How To Stop People From Pirating Your Source Codes How to encrypt your webpage source sode

[e-buttler 0]

-Encryption-

 

 

If your like me, you probably hate those Javascripts witch open a "Right Click Disabled" prompt. An easier way to confuse pirates from stealing your hard worked scripts or codes you can easily encrypt your html.

 

In this tut i will show you how to both create an html encrypting script and will show you the diffrent methods of encryption.

 

1. The HEX DECIMAL Encryptor. (Effectiveness 9/10)

 

This encryptor will turn html code like this

 

<html><body><p> test1 </p></body></html>

into

 

%3C%68%74%6D%6C%3E%0A%3C%62%6F%64%79%3E%0A%3C%70%3E%20%74%65%73%74%31%20%3C%2F%70%3E%0A%3C%2F%62%6F%64%79%3E%0A%3C%2F%68%74%6D%6C%3E

For a already made version, click here

This method is my personal favorite.

 

First, put this in your scripts body

<script language=Javascript><!--function encode(){if(document.forms[0].asciitext.value == ''){  alert('Please enter some code to encrypt.');  void(0);	}	else {  var text= document.forms[0].asciitext.value;  enctext= transform(text);  document.forms[0].asciitext.value= '';  document.forms[0].asciitext.value= (enctext);	}}function transform(s){	var hex=''	var i	for (i=0; i<s.length; i++)	{  hex += '%'+hexfromdec( s.charCodeAt(i) )}	return hex}function generate(){	if(document.forms[0].asciitext.value == ''){  alert('Please encrypt something!');  void(0);	}	else {  var text= document.forms[0].asciitext.value;  document.forms[0].asciitext.value="\<script\>\n//<!--\ndocument.write(unescape(\""+text+"\"));\n//-->\n\</script\>";  }	}function hexfromdec(num) {	if (num > 65535) { return ("err!") }	first = Math.round(num/4096 - .5);	temp1 = num - first * 4096;	second = Math.round(temp1/256 -.5);	temp2 = temp1 - second * 256;	third = Math.round(temp2/16 - .5);	fourth = temp2 - third * 16;	return (""+getletter(third)+getletter(fourth));}function getletter(num) {	if (num < 10) {  return num;	}	else {	if (num == 10) { return "A" }	if (num == 11) { return "B" }	if (num == 12) { return "C" }	if (num == 13) { return "D" }	if (num == 14) { return "E" }	if (num == 15) { return "F" }	}}function decode(){if (document.forms[0].asciitext.value=="") {alert('No code to decrypt!');}else {document.forms[0].asciitext.value=unescape(document.forms[0].asciitext.value);document.forms[0].asciitext.value="Click Encrypt to encrypt the code.";}}function preview(){if (document.forms[0].asciitext.value=="") {alert('Nothing to preview!');}else {pr=open("","_blank","top=0,left=0");pr.document.write(document.forms[0].asciitext.value);pr.document.title='Preview';}}//--></SCRIPT>

this is what makes the entire thin "tick".

 

Now insert this to make the text fields, buttons and phisical appearence

 

<FORM name=code action="" method=post><TABLE cellSpacing=0 cellPadding=0 bgColor=#000000 border=3 align="center"><TBODY><TR>        <TD bgColor=#6699CC> <font color="#FFFFFF">HTML Encrypter 1: </font><BR><TEXTAREA name=asciitext rows=10 wrap=virtual cols=69>Type the code to be encrypted here.</textarea></TD></TR><TR>        <TD bgColor=#6699CC>           <P> <INPUT class=button onclick=encode() type=button value="Encrypt" name=Button2>          </P></TD></TR></TBODY></TABLE></FORM></td></tr></table>

2. The FIGURE HEX DECIMAL Method (Effectiveness 4/10)

 

This Encryption will turn a code like this

 

<html><body><p> test1 </p></body></html>

into

 

<script><!--document.write(unescape("%3Chtml%3E%0A%3Cbody%3E%0A%3Cp%3E%20test1%20%3C/p%3E%0A%3C/body%3E%0A%3C/html%3E"));//--></script>

The problem with this is that you can make out certain words out

 

Ex.

