[转载]VBS的Mutation
文章作者:delphij 解释有意思的东西……稍微加了点注释。
dim sIntIteration1 ' 字符串中用到的迭代子(索引值,看后面的注释)
dim sIntIteration2 ' 另一个迭代子,用法也得看注释
dim sStrVariables ' 变量表(以字符串表示)
dim sArVariables ' 上面那个东西拆成的数组
' 临时变量
dim sVarFlag1
dim sVarFlag2
dim sVarFlag3
dim sArResultPosition() ' 保存结果数组
dim sArCodeStructure() ' 自定义的代码容器。
dim sStrArIProcedure ' 输入函式数组
dim sStrArOProcedure ' 输出函式数组
' 指向上述两个数组的指针
dim sIntPointeurOProcedure
dim sIntPointeurIProcedure
' 长度值,看后面的注释
dim sIntVariableLength
' 一组用于操作的脚本对象,大家都清楚我就不说了
dim sObjFSO
dim sObjScriptPath
dim sObjScript
dim sObjRegExp
dim sColResultat
dim sIntResultat
dim sStrCode ' 用于保存自己的代码
dim sIntPositionPointeurCaractere
dim sStrLigne2Code
dim sIntPositionVBCRLF
' 初始化
call initialiser()
' 替换dim定义的变量名字
call rechercher_declaration("dim","(\( *\d* *\))|\(|\)| ")
' 替换const定义的常量名字
call rechercher_declaration("const","= *(\d*)| *")
' 替换function的名字
call rechercher_procedure("function")
' 替换sub的名字
call rechercher_procedure("sub")
' 打乱顺序
call changer_position
' 应用变量名
call changer_variable
' 混淆大小写
call changer_casse
' 存
call appliquer
sub initialiser()
' 初始化:创建正则表达式对象sObjRegExp, 加载自己到sStrCode。
set sObjRegExp = new regexp
sObjRegExp.ignorecase = true
sObjRegExp.global = true
' 费解的语句:完全可以最开始定义的。wsh bug?
redim sArCodeStructure(1,0)
' 用以打开文件的FSO对象
set sObjFSO = createobject("Scripting.FileSystemObject")
' 找到自己在哪儿
set sObjScriptPath = sObjFSO.getfile(wscript.scriptfullname)
' 打开,handle: sObjScript
set sObjScript = sObjFSO.opentextfile(sObjScriptPath, 1)
' 弄进内存
sStrCode = sObjScript.readall
' 关掉
sObjScript.close
end sub
' 纯逻辑,没什么好注释的……
sub rechercher_declaration(pStrType2Declaration,pStrMotif2Recherche)
call get_all_position_after_str(pStrType2Declaration)
for sIntIteration1=1 to ubound(sArResultPosition)
sIntPositionPointeurCaractere = sArResultPosition(sIntIteration1)
sIntPositionVBCRLF = instr(sIntPositionPointeurCaractere,sStrCode,vbcr,1)
sStrLigne2Code = mid(sStrCode,sIntPositionPointeurCaractere, sIntPositionVBCRLF - sIntPositionPointeurCaractere)
sStrLigne2Code = remplacer(sStrLigne2Code,pStrMotif2Recherche,",")
sStrVariables = sStrVariables & "," & sStrLigne2Code
next
end sub
' 这部分也是纯逻辑,不需要注释。按逻辑加了空行便于阅读
sub rechercher_procedure(procedure_type)
call get_all_position_after_str(procedure_type)
for sIntIteration1=1 to ubound(sArResultPosition)
’ 调整sArCodeStructure以适应需要(此处可以优化)
redim preserve sArCodeStructure(1,ubound(sArCodeStructure,2) + 1)
sIntPositionPointeurCaractere = sArResultPosition(sIntIteration1)
sArCodeStructure(1,ubound(sArCodeStructure,2)) = sIntPositionPointeurCaractere - len(procedure_type)
sIntPositionVBCRLF = instr(sIntPositionPointeurCaractere,sStrCode,vbcr,1)
sStrLigne2Code = mid(sStrCode,sIntPositionPointeurCaractere, sIntPositionVBCRLF - sIntPositionPointeurCaractere)
sStrLigne2Code = remplacer( sStrLigne2Code , "(\( *\d* *\))|\(|\)| " , "," )
sStrVariables = sStrVariables & "," & sStrLigne2Code
sIntIteration1 = sIntIteration1+1
sArCodeStructure(0,ubound(sArCodeStructure,2)) = sArResultPosition(sIntIteration1) + 4
next
end sub
' 移动函式位置
sub changer_position()
' 修复刚才多redim出来的那一个空槽……
redim sStrArIProcedure(ubound(sArCodeStructure,2)-1,1)
' 为procedure标记权重
for sIntIteration1 = 0 to ubound(sStrArIProcedure,1)
sStrArIProcedure(sIntIteration1,0) = mid(sStrCode,sArCodeStructure(1,sIntIteration1+1),sArCodeStructure(0,sIntIteration1+1) - sArCodeStructure(1,sIntIteration1+1))
randomize
sStrArIProcedure(sIntIteration1,1) = rnd ' 标记“权重”
next
' 按照“权重”排序。非常简单而过分的冒泡法……
for sIntIteration1 = 0 to ubound(sStrArIProcedure,1)
for sIntIteration2 = sIntIteration1 to ubound(sStrArIProcedure,1)
if (sStrArIProcedure(sIntIteration2,1) < sStrArIProcedure(sIntIteration1,1)) then
' 逆序:换!
