VBScript encrypter and decrypter

This site allows you to encrypt and decrypt vbscript files. Upload a .vbs file to encrypt it, upload a .vbe file to decrypt it.

The encoding Feature, which is provided with every Windows Version, is often used to hide code in malicious scripts, so the desire to decode (or decrypt) is only natural.

Upload


Running encrypted files

An encrypted vbs file can be launched directly in windows if it is has .vbe file extension.
If an encrypted script runs into an error, it still shows the line number from the source script in the error message.
Only publish encrypted files if the decrypted version has been tested.

Detecting encrypted files

You can check the file name extension, which should be .vbe, instead of .vbs.
As an alternative you can open the file in a text editor.
The content should start with #@~^XXXXXX== and end with ==^#~@ plus a "null" char, which is not visible in most editors.

Encrypting other content

The content of the .vbs file is not syntax checked and does not needs to contain any VBScript source at all.
Encrypting the string will result in #@~^CgAAAA==&!z)HDz{m4agMAAA==^#~@
The encrypter retains all script content (including comments) and when decrypting you will receive an exact copy of the original.
Attempting to encrypt text containing other chars than in the original ASCII will yield an unusable result. See "limitations" below

Test script

If you need a script to play with, you can download this. This extracts and runs Rick dangerous but you obviously are not required to run the script to test the encrypter. If you want to, you can make a script on your own. Just open a plain text editor like windows notepad, type MsgBox "Test" and save the file. Make sure the file name ends in .vbs and you select "All files" in the type drop-down.

Limitation

This encryption type has severe limitations you have to be aware of:

Explanation

This is only a very crude explanation of the encryption

Basic concept

Characters have 3 different substitution characters. Which of those characters is taken depends on the position in the file. There is a long hard-coded key that determines the index. The key has 64 entries, so if you encrypt more than 64 times in a row the same char, you will see a repeating pattern. If you have Javascript enabled, you can play with the text box above and repeatedly enter X for example to see repeating patterns of ((. This is all that is to it. The text is fed through that transformation routine and then the begin and end tags are put around it. The tags contain changing values but they are not required for the decryption.

Exclusions:

More than half of all possible characters are actually excluded from the rule above.
© 2017 by AyrA