Version: | 3.0.3.9 |
Frequently Asked Questions
Here are some questions asked about this software:- Who is the author of the software available for downloads on this web site?
- What is the experience of the authors of the software?
- Why is some software on this web site not free?
- If I buy any of the software product licenses, will I be entitled for promotions and discounts?
- How strong is encryption performed by your software?
- I have encoded the JS file, but I can decode it back to a readable file. I realize that it should be decodable in order for IE to read it but it just worries me that if I encode it that anybody can decode it?
- What is the difference between the version for Windows 95/98/ME and the version for Windows NT/2000/XP?
- I have the following code snippet, how can I obfuscate JavaScript part?
- I tried encoding JavaScript using "Encode Script" option. It works good in Internet Explorer but will it work in other browsers?
- I know that Script Encoder Plus must be using [System] Registry, but since it doesn't support uninstallation how do I completely remove it?
- Does the Script Encoder Plus's installer support silent installation?
- I sent you an email via your contact page but didn't receive your response. Do you answer those at all?
- I paid for the software license but I didn't receive my registration code. How do I get it?
- Why do I get an error when I scramble my Classic ASP pages? In particular why does IIS complain that "Page Command Repeated"?
- What is "Scripts Encryptor" and why is it no longer listed on your website?
- Why can't I use PayPal directly to purchase Script Encoder Plus?
- What apps can I use to make a Bitcoin (BTC) payment?
- How is my Bitcoin (BTC) payment processed?
- How long can I wait to pay the invoice for my license using Bitcoin (BTC)?
Answers
Who is the author of the software available for downloads on this web site?
Every software product available for downloading on this website was designed and coded by a trusted team of developers lead by Dennis A. Babkin. For authenticity and to provide better trust for our users we code-sign our executable files with Dennis' personal digital certificate.
To check authenticity of any of our executable file, right-click it (.exe, .msi or .dll files only) and go to its Properties. Then switch to Digital Signatures, and make sure that the signer (or publisher) on the certificate is Dennis A. Babkin. Then highlight it, click "Details" and make sure that "Digital Signature Information" is shown as "This digital signature is OK."
This is how you can make sure that the software is genuine, that it was not tampered with and that it came unaltered from our developers. We always stand by all of our signed files.
In case an exectuble file that "claims" to have been downloaded from our site does not pass any of the steps of the digital signature verification outlined above, DO NOT run that file and notify us about it!
What is the experience of the authors of the software?
Our software developers have a wide range of skills including: C, C++, MFC, Objective-C/Cocoa/Cocoa Touch, C#, ASP.NET, HTML/DHTML, JavaScript, VBScript, PHP, SQL/MySQL, ActionScript, x86 Assembly, and much more. Also design and graphics skills with Adobe Photoshop, Adobe After Effects, Adobe Acrobat, Adobe Dreamweaver, Microsoft Office, and more.
Why is some software on this web site not free?
Well, it's an interesting question. Why do we have to pay for food in a store when we can forage for it? It's the matter of convenience, isn't it. To be serious though, the charge for the license of our software is used primarily for the development of new features and to expand and improve an already existing functionality. It takes a lot of time and effort to develop software, so you're paying for that. Still, most of our software on this site is distributed absolutely for free. No ads, no promotions, no data mining. Just free. That is our way of giving back.
If I buy any of the software product licenses, will I be entitled for promotions and discounts?
Yes, absolutely. Besides showing your support for our team and for future development, you will be entitled for free updates of the software. Any other information will be included in the license agreement for a particular software product.
How strong is encryption performed by your software?
[This answer pertains to the older version of this software and is kept here for compatibility reasons.]
That is a good question. Many people confront us with the fact that our software does not provide strong "encryption" of Java Script, VBScript, classic ASP, etc. Well, let me tell you, to be specific it does not provide encryption at all. What it does, it obfuscates, or scrambles the code that makes it difficult (but, let me stress, not impossible) for a casual person to read or reverse engineer. Please keep in mind that such is due to the limitations of the scripting languages and has nothing to do with our software.
Further more, any type of computer code, or script will not allow encryption by definition, since it has to be read by your computer to be able to run it. And if so, an attacker with enough persistence can read and reverse-engineer the same code as well.