 

<script>

<!--

document.write(unescape("%3Chtml%3E%0A%3Cbody%3E%0A%3Cp%3E%20test1%20%3C/p%3E%0A%3C/body%3E%0A%3C/html%3E"));

//-->

</script>

 

 

This by far is my least favorite method.

 

For a already made version, click here

 

If you wish to make the aplication yourself, here's the code.

 

<script language=JavaScript>var i=0;var ie=(document.all)?1:0;var ns=(document.layers)?1:0;function initStyleElements() /* Styles for Buttons Init */{var c = document.pad;if (ie){//c.text.style.backgroundColor="#DDDDDD";c.compileIt.style.backgroundColor="#C0C0A8";c.compileIt.style.cursor="hand";c.select.style.backgroundColor="#C0C0A8";c.select.style.cursor="hand";c.view.style.backgroundColor="#C0C0A8";c.view.style.cursor="hand";c.retur.style.backgroundColor="#C0C0A8";c.retur.style.cursor="hand";c.clear.style.backgroundColor="#C0C0A8";c.clear.style.cursor="hand";}else return;}/* Buttons Enlightment of "Compilation" panel */function LightOn(what){if (ie) what.style.backgroundColor = '#E0E0D0';else return;}function FocusOn(what){if (ie) what.style.backgroundColor = '#EBEBEB';else return;}function LightOut(what){if (ie) what.style.backgroundColor = '#C0C0A8';else return;}function FocusOff(what){if (ie) what.style.backgroundColor = '#DDDDDD';else return;}/* Buttons Enlightment of "Compilation" panel */function generate() /* Generation of "Compilation" */{code = document.pad.text.value;if (code){document.pad.text.value='Compiling...Please wait!';setTimeout("compile()",1000);}else alert('First enter something to compile and then press CompileIt')}function compile() /* The "Compilation" */{document.pad.text.value='';compilation=escape(code);document.pad.text.value="<script>\n<!--\ndocument.write(unescape(\""+compilation+"\"));\n//-->\n<\/script>";i++;if (i=1) alert("Page compiled 1 time!");else alert("Page compiled "+i+" times!");}function selectCode() /* Selecting "Compilation" for Copying */{if(document.pad.text.value.length>0){document.pad.text.focus();document.pad.text.select();}else alert('Nothing for be selected!')}function preview() /* Preview for the "Compilation" */{if(document.pad.text.value.length>0){pr=window.open("","Preview","scrollbars=1,menubar=1,status=1,width=700,height=320,left=50,top=110");pr.document.write(document.pad.text.value);}else alert('Nothing for be previewed!')}function uncompile() /* Decompiling a "Compilation" */{if (document.pad.text.value.length>0){source=unescape(document.pad.text.value);document.pad.text.value=""+source+"";}else alert('You need compiled code to uncompile it!')}// --></script>

This Gives it the fuctions

 

now insert this code to help both compilation and phisical appearence

 

 

<body bgcolor=white topmargin=0 leftmargin=0 marginheight=0 marginwidth=0 onload=initStyleElements()><table border=0 width=100% cellspacing=0 cellpadding=0><tr><td width=100% height="23"></td></tr><tr><td width=100% height=23></td></tr><tr><td width=100%><!-- Compilation Panel --><form method=post name=pad align=center>        <table width="62%" border="2" bordercolor="#6699FF">          <tr>            <td bgcolor="#6699FF"><font color="#FFFFFF">HTML Encryption 2</font></td>          </tr>          <tr>            <td bgcolor="#6699FF"><textarea rows=11 name=text cols=58 style="background-color:#EBEBEB;width:95%"></textarea>            </td>          </tr>          <tr>            <td bgcolor="#6699FF">               <input type=button value=Encrypt name=compileIt onClick=generate() onMouseOver=LightOn(this) onMouseOut=LightOut(this)>            </td>          </tr>        </table>        <br>      </form><!-- Compilation Panel --></td></tr></table>

Well That's all, I hope you enjoyed my tut and found it useful.!!!!

 

Feel free to post or e-mail me your questions or comments

[snlildude87 0]

Nice stuff dude. The downsides I can think to this are:1. your HTML code will probably not validate correctly, and2. can probably be easily bypassed by disabling JavaScript in Firefox.