sVarFlag1 = sStrArIProcedure(sIntIteration2,0)
sVarFlag2 = sStrArIProcedure(sIntIteration2,1)
sStrArIProcedure(sIntIteration2,0) = sStrArIProcedure(sIntIteration1,0)
sStrArIProcedure(sIntIteration2,1) = sStrArIProcedure(sIntIteration1,1)
sStrArIProcedure(sIntIteration1,0) = sVarFlag1
sStrArIProcedure(sIntIteration1,1) = sVarFlag2
end if
next
next
' 复制sStrCode
sStrArOProcedure = sStrCode
' 遍历sStrArIProcedure,将其从输出集中删去
for sIntIteration1 = 0 to ubound(sStrArIProcedure,1)
sStrArOProcedure = replace(sStrArOProcedure,sStrArIProcedure(sIntIteration1,0),"")
next
' 按行割裂为数组
sStrArOProcedure = split(sStrArOProcedure,vbcrlf)
sIntPointeurIProcedure = -1
sIntPointeurOProcedure = -1
sVarFlag1 = empty
' 将全局范围的代码和过程(procedure, 即sub/function)混合
while ((sIntPointeurOProcedure <> ubound(sStrArOProcedure)) or (sIntPointeurIProcedure <> ubound(sStrArIProcedure,1)))
randomize
if (cint(rnd * 1) = 1) then
' 从sStrArOProcedure取出语句(取完了算)
if (sIntPointeurOProcedure <> ubound(sStrArOProcedure)) then
sIntPointeurOProcedure = sIntPointeurOProcedure + 1
sVarFlag1 = sVarFlag1 & sStrArOProcedure(sIntPointeurOProcedure) & vbcrlf
end if
else
' sStrArIProcedure取出语句(取完了算)
if (sIntPointeurIProcedure <> ubound(sStrArIProcedure)) then
sIntPointeurIProcedure = sIntPointeurIProcedure + 1
sVarFlag1 = sVarFlag1 & sStrArIProcedure(sIntPointeurIProcedure,0) & vbcrlf
end if
end if
wend
sStrCode = sVarFlag1
end sub
sub changer_variable()
' 去掉多余的,
sStrVariables = remplacer("," & sStrVariables & "," , ",+" , ",")
' 拆分到数组
sArVariables = split(sStrVariables,",")
' 替换变量名成瞎码:P
for sIntIteration1 = 1 to ubound(sArVariables) - 1
sStrCode = remplacer(sStrCode,"\b" & sArVariables(sIntIteration1) & "\b",creer_variable & sIntIteration1)
next
end sub
' 混淆大小写
sub changer_casse()
sVarFlag3 = empty
for sIntIteration1 = 1 to len(sStrCode) ' 处理整个sStrCode
sVarFlag1 = mid(sStrCode, sIntIteration1, 1)' 取出一个字符
if (asc(sVarFlag1) = 92) then ' "\"
sVarFlag2 = true ' 则设置状态sVarFlag2
else
if sVarFlag2 then ' 在状态sVarFlag2中?
sVarFlag2 = false ' 取消之
else ' 否则
randomize
if cint(rnd * 1) = 1 then ' 以0.5的概率执行
sVarFlag1 = lcase(sVarFlag1) ' 变成小写
else ' 另外0.5的概率
sVarFlag1 = ucase(sVarFlag1) ' 变成大写
end if
end if
end if
sVarFlag3 = sVarFlag3 & sVarFlag1 ' 在sVarFlag3后面附加处理过的字符
next
sStrCode = sVarFlag3 ' 返回处理过的sVarFlag3
end sub
' 自身回写
sub appliquer()
sStrCode = remplacer(sStrCode,"\n\r","")
set sObjScript = sObjFSO.opentextfile(sObjScriptPath, 2)
sObjScript.write sStrCode
sObjScript.close
end sub
' 处理pStrStr,将其中所有的模式pStrMotif2Recherche替换为pStrMotif2Remplacement
function remplacer(pStrStr,pStrMotif2Recherche,pStrMotif2Remplacement)
sObjRegExp.pattern = pStrMotif2Recherche
remplacer = sObjRegExp.replace(pStrStr,pStrMotif2Remplacement)
end function
sub get_all_position_after_str(pStrSrch)
redim sArResultPosition(0)
' 匹配符合正则表达式的所有模式
sObjRegExp.Pattern ="(\b" & pStrSrch & " +[^,]\w)|(end " & pStrSrch & ")"
' 获取匹配集
Set sColResultat = sObjRegExp.Execute(sStrCode)
For each sIntResultat in sColResultat
redim preserve sArResultPosition((ubound(sArResultPosition))+1)
sArResultPosition(ubound(sArResultPosition)) = sIntResultat.FirstIndex + len(pStrSrch) + 1
next
end sub
function creer_variable()
randomize
sIntVariableLength = int((20 * rnd) + 10) ' 随机产生一个长度,10-30
creer_variable = chr(int((25 * rnd) + 97)) ' 生成第一个字母
for sIntIteration2 = 1 to sIntVariableLength
randomize
if cint(rnd * 1) = 1 then ' 在creer_variable后面以同样概率添加:
creer_variable = creer_variable & chr(int((25 * rnd) + 97)) '小写字母
else ' 或
creer_variable = creer_variable & chr(int((10 * rnd) + 48)) '数字
end if
next
end function
页:
[1]