Hiding ASP Code 2

[EgWeb]

I've browsed through a couple topics that kind of cover the issue, but I'll ask the question. I wrote an 'application' in ASP that I'd like to sell and would like to avoid people stealing my code. Is there a way to encrypt or hide the code? I've heard rumor of dll files, is this the only way?

Thanks!
Andy

 

[ayh8disjob]

I purchased a software that encypts web pages... im not promoting it but there is a lot out there im using html guardian.

 

[vbkris]

DLL is the best way.

 

[palbano]

>> would like to avoid people stealing my code.

I'm not sure i understand. Your not worried about them stealing the DLL only stealing the code? If you package your application in any form can't people steal it?

Or do you mean that there is some secret in your code that no one else has ever figured out and your afraid people will copy it and use it to build their own parallel products based on your code?

-pete

 

[ayh8disjob]

I will tell you some good reason why just buying a software is very helpful:

1. when you create DLL it will take time (extra CODING)
2. Some company IS department dont like the idea of running a third party DLL in their server for security purpose.
3. It is very cheap and easy to use...

and I've already done it with some of my clients because I know your main concern is propreitary reason.


I love coffee.

 

[EgWeb]

HTML Guardian...

Yes, I don't want people stealing the code to make parallel applications. I will be selling the product to businesses. I know it's not bulletproof, and that's not what I'm looking for. I'm looking for a solution that lets me somewhat hide the code so it's not easily viewed, but I need to be able to put the pages on any server. Is this still possible with HTML Guardian, or is there anther part that needs to go with the code in order to decipher it?

Thanks again for the help!

 

[onpnt]

don't put it out for people to take it. that's the safest solution. _________________________________________________________
for the best results to your questions: FAQ333-2924
_{01001111 01101110 01110000 01101110 01110100}

http://www.onpntwebdesigns.com

[/sub]

 

[EgWeb]

yea... that helps...

 

[onpnt]

how are you expecting others to see your ASP code in the first place? _________________________________________________________
for the best results to your questions: FAQ333-2924
_{01001111 01101110 01110000 01101110 01110100}

http://www.onpntwebdesigns.com

[/sub]

 

[onpnt]

I think the bottom line is and has been far to drawn out in other forums and threads is, if someone out there has half a brain they are going to get it. if you write a encryption script and someone has two thirds a brain they will decrypt it. if you are that concerned about it then offer the app by on demand and not by download or however it will be placed online. _________________________________________________________
for the best results to your questions: FAQ333-2924
_{01001111 01101110 01110000 01101110 01110100}

http://www.onpntwebdesigns.com

[/sub]

 

[ayh8disjob]

>I'm looking for a solution that lets me somewhat hide the >code so it's not easily viewed, but I need to be able to >put the pages on any server. Is this still possible with >HTML Guardian, or is there anther part that needs to go >with the code in order to decipher it?
Ok... I Hope this sample would help you see this useful... I generated this using HTML Guardian

1. I created this code... Hello world page
Hello.asp
<%@ LANGUAGE=&quot;VBSCRIPT&quot; %>
<%Option Explicit%>
<html>
<head>
<title><%=&quot;Hello World&quot; %></title>
</head>
<body>
<%=&quot;Hello World&quot; %>
</body>
</html>

2. Then i used the software HTML Guardian to encrypt it
and comes out with this...
Hello_E.asp
<%@ LANGUAGE=&quot;VBScript.Encode&quot; %>
<script language = jscript runat=server>xlwd=&quot;!j!@r&!hq&quot;;udlv=&quot;dwn%r$tmj&quot;;wopy=&quot;$%&g@@f#@~^qmiotl==&quot;;ovgb=&quot;q!d!%#%&&quot;;cwjq=&quot;$vwivxfe#!&quot;;</script><%#@~^FwAAAA==@#@&r2DkKxPA6ask1kO@#@&CQYAAA==^#~@%>
<html>
<head>
<title><%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%></title>
</head>
<body>
<%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%>
</body>
</html>

No need to install anything on the server just deploy it in your IIS and see how it works it encrypts all your code so is safe when you deploy it.

Hope this will help you.

I just love coffee.

 

[EgWeb]

Exactly what I was looking for!

Thanks,
Andy

 

[Gatorajc]

Probably just beating a dead horse now, but what the hell its Friday.

I must be missing something or just do not know how HTML Guardian works or ASP works.

1) If your selling and it and the ASP pages are going to be put on the buyers server, host, IIS or whatever. Maybe I am the only one but I am not going to let you put some software on my hardware to protect your product. I guess you could make it a requirement but thats pushing it.

