Scripts Encryptor
F.A.Q. Home
Icon:
Here are some Frequently Asked Questions asked through this web site:
  Q1:  Who is the author of the software available to download on this web site?
A: Every software product available for downloading on this website was designed and coded by a trusted team of developers lead by Dennis A. Babkin. For authenticity and to provide better trust for our users we code-sign our executable files with the Dennis' personal digital certificate.

To check authenticity of any of our executable file, right-click it (.exe, .msi or .dll files only) and go to its Properties. Then switch to Digital Signatures, and make sure that the signer (or publisher) on the certificate is Dennis A. Babkin. Then highlight it, click "Details" and make sure that "Digital Signature Information" is shown as "This digital signature is OK."

Digital signature for Dennis A. Babkin

This is how you can make sure that the software is genuine, that it was not tampered with and that it came unaltered from our developers. We always stand by all of our signed files.

In case an exectuble file that "claims" to have been downloaded from our site does not pass any of the steps of the digital signature verification outlined above, DO NOT run that file and notify us about it!
  Q2:  What is the experience of the authors of the software?
A: Our software developers have a wide range of skills including: C, C++, MFC, Objective-C/Cocoa/Cocoa Touch, C#, ASP.NET, HTML/DHTML, JavaScript, VBScript, PHP, SQL/MySQL, ActionScript, x86 Assembly, and much more. Also design and graphics skills with Adobe Photoshop, Adobe After Effects, Adobe Acrobat, Adobe Dreamweaver, Microsoft Office, and more.
  Q3:  Why is some software on this web site not free?
A: Well, it's a rhetorical question - why do we have to pay for food in a supermarket when we can forage for it :) To be serious, the charge for the license of our software will be used primarily for the development of new features and to expand and improve already existing functionality. And, even if it may not look like so, it takes a lot of effort and energy to develop a good piece of software. Still, in despite of some shareware products that we have on this site, we aspire to provide most of our products for free. Thank you for your understanding!
  Q4:  If I buy any of the software product licenses, will I be entitled for promotions and discounts?
A: Yes, absolutely. Besides showing your support for our team and for future development, you will be entitled for free updates of the software. Any other information will be included in the license agreement for a particular software product.
  Q5:  How strong is encryption performed by your software?
A: That is a good question. Many people confront us with the fact that our software does not provide strong "encryption" of Java Script, VBScript, classic ASP, etc. Well, let me tell you, to be specific it does not provide encryption at all. What it does, it obfuscates, or scrambles the code that makes it difficult (but, let me stress, not impossible) for a casual person to read or reverse engineer. Please keep in mind that such is due to the limitations of the scripting languages and has nothing to do with our software.

Further more, any type of computer code, or script will not allow encryption by definition, since it has to be read by your computer to be able to run it. And if so, an attacker with enough persistence can read and reverse-engineer the same code as well.

My own goal of using Scripts Encryptor is to compress and scramble the code, but not to encrypt it! Also keep in mind the following important notion - store all sensitive content on the web server side! Do not upload it as a client-side script! Adding scrambling, or obfuscation, to the server-side code will make it difficult to reverse-engineer and can act as a second line of defense. Any client-side logic that can be downloaded to the user's web browser should not contain any sensitive information, even if scrambled!
  Q6:  I have encoded the JS file, but I can decode it back to a readable file. I realize that it should be decodable in order for IE to read it but it just worries me that if I encode it that anybody can decode it?
A: I understand your concern about protection of JS files. Unfortunately, at the current time there is no known encryption of JavaScript and/or HTML to be at least as hard to reverse-engineer as compiling of C/C++ source code into an executable file. Due to limitations imposed by web browsers the only way to hide your code would be to scramble it into blocks of code unreadable for humans. Our product provides means for that.

Since during processing a web browser has to decode and interpret each line of code in your script, there also exist other means to un-scramble it. Scripts Encryptor - Premium is one of them. It incorporates features for that and bundles them into one GUI package. Again, I want to repeat that there is no known way to encrypt JS or HTML files to be inaccessible by hackers and advanced users. The main goal of using our product should be an attempt to either optimize JS/VBScript files to improve performance, or to scramble them to protect against an average intruder.