My own goal of using Script Encoder Plus is to compress and scramble the code, but not to encrypt it! Also keep in mind the following important notion - store all sensitive content on the web server side! Do not upload it as a client-side script! Adding scrambling, or obfuscation, to the server-side code will make it difficult to reverse-engineer and can act as a second line of defense. Any client-side logic that can be downloaded to the user's web browser should not contain any sensitive information, even if scrambled!
I have encoded the JS file, but I can decode it back to a readable file. I realize that it should be decodable in order for IE to read it but it just worries me that if I encode it that anybody can decode it?
[This answer pertains to the older version of this software and is kept here for compatibility reasons.]
I understand your concern about protection of JS files. Unfortunately, at the current time there is no known encryption of JavaScript and/or HTML to be at least as hard to reverse-engineer as compiling of C/C++ source code into an executable file. Due to limitations imposed by web browsers the only way to hide your code would be to scramble it into blocks of code unreadable for humans. Our product provides means for that.
Since during processing a web browser has to decode and interpret each line of code in your script, there also exist other means to un-scramble it. Script Encoder Premium is one of them. It incorporates features for that and bundles them into one GUI package. Again, I want to repeat that there is no known way to encrypt JS or HTML files to be inaccessible by hackers and advanced users. The main goal of using our product should be an attempt to either optimize JS/VBScript files to improve performance, or to scramble them to protect against an average intruder.
Also as a suggestion, I'd strongly recommend to separate your code into two parts: server and client side. Put all the sensitive information on the server, while the rest should go into the client-side scripts, downloadable to a user's machine. So far, this is the only sure way to protect your code against intrusion and reverse engineering.
What is the difference between the version for Windows 95/98/ME and the version for Windows NT/2000/XP?
[This answer pertains to the older version of this software and is kept here for compatibility reasons.]
Script Encoder Plus is no longer provided for Windows 95/98/ME or Windows NT/2000 due to obsolescence of those machines.
I have the following code snippet, how can I obfuscate JavaScript part?
<html>
<head>
<script type="text/javascript">
<!--
//Part I want to scramble
function DoIt()
{
var v = "This is the string I want to be scrambled";
alert("Scrambled OK\nHere is the string:\n\n" + v);
}
//End of part that I want to scramble
-->
</script>
</head>
<body>
<script type="text/javascript">
<!--
DoIt();
-->
</script>
</body>
</html>
[This answer pertains to the older version of this software and is kept here for compatibility reasons.]
There are three ways this could be done:
- Start Script Encoder Plus, or click "Clear 'Before'" if it's already running. Copy the whole snippet (from <html> tag to </html> tag) into 'Before' window of Script Encoder Plus. Select 'HTML + JavaScript' in the Type field. Select other appropriate conversion settings, including "Encode Script". Make sure "Scramble" is selected in the Operation field. Click Convert button. 'After' window will now have the scrambled code. Simply copy and paste it back to your HTML editor, or save it as HTML file right from the Script Encoder Plus. (Please note, that the 'Scramble' selection will also scramble HTML tags on this page. To avoid changing HTML use 'No changes' option in the Operation field.)
- Start Script Encoder Plus, or click "Clear
'Before'" if it's already running. Copy desired JavaScript part
(everything between <!-- and --> in the first <script> and </script> tags) into 'Before' window of the Script Encoder Plus.
Select 'JavaScript' in the Type field. Select other appropriate
conversion settings, including "Encode Script". Make sure "Scramble"
is selected in the Operation field. Click Convert button. 'After'
window will now have the scrambled code. Copy entire contents of the
'After' window and paste it back in place of the initial JavaScript
segment preserving <script>, </script> tags. Remove the <!--
and --> tags. Change the <script> tag to <script language="JScript.Encode">.
The resulting HTML should look like this: (Do not copy the block below to your HTML editor as it
may display errors since some encoded characters could not be
displayed here!)
