Let’s say you are writing a series of numbers to the registry for desktop management scanning or security purposes (Bitlocker passwords, phone numbers, serial numbers, etc.). In these scenarios, you want the numbers to be available to desktop software, however not be visible by the end-user. A great way to secure these numbers is through simple numeric to alpha translation.
For example,
On Error Resume Next Set objShell = WScript.CreateObject("WScript.Shell") 'RegValue numValue = objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\TheNumber\RegValue") if numValue = "" then WScript.Quit() Set re = New RegExp re.Pattern = "[A-Z]" re.IgnoreCase = True re.Global = True hasMatches = re.Test(numValue) If hasMatches = True Then wscript.quit End If 'ENCODING HERE EncodedValue = (Replace(numValue,"0","Z")) EncodedValue = (Replace(EncodedValue,"1","K")) EncodedValue = (Replace(EncodedValue,"2","Y")) EncodedValue = (Replace(EncodedValue,"3","X")) EncodedValue = (Replace(EncodedValue,"4","D")) EncodedValue = (Replace(EncodedValue,"5","O")) EncodedValue = (Replace(EncodedValue,"6","C")) EncodedValue = (Replace(EncodedValue,"7","V")) EncodedValue = (Replace(EncodedValue,"8","S")) EncodedValue = (Replace(EncodedValue,"9","P")) EncodedValue = (Replace(EncodedValue,"-","Q")) 'WRITE TO REGISTRY HERE objShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\TheNumber\RegValue",EncodedValue,"REG_SZ"
Screenshot 1 – Before script
Screenshot 2 – After script
What’s great about this, is that no matter what the length or complexity of the number, it can be translated into something more secure.
So, how do you reverse the process? Easy. Just swap your translation alphanumerics.
For example: 0 Z becomes Z 0.
Example script
On Error Resume Next Set objShell = WScript.CreateObject("WScript.Shell") 'RegValue numValue = objShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\TheNumber\RegValue") if numValue = "" then WScript.Quit() Set re = New RegExp re.Pattern = "[A-Z]" re.IgnoreCase = True re.Global = True hasMatches = re.Test(numValue) If hasMatches = False Then wscript.quit End If 'DECODING HERE DecodedValue = (Replace(numValue,"Z","0")) DecodedValue = (Replace(DecodedValue,"K","1")) DecodedValue = (Replace(DecodedValue,"Y","2")) DecodedValue = (Replace(DecodedValue,"X","3")) DecodedValue = (Replace(DecodedValue,"D","4")) DecodedValue = (Replace(DecodedValue,"O","5")) DecodedValue = (Replace(DecodedValue,"C","6")) DecodedValue = (Replace(DecodedValue,"V","7")) DecodedValue = (Replace(DecodedValue,"S","8")) DecodedValue = (Replace(DecodedValue,"P","9")) DecodedValue = (Replace(DecodedValue,"Q","-")) 'WRITE TO REGISTRY HERE objShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\TheNumber\RegValue",DecodedValue,"REG_SZ"