Also as a suggestion, I'd strongly recommend to separate your code into two parts: server and client side. Put all the sensitive information on the server, while the rest should go into the client-side scripts, downloadable to a user's machine. So far, this is the only sure way to protect your code against intrusion and reverse engineering.
  Q7:  What is the difference between the version for Windows 95/98/ME and the version for Windows NT/2000/XP?
A: Scripts Encryptor is no longer provided for Windows 95/98/ME or Windows NT/2000 due to obsolescence of those machines.
  Q8:  I have the following code snippet, how can I obfuscate JavaScript part?

<html>
<head>

<script type="text/javascript">
<!--
    //Part I want to scramble
    function DoIt()
    {
        var v = "This is the string I want to be scrambled";
        alert("Scrambled OK\nHere is the string:\n\n" + v);
    }
    //End of part that I want to scramble

-->
</script>
</head>
<body>

<script type="text/javascript">
<!--
    DoIt();
-->
</script>
</body>
</html>

A: There are three ways this could be done:
  1. Start Scripts Encryptor, or click "Clear 'Before'" if it's already running. Copy the whole snippet (from <html> tag to </html> tag) into 'Before' window of Scripts Encryptor. Select 'HTML + JavaScript' in the Type field. Select other appropriate conversion settings, including "Encode Script". Make sure "Scramble" is selected in the Operation field. Click Convert button. 'After' window will now have the scrambled code. Simply copy and paste it back to your HTML editor, or save it as HTML file right from the Scripts Encryptor. (Please note, that the 'Scramble' selection will also scramble HTML tags on this page. To avoid changing HTML use 'No changes' option in the Operation field.)
     
  2. Start Scripts Encryptor, or click "Clear 'Before'" if it's already running. Copy desired JavaScript part (everything between <!--  and --> in the first <script> and </script> tags, marked with green in the sample above) into 'Before' window of the Scripts Encryptor. Select 'JavaScript' in the Type field. Select other appropriate conversion settings, including "Encode Script". Make sure "Scramble" is selected in the Operation field. Click Convert button. 'After' window will now have the scrambled code. Copy entire contents of the 'After' window and paste it back in place of the initial JavaScript segment preserving <script>, </script> tags. Remove the <!-- and --> tags. Change the <script> tag to <script language="JScript.Encode">. The resulting HTML should look like this: (Do not copy the block below to your HTML editor as it may display errors since some encoded characters could not be displayed here!)
    <html>
    <head>

    <script language="JScript.Encode">
    #@~^+AAAAA==W!x^DkKxPGW&O`* -lMP-xrKtbd-!!!yTwFlFk-TcTw!!TGWwEZ!0'E!Tl-;!Z+Z/O'EZ!Gyk wFWGw!W!(wZc!';!ZGG'q*F Y'!*!w;Z!{cK~-!!Ty-ETT+*w!WTkmw!!ZG m-!T!+N8V'ETT+*-8*cril^n.YvJUm.-;TZvq:(s+9P6F'xCnw!!TGyn,-;Z!+,/'EZT ZY4+'ETTy!-!T!F&Y'q bx'F*Gw;Z!fl'U- JQ-*89EgAAA==^#~@
    </script>
    </head>
    <body>

    <script type="text/javascript">
    <!--
        DoIt();
    -->
    </script>
    </body>
    </html>

     
  3. Start Scripts Encryptor, or click "Clear 'Before'" if it's already running. Copy desired JavaScript part (everything between <!--  and --> between the first <script> and </script> tags, marked with green in the first sample above) into 'Before' window of the Scripts Encryptor. Select 'JavaScript' in the Type field. Select other appropriate conversion settings, including "Encode Script". Make sure "Scramble" is selected in the Operation field. Click Convert button. 'After' window will now have the scrambled code. Click "Save 'After' window" button and save it as "temp.js" file in the same folder where you will be running the HTML sample from. Change the entire first <script> </script> tag to <script language="JScript.Encode" src="temp.js"></script>. The resulting HTML should look like this:
    <html>
    <head>