<html>
<head>
<script language="JScript.Encode">
#@~^+AAAAA==W!x^DkKxPGW&O`* -lMP-xrKtbd-!!!yTwFlFk-TcTw!!TGWwEZ!0'E!Tl-;!Z+Z/O'EZ!Gyk wFWGw!W!(wZc!';!ZGG'q*F Y'!*!w;Z!{cK~-!!Ty-ETT+*w!WTkmw!!ZG m-!T!+N8V'ETT+*-8*cril^n.YvJUm.-;TZvq:(s+9P6F'xCnw!!TGyn,-;Z!+,/'EZT ZY4+'ETTy!-!T!F&Y'q bx'F*Gw;Z!fl'U- JQ-*89EgAAA==^#~@ </script>
</head>
<body>
<script type="text/javascript">
<!--
DoIt();
-->
</script>
</body>
</html> - Start Script Encoder Plus, or click "Clear
'Before'" if it's already running. Copy desired JavaScript part
(everything between <!-- and --> between the first <script> and </script> tags, marked
with green
in the first sample above) into 'Before' window of the Script Encoder Plus.
Select 'JavaScript' in the Type field. Select other appropriate
conversion settings, including "Encode Script". Make sure "Scramble"
is selected in the Operation field. Click Convert button. 'After'
window will now have the scrambled code. Click "Save 'After' window"
button and save it as "temp.js" file in the same folder where you
will be running the HTML sample from. Change the entire first <script>
</script> tag to <script language="JScript.Encode" src="temp.js"></script>.
The resulting HTML should look like this:
<html>
<head>
<script language="JScript.Encode" src="temp.js"></script> </head>
<body>
<script type="text/javascript">
<!--
DoIt();
-->
</script>
</body>
</html>
The 3rd way is more preferable as it saves scrambled data in a separate file, which prevents unintentional alteration of one of the encoded symbols in the HTML editor. You can also use 1st method to scramble page ready for posting on your website. Fore more information please refer to the Manual or the Samples Page.
I tried encoding JavaScript using "Encode Script" option. It works good in Internet Explorer but will it work in other browsers?
[This answer pertains to the older version of this software and is kept here for compatibility reasons.]
No, it won't. Moreover, the latest versions of the Internet Explorer do not support it either. The only recommended use of the Windows Script Encoder method is to scramble your server-side scripts (such as classic ASP, or scripts that will be running through the Windows Scripting Host engine.)
I know that Script Encoder Plus must be using [System] Registry, but since it doesn't support uninstallation how do I completely remove it?
Since version 3.0.3.4, Script Encoder Plus supports installation and un-installation through the Windows Control Panel, so the registry settings are added and removed automatically for you. If you're currently running an older version of the Script Encoder Plus, please update to the latest version here.
Does the Script Encoder Plus's installer support silent installation?
Yes, it does. You can use the following options for the silent installation:
- Install Script Encoder Plus with default features:
msiexec.exe /qn /i "ScrEnc-Installer.msi"
- Install Script Encoder Plus with complete set of features:
msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=All
- Install Script Encoder Plus with specific features:
msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=<Features>
where, <Features> is a comma-separated list of the following features that you'd like to install:Feature Name Description MainProgram Program & Documentation ShortcutsStart Start Menu Shortcuts ShortcutsDesktop Desktop Shortcut OpenWith Add 'Open with' file associations EnvPath Add screnc to the %PATH%, global Environment Variable Example:
msiexec.exe /qn /i "ScrEnc-Installer.msi" ADDLOCAL=MainProgram,ShortcutsDesktop
- Uninstall Script Encoder Plus:
msiexec.exe /qn /x "ScrEnc-Installer.msi"
Where "ScrEnc-Installer.msi" is the name of the Script Encoder Plus's installer, that can be downloaded from here.
INFO: Note that commands above may be required to run with administrative privileges.
- Install Script Encoder Plus with default features:
I sent you an email via your contact page but didn't receive your response. Do you answer those at all?
Yes, we do answer all of our received feedback questions & support requests. Keep in mind though that we're a small group of developers and don't always have resources to answer your questions right away. In general you should receive a response from our support team after a couple of days after your submission. Depending on the severity of the issue we may reply sooner, or even immediately.
It is also important for you to know how to configure your email client (program) to receive a response from us. You would be amazed how many emails that we reply to, bounce back only because your email server does not like our email address. The emailing business is very unreliable, so please keep this in mind. To make sure that you can receive our email responses add our domain @dennisbabkin.com into your email client's trusted list. Also make sure to check the spam folder, as it seems to be all too often that new emails are put there by some "extra zealous" email providers such as AOL.com, Yahoo.com, and others, especially if your company runs their own email server. (As a suggestion, get yourself a good free email account at Google's gmail.com that should work fine.)
Having said that, keep in mind that we will not answer the following requests:
- Any types of solicitations will be ignored.
