
for /f "delims=:. tokens=2" %%A in ('chcp') do set "@chcp@=chcp %%A>nul"
chcp 708>nul
set "@lo@= !#$&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~""
set "@hi@=%=%¡%=%¢%=%¤%=%¥%=%§%=%¨%=%©%=%ª%=%«%=%¬%=%­%=%®%=%¯%=%°%=%±%=%²%=%³%=%´%=%µ%=%¶%=%·%=%¸%=%¹%=%º%=%»%=%¼%=%½%=%¾%=%¿%=%À%=%Á%=%Â%=%Ã%=%Ä%=%Å%=%Æ%=%Ç%=%È%=%É%=%Ê%=%Ë%=%Ì%=%Í%=%Î%=%Ï%=%Ð%=%Ñ%=%Ò%=%Ó%=%Ô%=%Õ%=%Ö%=%×%=%Ø%=%Ù%=%Ú%=%Û%=%Ü%=%Ý%=%Þ%=%ß%=%à%=%á%=%â%=%ã%=%ä%=%å%=%æ%=%ç%=%è%=%é%=%ê%=%ë%=%ì%=%í%=%î%=%ï%=%ð%=%ñ%=%ò%=%ó%=%ô%=%õ%=%ö%=%÷%=%ø%=%ù%=%ú%=%û%=%ü%=%ý%=%þ%=%ÿ%=%£%=%"
setlocal enableDelayedExpansion
for /l %%N in (0 1 93) do set "!@hi@:~%%N,1!=!@lo@:~%%N,1!")
setlocal disableDelayedExpansion
cmd /c ^"%*"
%@chcp@%
exit /b
Dave Benam

I can shuffle it, but I don't know how to get back to it. Please help me

Re: Best way to obfuscate a Batch File?

Posted: 14 Jan 2020 08:00
by dbenham
It could be done, but as I've said from the very beginning, I have no interest in writing code to de-obfuscate a script that has already been obfuscated.

Re: Best way to obfuscate a Batch File?

Posted: 14 Jan 2020 09:30
by duongbangxanh
I am extremely grateful if you can help me do that. Because I have scrambled a file and I need to recover it. I could not rewrite the program because it took too much of my time. Please help me

Re: Best way to obfuscate a Batch File?

Posted: 15 Jan 2020 13:53
by pieh-ejdsch
You should simply respect the work done here to achieve an expected result. [Yes, let's be careful.] I want to tell you something: I am usually in a hurry to explain to others how something works, AND then I don't notice how I am selling my work for a null value. It is my fault if it goes like this - but I can act differently in the future if I want to. But it's about "another job".
Can you vaguely remember what you wanted to do with your script? Or maybe not anymore! I also started a lot of things double and triple (and took a lot more than the available time) because I didn't take the time to document the individual states of the work and, above all, also.
Do it this way - it will help you make progress.