    <script language="JScript.Encode" src="temp.js"></script>
    </head>
    <body>

    <script type="text/javascript">
    <!--
        DoIt();
    -->
    </script>
    </body>
    </html>
The 3rd way is more preferable as it saves scrambled data in a separate file, which prevents unintentional alteration of one of the encoded symbols in the HTML editor. You can also use 1st method to scramble page ready for posting on your website. Fore more information please refer to the Manual or the Samples Page.
  Q9:  I tried encoding JavaScript using "Encode Script" option. It works good in Internet Explorer but will it work in other browsers?
A: No, it won't. Moreover, the latest versions of the Internet Explorer do not support it either. The only recommended use of the Windows Script Encoder method is to scramble your server-side scripts (such as classic ASP, or scripts that will be running through the Windows Scripting Host engine.)
  Q10:  I know that Scripts Encryptor must be using [System] Registry, but since it doesn't support uninstallation how do I completely remove it?
A: Since version 3.0.3.4, Scripts Encryptor supports installation and un-installation through the Windows Control Panel, so the registry settings are added and removed automatically for you. If you're currently running an older version of the Scripts Encryptor, please update to the latest version here.
  Q11:  Does the Scripts Encryptor's installer support silent installation?
A: Yes, it does. You can use the following options for the silent installation:

  • Install Scripts Encryptor with default features:

     msiexec.exe /qn /i "ScrEnc-Installer.msi"
     
  • Install Scripts Encryptor with complete set of features:

     msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=All
     
  • Install Scripts Encryptor with specific features:

     msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=<Features>

    where, <Features> is a comma-separated list of the following features that you'd like to install:

    Feature Name Description
    MainProgram Program & Documentation
    ShortcutsStart Start Menu Shortcuts
    ShortcutsDesktop Desktop Shortcut
    OpenWith Add 'Open with' file associations
    EnvPath Add screnc to the %PATH%, global Environment Variable

    Example:

     msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=MainProgram,ShortcutsDesktop
     

  • Uninstall Scripts Encryptor:

     msiexec.exe /qn /x "ScrEnc-Installer.msi"

Where "ScrEnc-Installer.msi" is the name of the Scripts Encryptor's installer, that can be downloaded from here.

INFO: Note that all commands above must be run with administrative privileges.
  Q12:  I sent you an email via your contact page but didn't receive your response. Do you answer those at all?
A: Yes, we do answer all of our received feedback questions & support requests. Keep in mind though that we're a small group of developers and don't always have resources to answer your questions right away. In general you should receive a response from our support team after a couple of days after your submission. Depending on the severity of the issue we may reply sooner, or even immediately.

It is also important for you to know how to configure your email client (program) to receive a response from us. You would be amazed how many emails that we reply to, bounce back only because your email server does not like our email address. The emailing business is very unreliable, so please keep this in mind. To make sure that you can receive our email responses add our domain @dennisbabkin.com into your email client's trusted list. Also make sure to check the spam folder, as it seems to be all too often that new emails are put there by some "extra zealous" email providers such as AOL.com, Yahoo.com, and others, especially if your company runs their own email server. (As a suggestion, get yourself a good free email account at Google's gmail.com that should work fine.)

Having said that, keep in mind that we will not answer the following requests:

  • Any types of solicitations will be ignored.
  • Any requests to list your web site on our site will be ignored. We do not run commercials of any kind.
  • Any Search Engine Optimization solicitations, besides being a scam, will also be ignored.
  • Do not ask us to call you. All correspondence will go via email only.
  • If you need permission to post our software on your web site, or publish it in your magazine, or include it on a CD/DVD/media disc that comes with it, you have our permission to do so. Make sure to take the software from this page.

And lastly, if you sent us a message and we haven't gotten back to you, this means that something went wrong. Please try sending it again, after having set up your email client as was described above. Also, try using any of your alternate email addresses from a different email provider.

And if you're a Twitter user, you can tweet to us @dennisbabkin.

