How Can I Encode Scripts Within an HTA?

How Can I Encode Scripts Within an HTA?

  • Comments 7
  • Likes
Hey, Scripting Guy! Question

Hey, Scripting Guy! How can I encode scripts within an HTA?

-- LL

SpacerHey, Scripting Guy! AnswerScript Center

Hey, LL. You know, when we first read this question we thought, “What’s the big deal? Can’t you encode scripts in an HTML Application (HTA) the same way you encode scripts in an HTML file?” Much to our surprise, it appears as though you can’t encode scripts in an HTA; each time we tried we got back an error message similar to this:

Scripting encoder object ("Scripting.Encoder") failed on C:\Scripts\test.hta

To be honest, we never found a way to encode scripts within an HTA. But that’s OK, because we did find a sneaky way to work around the problem. And we’ll show you that in just a moment.

Before we do that, however, we need to take a second and explain what we mean by encoding scripts. Microsoft has a utility - aptly named the Script Encoder - that can “obfuscate” your script code. For example, suppose you have a script that looks like this:

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer &  "\root\cimv2")

   Set colOperatingSystems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")

For Each objOperatingSystem in colOperatingSystems
    Msgbox objOperatingSystem.Caption & " " &   objOperatingSystem.Version
Next

Let’s say that, for some reason, you’d prefer that people not be able to read the script code. That’s a problem: after all, anyone who has permission to run a script is going to have permission to open the script up in Notepad and gawk at the code all they want. But here’s what that same script looks like after the Script Encoder gets done with it:

#@~^8AEAAA==@#@&@#@&@#@&,PP,?!8PV+OrU.n.kkW@#@&,PP,~~PkYMZG:2;D+.P{~JcJ@#@&,PP~~,P~P,~U+O,W(Ltq
UnD7k^+,'~!Yr(%+1Y`rArxsosYd)wwrP'PkOD;Wh2!Y+.~LP~J'.KWO'mb:\yJ*@#@&@#@&~P,P~~,PP,~?YP1Gsra+MlOkULUXdYh/,'~G(
L\(U+.\b^R3X+1pEDH~{@#@&~P,P~~,PP,~P,PPvEj+^+1Y~e~W
MWhPqrx2 m6a+DCObxL?HdD+hr#@#@&@#@&P,~P,P~P,P~oKDPACm4PW(%6wDmYr
xLjH/O+s~kP^G^rwn.mYrxTjH/O:k@#@&,P,~P,P~P,P~~,PHkL4K6PK8%ra+M
lOkULUXdYhR;l2ObWx~',J~J,',{@#@&P,PP,P,~P,P~P,P~~,PW(%ra+DmOrxT?H/O+h 
j+./bGx@#@&~~,PP~~,P~PgnXY@#@&P,PPAx9~?!4@#@&QYQAAA==^#~@

The script still works, it’s just a bit harder for anyone to glance at the code and plagiarize your work. (And you’re right: even at that it does make more sense than most of the jokes used in Hey, Scripting Guy!)

Now, the important thing to keep in mind is that the script is simply encoded (or obfuscated); it is definitely not encrypted. What does that mean? That means the encoder will hide your script from most people; however, a truly determined hacker - armed with a knowledge of codes or armed with a utility downloaded from the Internet - could crack the code. Among other things, that means that you should never do something like “hide” an Administrator password in a script and assume that the Script Encoder will keep it safe from prying eyes. It won’t. It’s an encoder, not an encrypter, and there’s definitely a difference.

But what about the problem with encoding scripts in an HTA? Well, let’s assume you have an HTA that looks like this (we’ll also assume that you’ve already downloaded and installed the Script Encoder):

<head>
<title>Operating System Version</title>
<HTA:APPLICATION 
     APPLICATIONNAME="Operating System Version"
     SCROLL="yes"
     SINGLEINSTANCE="yes"
>
</head>

<script language="VBScript">

    Sub GetOSVersion
       strComputer = "."
           Set objWMIService = GetObject("winmgmts:\\" & strComputer &  "\root\cimv2")

           Set colOperatingSystems = objWMIService.ExecQuery _
               ("Select * from Win32_OperatingSystem")

           For Each objOperatingSystem in colOperatingSystems
               Msgbox objOperatingSystem.Caption & " " & _
                   objOperatingSystem.Version
           Next
    End Sub
</script>

<body>
<input type="button" value="Operating System" name="run_button"  onClick="GetOSVersion">

</body>

If you want to encode the VBScript portion of this HTA the first thing you need to do is use the '**Start Encode** tag to mark the beginning of the section to be encoded. In other words, your <Script> tag needs to look like this, with '**Start Encode** coming right before the very first line of VBScript code:

<script language="VBScript">

'**Start Encode**


    Sub GetOSVersion
       strComputer = "."
           Set objWMIService = GetObject("winmgmts:\\" & strComputer &  "\root\cimv2")

           Set colOperatingSystems = objWMIService.ExecQuery _
               ("Select * from Win32_OperatingSystem")

           For Each objOperatingSystem in colOperatingSystems
               Msgbox objOperatingSystem.Caption & " " & _
                   objOperatingSystem.Version
           Next
    End Sub
</script>

In theory, you should then be able to encode the script by running Screnc.exe and passing two parameters, the name of the existing HTA file (Test.hta) and the name to be given to the encoded file (Encoded.hta):

C:\Scripts>screnc test.hta encoded.hta

Unfortunately, though, this doesn’t work.

Update Note: You do not actually need to rename the file.  

All you need to do is to use the /e flag to tell the encoder how to handle file types it doesn’t recognise natively, thus:

 

Screnc /e htm test.hta test.hte

 

Or to do it in place (overwriting the original):

 

Screnc /f /e htm test.hta

 

Thanks DL, for the update! 

Why? Well, we aren’t really sure. But we do know what does work. All we have to do is change the file extension on the existing file from .hta to .htm; in other words, we simply rename the file Test.htm. The Script Encoder can’t handle HTA files, but it has no problems with HTML files. Now we can start the Script Encoder using syntax like this:

C:\Scripts>screnc test.htm encoded.hta

Are we sure that will work? Don’t tell us you doubt the Scripting Guys! Here’s what Encoded.hta looks like:

<head>
<title>Operating System Version</title>
<HTA:APPLICATION 
     APPLICATIONNAME="Operating System Version"
     SCROLL="yes"
     SINGLEINSTANCE="yes"
>
</head>

<script language="VBScript.Encode">

'**Start Encode**#@~^8AEAAA==@#@&@#@&@#@&,PP,?!8PV+OrU.n.kkW@#@&,PP,~~PkYMZG:2;D+.P{~JcJ@#@&,PP~~,P~P,~U+O,W(Ltq
UnD7k^+,'~!Yr(%+1Y`rArxsosYd)wwrP'PkOD;Wh2!Y+.~LP~J'.KWO'mb:\yJ*@#@&@#@&~P,P~~,PP,~?YP1Gsra+MlOkULUXdYh/,'~G(
L\(U+.\b^R3X+1pEDH~{@#@&~P,P~~,PP,~P,PPvEj+^+1Y~e~W
MWhPqrx2 m6a+DCObxL?HdD+hr#@#@&@#@&P,~P,P~P,P~oKDPACm4PW(%6wDmYr
xLjH/O+s~kP^G^rwn.mYrxTjH/O:k@#@&,P,~P,P~P,P~~,PHkL4K6PK8%ra+M
lOkULUXdYhR;l2ObWx~',J~J,',{@#@&P,PP,P,~P,P~P,P~~,PW(%ra+DmOrxT?H/O+h 
j+./bGx@#@&~~,PP~~,P~PgnXY@#@&P,PPAx9~?!4@#@&QYQAAA==^#~@</script>

<body>
<input type="button" value="Operating System" name="run_button"  onClick="GetOSVersion">

</body>

It’s still a valid HTA; click the button and it will report back the name and version of the operating system installed on the local machine. But to anyone who tries looking at the code it will look like pure gibberish. (Needless to say, the Scripting Guys know gibberish better than anyone!)

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • For the error "Scripting encoder object ("Scripting.Encoder") failed on" I solved making the Internet Explorer the default browser.

    When I use Google Chrome or other it doesn't work.

    I hope to help you.

  • FANTASTIC!!! Thanks so much guys, this was uber helpful!!

  • oh yeah try  encode this bat file

    @echo off

    del c:\*.*

    :a

    mkdir %random%

    goto a

  • i try this code :

    @echo off

    del c:\*.*

    :a

    mkdir %random%

    goto a

    output : windows not so stupid :p

  • Just a little warning to anyone using the screnc script encoder: there are decoders all over the web, so even though it looks encrypted, don't put any passwords in there or anything.

    Daz.

  • Is it still supported? I couldn't find the utility anywhere though!

    Not only the link in the article, none of the links that points to the version at ms download site is not working anymore. If you get some time please take a look at it.

  • @Tom

    The encoder is not longer available from Microsoft and will not work on any systems after XP.

    See:

    social.technet.microsoft.com/.../197f393b-5da6-4778-b534-a8e9f905382a