- Any requests to list your web site on our site will be ignored. We do not run commercials of any kind.
- Any Search Engine Optimization solicitations, besides being a scam, will also be ignored.
- Do not ask us to call you. All correspondence will go via email only.
- If you need permission to post our software on your web site, or publish it in your magazine, or include it on a CD/DVD/media disc that comes with it, you have our permission to do so. Make sure to take the software from this page.
And lastly, if you sent us a message and we haven't gotten back to you, this means that something went wrong. Please try sending it again, after having set up your email client as was described above. Also, try using any of your alternate email addresses from a different email provider.
And if you're a Twitter user, you can tweet to us @dennisbabkin, or you can message us on Facebook.
I paid for the software license but I didn't receive my registration code. How do I get it?
All license registrations are dispatched to users via automated email messages right after the license payment is complete. The registration email is usually sent out within seconds after the payment processor notifies us of the payment. The email address that is used to send out registration emails is the address associated with the buyer's user account at the payment processor (example: PayPal.)
In normal circumstances you should receive a confirmation email from the payment processor (example: PayPal) notifying you of the payment status, as well as our own automated registration email that will contain your registration name, registration code and additional details about the license and how to register your copy of the software. Note that if your payment was not immediately cleared by the payment processor (as in case of an eCheck or a similar deferred payment) our registration email will be delayed until the payment is fully cleared by the payment processor, which in some cases may take days.
Since all license registrations are sent out via email it is important for the buyers to know how to configure their email server's spam filter so that they can receive license registration emails. Read FAQ 12 for details.
In case you experience issues registering the software, or if you did not find our automated registration email in your inbox make sure to read FAQ 12 first, and then contact us via feedback. Please note that if you're sending us a support request make sure to use a different email server than the one that you did not receive your registration on to! Otherwise our response will be also blocked by your mail server. Also consider direct-messaging us on Twitter instead: @dennisbabkin. Or use Facebook messenger.
-
Why do I get an error when I scramble my Classic ASP pages? In particular why does IIS complain that "Page Command Repeated"?
When Script Encoder Plus scrambles your code it works with one file at a time. It does not have the capability to process a group of classic ASP files. At the same time, to make scrambled files recognizable by your web server it modifies/adds @language directive at the beginning of each scrambled file. This works well if you have only one .asp file in your classic ASP page. But in case you’re dealing with more than one scrambled file, such as when you have includes, there are some additional steps that need to be taken.
Let's review a very simple example. Say, your default.asp file that loads the page contains the following classic ASP code:
<!--#include virtual="database.inc" -->
<!--#include virtual="common.inc" -->
<%
Response.Write ("Strings go here: ")
Response.Write (str1)
Response.Write (str2)
%>Then the database.inc file contains this script:
<%
'set first string
str1 = "==string from database.inc file== "
%>And common.inc contains this script:
<%
'set second string
str2 = " --string from common.inc file-- "
%>If you encode each of these scripts individually with Script Encoder Plus using Windows Script Encoder method, the built-in encoder will add <%@language=VBScript.Encode%> directive on top of each scrambled file. But that would violate classic ASP rules that say that you cannot use more than one @language directive per page (since in our case we will have 3 such directives for each file) and as the result when you try to load that page from a web server, it will result in the "Page Command Repeated" error.
It is very easy to resolve this problem. You need to specify @language directive only in the first scrambled file per web page.
In case you’re scrambling your classic ASP pages using the Graphic User Interface of the Script Encoder Plus, then go to Tools –> Conversion Properties and uncheck "Add/update @language directive when encoding scripts" option before scrambling your included files. Keep in mind though, that that option must be checked on for other scrambled files.
In case you're using command line calls to the Script Encoder Plus to scramble your files, separate your .asp files into two groups. One group -- where @language directive should not be included, i.e. files that you will include into other .asp files, and the second group where @language directive must be included. Then create two separate command line calls. For one where the @language directive should not be included add /xle command line parameter that will instruct Script Encoder Plus not to include @language directive to scrambled files.