[guangdian 0]

i think the html code can not been pirated easily like php (zend)and if you do that with some script tools,then there would be the problem with your pages.- so if your html is validated with html 4.01 or xhtml that you validat it again after you pirated it.what do you found , i think it can not been validated,can not pass it.i think there is no need to protect the html code,for you why is it?

[tigen28 0]

Sometimes, an author of an html codes may think that after a good amount of time spending and knitting codes together, they feel that the "used time" = "rewards" for themself and don't want other to enjoy the benefits without a sweat.I know I sometimes feel like that. Yeah, I admit it's kind of selfish, but hey, if you want something really bad, you will be willing to work for it.

[Dooga 0]

@snli: In Firefox, if you disable Javascript it won't work

 

Also, there are a lot of ways to crack these methods, such as reversing the code... (I mean, add a function to have the page view the plain text instead). http://www.weblockpro.com/home.php?s=&t= sold similar products but I managed to get a copy of their UNENCRYPTED site (wow that person was really good at programming), http://www.hugedomains.com/domain_profile.cfm?d=htmlprotector&e=com use it too!

[Spectre 0]

Although not a bad post, 'encrypting' your HTML is effectively pointless. Obviously, the browser is going to need to be able to process an unencrypted form of the page - so the client-side script needs to be able to decrypt the HTML. Which means that people wanting to 'steal' your markup are going to be able to anyway by looking at the 'decryption' method. Further more, it's more obfuscation than encryption.

If you've ever heard of the SHDocVw control, this processes all JavaScript and presents the HTML with all JavaScript modifications made.

<p><script>document.write('Hi');</script></p>Would appear as:<p>Hi</p>When processed with the SHDocVw control.

Apart from that, why hide your markup? It's not like the source code of a program, and as far as I'm concerned, there is no reason to hide it. There are a lot of downsides, however - search engines won't be able to read your page, and some visitors won't be able to either (whether by intentionally disabling JavaScript for security purposes or running a browser that doesn't support the scripting language), just to mention a couple.

Anyway, good post.

[Dooga 0]

That's a good point. Encrypting or Obfusicating an HTML site is just inviting people to decrypt it. But I really like how it compresses your HTML.

[unicornrose 0]

If you have a spectacular design or you have a competitor that is trying to steel your business encrypting your code is good business practice. Trust me I know this because it happened to a company I worked for alot. They were trying to steal our business so they stole our code and made their websites look like ours. They were cheap immitations that just lead to crappier websites but still the fact was still there that they were stealing our code so we had to find a way to hide the code from them.

[Spectre 0]

Not really. Anyone with any programming experience could very easily 'decrypt' a page which has been 'encrypted' with JavaScript.

 

There isn't a way to ensure no one is going to be able to rip off the markup of your page. The client obviously has to receive an uncrypted form of it at some stage, so any encryption or form of obsfucation you use is only going to work to a certain exten, and can't be of great security.

[rvalkass 5]

Is it just me, or is a source code of a page that looks like this:

%12%34%56%78%90

quite obvious? Surely any vaguely determined person can work out what you've done and easily decrypt it?

I speak from experinece, I've tried both methods and neither are effective in stopping people nicking your source code.

[hulunes 0]

huh...good job!but a little suspiction is that those javascript would not work effectively in opera or firefox.i think that banning to look at source file is a good way.for instance, you can make your webpage to be showed in a full screen window,there is no tool bar,location bar and so on.however right click is till to be banned with javascript ->failed

[round 0]

I'm not really sure why you would want to stop people from getting at you html code. It takes anyone with alittle skill and a screen shot about an hour to reproduce any page on the web. Anyway, it's really only html. I know there are different and more effective ways of encrypting shopping carts.round

[e-buttler 0]

Wow!Thank you sooo much for all the comment =). this being my first post, i didn't know what to expect, Thanks guys!!!

[sangdukseo 0]

if you disable javascript, won't your script just become invalidated? This idea doesn't seem too smart to me. I think it's kind of half-baked.

[acumentech 0]

hmm...good work but....I hate one thing in this that it makes the whole system slower....