  Q13:  I paid for the software license but I didn't receive my registration code. How do I get it?
A: All license registrations are dispatched to users via automated email messages right after the license payment is complete. The registration email is usually sent out within seconds after the payment processor notifies us of the payment. The email address that is used to send out registration emails is the address associated with the buyer's user account at the payment processor (example: PayPal.)

In normal circumstances you should receive a confirmation email from the payment processor (example: PayPal) notifying you of the payment status, as well as our own automated registration email that will contain your registration name, registration code and additional details about the license and how to register your copy of the software. Note that if your payment was not immediately cleared by the payment processor (as in case of an eCheck or a similar deferred payment) our registration email will be delayed until the payment is fully cleared by the payment processor, which in some cases may take days.

Since all license registrations are sent out via email it is important for the buyers to know how to configure their email server's spam filter so that they can receive license registration emails. Read FAQ 12 for details.

In case you experience issues registering the software, or if you did not find our automated registration email in your inbox make sure to read FAQ 12 first, and then contact us via feedback. Please note that if you're sending us a support request make sure to use a different email server than the one that you did not receive your registration on to! Otherwise our response will be also blocked by your mail server.

  Q14:  Why do I get an error when I scramble by Classic ASP pages? In particular why does IIS complain that "Page Command Repeated"?
A: When Scripts Encryptor scrambles your code it works with one file at a time. It does not have the capability to process a group of classic ASP files. At the same time, to make scrambled files recognizable by your web server it modifies/adds @language directive at the beginning of each scrambled file. This works well if you have only one .asp file in your classic ASP page. But in case you’re dealing with more than one scrambled file, such as when you have includes, there are some additional steps that need to be taken.

Let's review a very simple example. Say, your default.asp file that loads the page contains the following classic ASP code:

<!--#include virtual="database.inc" -->
<!--#include virtual="common.inc" -->

<%
Response.Write ("Strings go here: ")
Response.Write (str1)
Response.Write (str2)
%>

Then the database.inc file contains this script:

<%
'set first string
str1 = "==string from database.inc file== "
%>

And common.inc contains this script:

<%
'set second string
str2 = " --string from common.inc file-- "
%>

If you encode each of these scripts individually with Scripts Encryptor using Windows Script Encoder method, the built-in encoder will add <%@language=VBScript.Encode%> directive on top of each scrambled file. But that would violate classic ASP rules that say that you cannot use more than one @language directive per page (since in our case we will have 3 such directives for each file) and as the result when you try to load that page from a web server, it will result in the "Page Command Repeated" error.

It is very easy to resolve this problem. You need to specify @language directive only in the first scrambled file per web page.

In case you’re scrambling your classic ASP pages using the Graphic User Interface of the Scripts Encryptor, then go to Tools –> Conversion Properties and uncheck "Add/update @language directive when encoding scripts" option before scrambling your included files. Keep in mind though, that that option must be checked on for other scrambled files.

In case you’re using command line calls to the Scripts Encryptor to scramble your files, separate your .asp files into two groups. One group -- where @language directive should not be included, i.e. files that you will include into other .asp files, and the second group where @language directive must be included. Then create two separate command line calls. For one where the @language directive should not be included add /xle command line parameter that will instruct Scripts Encryptor not to include @language directive to scrambled files.

So after that, our scrambled default.asp file should look like this:

<%@language=VBScript.Encode%><!--#include virtual="database.inc" --><!--#include virtual="common.inc" --><%#@~^RwAAAA==]/2Kxk+RqD&O2vJ[lDl~4D+=~J*)IAd2W ?R DrO`dY"q#=IndhWxd3c.kDnv/OM *MBgAAA==^#~@%>

Then database.inc file will look like this (note, that @language directive is not present in the beginning):

<%#@~^KQAAAA==dDDq{J{'/DDbUo,0.WsP[CDl4md+cl/a~Wk^+{'~JEQ4AAA==^#~@%>

And lastly common.inc file will look like this (also note, that @language directive is not present):

<%#@~^KAAAAA==dDI+{J,OOkYMrxTPWDK:~^K::KURm/w,WrVO PEJg0AAA==^#~@%>
 


To ask your own question: Please use our feedback page.

 

This is the private web site. Copyright (c) 2003-2017
Last updated: April 30, 2017