So after that, our scrambled default.asp file should look like this:
<%@language=VBScript.Encode%><!--#include virtual="database.inc" --><!--#include virtual="common.inc" --><%#@~^RwAAAA==]/2Kxk+RqD&O2vJ[lDl~4D+=~J*)IAd2W ?R DrO`dY"q#=IndhWxd3c.kDnv/OM *MBgAAA==^#~@%>
Then database.inc file will look like this (note, that @language directive is not present in the beginning):
<%#@~^KQAAAA==dDDq{J{'/DDbUo,0.WsP[CDl4md+cl/a~Wk^+{'~JEQ4AAA==^#~@%>
And lastly common.inc file will look like this (also note, that @language directive is not present):
<%#@~^KAAAAA==dDI+{J,OOkYMrxTPWDK:~^K::KURm/w,WrVO PEJg0AAA==^#~@%>
-
What is "Scripts Encryptor" and why is it no longer listed on your website?
The "Scripts Encryptor" was the original name of the Script Encoder Plus. The name goes back to 2003. "Scripts Encryptor" is basically the same tool (minus all the bug fixes and enhancements that were added to it since it was renamed.) The reason to rename this tool was very simple -- the new name better reflects what the tool actually does and what it does not. Anything else is the same, or improved, I should say.
-
Why can't I use PayPal directly to purchase Script Encoder Plus?
We used to allow automatic purchases of the Script Encoder Plus software licenses via PayPal. Unfortunately, due to PayPal's total inability or willingness to verify in time and catch fraudulent transactions we have to do it manually. In most cases such verification will be very quick and simple. Thank you for your understanding!
It is also important to note that we will originally attempt to contact you via email to perform the verification and also to send you the registration code later. Please read FAQ 12 for details on how to ensure that you can receive our replies!
As an alternative please consider using Bitcoin to pay for your license.
-
What apps can I use to make a Bitcoin (BTC) payment?
There's no restriction on which Bitcoin wallet, or app, you can use to purchase your license. It is entirely up to you.
In case you're not familiar with Bitcoin payments, here's a list of some apps you can use:
- Coinbase - is a well-known & easy-to-use app for buying and sending Bitcoins. You can also use it to purchase Bitcoins using the fiat currency of your country (like Dollars, for instance.) Keep in mind though, that it provides only a custodial wallet, or the wallet that you do not fully control.
- Blockchain - is another app for buying and sending Bitcoins. It also allows you to exchange your local fiat currency (like Dollars) into Bitcoins. This app provides a managed non-custodial wallet that gives you access to the private keys.
- Green Wallet - is a non-custodial wallet that allows you to send and receive Bitcoins. The non-custodial part means that you have a full control over its private keys. The downside of this app though is that you cannot use it to trade fiat currency (like Dollars) into Bitcoin.
- Electrum - is another non-custodial wallet that allows to send and receive Bitcoins, that is also open-source. It can be installed locally on your computer. The downside is that it doesn't support mobile devices, nor exchanging fiat currency (like Dollars) into Bitcoin. This app gives you the most control over your Bitcoin wallet.
-
How is my Bitcoin (BTC) payment processed?
Paying for your license with Bitcoin is the easiest & fastest method that is fully automated. Since recently we had to enact manual verification of payments via PayPal, that significantly slows down and extends the process. With Bitcoin, your license purchase is fully automated and you can receive your license in the matter of hours, or even minutes, without any human interaction.
When you send your Bitcoin payment using our generated invoice (by scanning a QR code in it with a Bitcoin wallet app), our automated server will track and clear it. Depending on the miners fee that you paid for that transaction, it may take from just minutes to several hours to fully clear your payment. Our server will generally wait for about 6 confirmations on the blockchain before it can clear your payment.
After your payment has been cleared, our automated server will send you an email with your requested license. So in case such email did not arrive in your Inbox, make sure to check your Spam, Junk, or `Other` folders. If you still don't see the email with your license after a few hours since you made the payment, please contact us using some alternate method other than email. For instance, use Facebook, or Twitter.
-
How long can I wait to pay the invoice for my license using Bitcoin (BTC)?
We would ask you to pay your invoice right away. This will prevent confusion and will allow our automated server to process it without any human interaction. Generally speaking, this should happen within 24 hours after your invoice is generated.
If you wait longer to pay your invoice, our automated server may delay issuance of your license due to possible discrepancy in the exchange rate between USD and BTC, which in some cases will require a manual interaction from our support team. That in turn, will delay the process.
WARNING: Be very careful when downloading and using any Bitcoin apps that are not listed above. Some of them may try to scam you!