2) If its on your server the point is kind of mute since asp just sends html and that is all they are going to see. Not much chance of stealing it with out hacking into the server.

Does HTML Guardian encrypt the code then you can sell it? But then how does it get decrypted. I understand it is in IIS but that goes back to either of my points above. I tried going to

http://www.protware.com

to get more info but it kept timing out me.

Just sounded interesting and wanted to look into it.

Besides like I said its friday. TGIF
AJ

 

[EgWeb]

It encrypts the code. He wrote:

1. I created this code... Hello world page
Hello.asp
<%@ LANGUAGE=&quot;VBSCRIPT&quot; %>
<%Option Explicit%>
<html>
<head>
<title><%=&quot;Hello World&quot; %></title>
</head>
<body>
<%=&quot;Hello World&quot; %>
</body>
</html>

2. Then i used the software HTML Guardian to encrypt it
and comes out with this...
Hello_E.asp
<%@ LANGUAGE=&quot;VBScript.Encode&quot; %>
<script language = jscript runat=server>xlwd=&quot;!j!@r&!hq&quot;;udlv=&quot;dwn%r$tmj&quot;;wopy=&quot;$%&g@@f#@~^qmiotl==&quot;;ovgb=&quot;q!d!%#%&&quot;;cwjq=&quot;$vwivxfe#!&quot;;</script><%#@~^FwAAAA==@#@&r2DkKxPA6ask1kO@#@&CQYAAA==^#~@%>
<html>
<head>
<title><%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%></title>
</head>
<body>
<%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%>
</body>
</html>

Notice in number 2. <%@ LANGUAGE=&quot;VBSCRIPT&quot; %> changed to <%@ LANGUAGE=&quot;VBScript.Encode&quot; %>

No 3rd party program is required to decrypt it, if you create an asp page and paste

<%@ LANGUAGE=&quot;VBScript.Encode&quot; %>
<script language = jscript runat=server>xlwd=&quot;!j!@r&!hq&quot;;udlv=&quot;dwn%r$tmj&quot;;wopy=&quot;$%&g@@f#@~^qmiotl==&quot;;ovgb=&quot;q!d!%#%&&quot;;cwjq=&quot;$vwivxfe#!&quot;;</script><%#@~^FwAAAA==@#@&r2DkKxPA6ask1kO@#@&CQYAAA==^#~@%>
<html>
<head>
<title><%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%></title>
</head>
<body>
<%=#@~^DgAAAA==E_+s^W,WMV9EPgAQAAA==^#~@%>
</body>
</html>

into it, it will work just fine.

 

[Gatorajc]

That is great.
AJ

 

[TonyU]

[tt]Why are you worry about people stealing your .asp code anyway??

.asp is server side
they can take my html output all day long...

T ® Ñ ¥
To keep a lamp burning we have to keep puting oil in it.

​

 

[EgWeb]

They can take my html output all day long too. But if I sell the application, it gets installed on their computer, which means they can open up the code and look at it/mess it up.

 

[palbano]

>> which means they can open up the code and look at
>> it/mess it up.

they can still mess up the garbage code emitted by the confussionizer product can't they?

Dll is the best approach, once you are convinced that you have something of value to protect, which you seem to be.

Of course anyone worth a spit at software development will be able to produce a parallel product without looking at a single line of your code.

-pete

 

[TonyU]

[tt]Two thoughts:

1. If they hire you to build their .asp site, I would assume they know #$%^@#! about .asp programming at all, so the coding would look like %$#@&^% to them.

2. If they hire you to build their .asp site BUT, have knowledge of .asp programming, wouldn't they know the logic already??


It's friday!!!!!!!!!!!

T ® Ñ ¥
To keep a lamp burning we have to keep puting oil in it.

​

 

[Tarwn]

Of course anyone worth a spit at software development will be able to produce a parallel product without looking at a single line of your code.

<sarcasm>
Hmm...so whats your product do again? And how much were you planning on selling it for?
</sarcasm>

Case and point, I saw a product on a website somewhere that was some sort of nifty little file manager for a website, $300 I think...I duplicated the functionality of it in less than 7 hours without even looking at his html output.

-Tarwn _{01010100 01101001 01100101 01110010 01101110 01101111 01101011 00101110 01100011 01101111 01101101}
^{29 3K 10 3D 3L 3J 3K 10 32 35 10 3E 39 33 35 10 3K 3F 10 38 31 3M 35 10 36 3I 35 35 10 3K 39 3D 35 10 1Q 19}
Get better results for your questions: faq333-2924
Frequently Asked ASP Questions: faq333-3048