转自：7jdg's Blog

http://1v1.name/?action=show&id=61

US-ASCII加密,就是把7bit转换为8bit

原始的代码

<html> <title>7jdg's Blog</title> <script>alert('Hello World')</script> <body> <a href="http://1v1.name">http://1v1.name</a> </body> </html>

加密后的代码

<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=US-ASCII" /> <title>Bypassing of web filters by using ASCII Exploit By CoolDiyer</title> </head><body> 艰繇炀娂糸綮寰逢溏 犅祜缂 轸戾緤俭泸轲艟犰弪舁 屐祜犠矧熹З集筱蜷痿緺娂怙澌緤坚犺蝈娼㈣趑鸷 宾碑钺礤⒕梏麴函 霰 犴寮 緤集怙澌緤集梏盱緤 </body></html>

加密解密程序

＃i nclude <stdio.h> int main(int argc,char** argv) { FILE *fp; char ch; printf("\n-- Bypassing of web filters by using ASCII Exploit By CoolDiyer --\n"); if(argc<2){ printf("\nUsage: \n\t %s srcfile >destfile\n",argv[0]); return -1; } if((fp=fopen(argv[1],"r"))==NULL){ printf("File %s open Error",argv[1]); return -1; }//指定编码为US-ASCII是必须的 printf("\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=US-ASCII\" />\n<title>Bypassing of web filters by using ASCII Exploit By CoolDiyer</title>\n</head><body>\n"); while((ch=fgetc(fp))!=EOF){ ch|=0x80; //把7位变成8位，这句话是核心，解密时用 ch&=0x7f printf("%c",ch); }; fclose(fp); printf("\n</body></html>\n"); return -1; }

解密只要把每个字节的高位置0即可。还有一个更简单的方法，网页“另存为”保存的时候，在语言选项将“西欧(windows)”改成“简体GB2312”，然后保存在本地。

unicode编码前

<html> <title>7jdg's Blog</title> <script>alert('Hello World')</script> <body> <a href="http://1v1.name">http://1v1.name</a> </body> </html>

unicode编码以后的形式

<html> <title>&#55;&#106;&#100;&#103;&#39;&#115;&#32;&#66;&#108;&#111;&#103;</title> <script>alert('Hello World')</script> <body> <a href="&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#49;&#118;&#49;&#46;&#110;&#97;&#109;&#101;">&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#49;&#118;&#49;&#46;&#110;&#97;&#109;&#101;</a> </body> </html>

加密程序

<? $text = "http://1v1.name"; preg_match_all("/[\x80-\xff]?./",$text,$ar); foreach($ar[0] as $v)       echo "&#".utf8_unicode(iconv("GB2312","UTF-8",$v)).";"; ?> <? // utf8 -> unicode function utf8_unicode($c) {       switch(strlen($c)) {       case 1:           return ord($c);       case 2:          $n = (ord($c[0]) & 0x3f) << 6;          $n += ord($c[1]) & 0x3f;           return $n;       case 3:          $n = (ord($c[0]) & 0x1f) << 12;          $n += (ord($c[1]) & 0x3f) << 6;          $n += ord($c[2]) & 0x3f;           return $n;       case 4:          $n = (ord($c[0]) & 0x0f) << 18;          $n += (ord($c[1]) & 0x3f) << 12;          $n += (ord($c[2]) & 0x3f) << 6;          $n += ord($c[3]) & 0x3f;           return $n;       } } ?>

这样的unicode编码，也可以通过另存为解密

或者是

<?php $str = "&#104;&#116;&#116;&#112;&#58;&#47;&#47;&#49;&#118;&#49;&#46;&#110;&#97;&#109;&#101"; $str = preg_replace("|&#([0-9]{1,5});|", "\".u2utf82gb(\\1).\"", $str); $str = "\$str=\"$str\";"; eval($str); echo $str; function u2utf82gb($c){      $str="";       if ($c < 0x80) {              $str.=$c;       } else if ($c < 0x800) {              $str.=chr(0xC0 | $c>>6);              $str.=chr(0x80 | $c & 0x3F);       } else if ($c < 0x10000) {              $str.=chr(0xE0 | $c>>12);              $str.=chr(0x80 | $c>>6 & 0x3F);              $str.=chr(0x80 | $c & 0x3F);       } else if ($c < 0x200000) {              $str.=chr(0xF0 | $c>>18);              $str.=chr(0x80 | $c>>12 & 0x3F);              $str.=chr(0x80 | $c>>6 & 0x3F);              $str.=chr(0x80 | $c & 0x3F);       }       return iconv('UTF-8', 'GB2312', $str);