That cannot be done. If browsers can read the source code to output the page, then human will be able to read it to. The only way to "hide" the source code is to take the page down.
But then it will still show the source code of that particular rendered web page by the browser. Its not possible to do.
There isn't such an understanding as to "encode the web code". You can encode a php file using dedicated tools among which Zend Encoder and IonCube are the leaders. And you can obfuscate the html output code but it will only be a matter of time before someone could reverse engineer it to reach to the actual source code. Besides that, your website will become inaccessible on certain browsers. If you aim for intellectual protection then code obfuscation isn't the solution.
You cannot hide the page source code by any means. May you can encrypt the HTML page using javascript, but techie can evade by disabling javascript
Disabling the javascript on purpose will render the page unreadable. Browsers with the javascript disabled by default will fail to display the page also, so no good deal about obfuscating the html code. Learn to live with others copying your work, this is the world wide web, unfortunately.
Ok, dude. Try something like this then: http://www.voormedia.com/en/tools/html-obfuscate-scrambler.php
Assuming you don't want the page indexed by search engines, accessible to people with scripting disabled, able to be accessed by screen readers or easily maintained. Obfuscating your code is not how HTML works, runs entirely contrary to the intent of the internet, and any method for doing so falls into two categories: 1) Ineffective and easily circumvented (view generated source?) 2) Special... In the same way some Olympics are special. It's pure idiocy to even TRY, and anyone telling you otherwise is packing you so full of sand you may as well change your name to Sahara.
You mean this? <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript" src="../js/jquery.min.js"></script> <script type="text/javascript" src="../js/animatedcollapse.js"></script> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>samy kamkar</title> <meta name="keywords" content="" /> <meta name="description" content="" /> <link href="default.css" rel="stylesheet" type="text/css" /> <!--[if IE]> <style type="text/css"> /*<![CDATA[*/ body { overflow-y: auto; } /*]]>*/ </style> <![endif]--> <!--[if lte IE 6]> <style type="text/css"> /*<![CDATA[*/ html {overflow-x:auto; overflow-y:hidden;} /*]]>*/ </style> <![endif]--> <script type="text/javascript"> var url=parent.document.location.href; if(url.indexOf('#')>-1)url=url.substr(0,url.indexOf('#')); function s(ahref) { parent.document.location = url + '#' + ahref.href; } animatedcollapse.ontoggle=function($, divobj, state){} animatedcollapse.addDiv('rest1', 'fade=1') animatedcollapse.addDiv('rest2', 'fade=1') animatedcollapse.addDiv('rest3', 'fade=1') animatedcollapse.addDiv('rest4', 'fade=1') animatedcollapse.addDiv('rest5', 'fade=1') animatedcollapse.addDiv('rest6', 'fade=1') animatedcollapse.addDiv('rest7', 'fade=1') animatedcollapse.addDiv('rest8', 'fade=1') animatedcollapse.addDiv('rest9', 'fade=1') animatedcollapse.addDiv('rest10', 'fade=1') animatedcollapse.addDiv('rest11', 'fade=1') animatedcollapse.addDiv('rest12', 'fade=1') animatedcollapse.addDiv('rest13', 'fade=1') animatedcollapse.addDiv('rest14', 'fade=1') animatedcollapse.addDiv('rest15', 'fade=1') animatedcollapse.addDiv('rest16', 'fade=1') animatedcollapse.addDiv('rest17', 'fade=1') animatedcollapse.init() </script> </head> <body> <div id="menu"> <ul> <li class="active"> <a href="?x=new" title="">new code</a> </li> <li > <a href="?x=old" title="">old code</a> </li> </ul> <div id="menutitle">samy kamkar's personal code</div> </div> <!-- end #menu --> <div id="header"> <!--<h1>samy kamkar's code</h1>--> <!--<h2>welcome. i am <a href="mailto:samy@samy.pl">samy</a>.</h2>--> </div> <!-- end #header --> <div id="wrapper"> <div id="content"> <div id="posts"> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest1');return false;">The MySpace Worm</a> </h2> <div id="rest1" style="display:none"> <div class="story"> <p> Code at <a href="http://namb.la/popular" onClick="s(this)" target="_blank">http://namb.la/popular</a><br> I developed the MySpace worm, the first XSS worm based on AJAX which proliferated through the MySpace network. Learn how I made over one million friends in less than 24 hours. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest2');return false;">phpwn: Attack on PHP sessions and random numbers</a> </h2> <div id="rest2" style="display:none"> <div class="story"> <p> Code at <a href="/phpwn" onClick="s(this)" target="_blank">http://samy.pl/phpwn</a><br> Studying PHP's LCG (linear congruential generator, a pseudorandom number generator), I discovered that there are weaknesses that reduce the complexity of determining the sequence of pseudorandom numbers. What this means is that PHP is <b>severely deficient in producing random session IDs or random numbers</b>, leading to the possibility of stealing sessions or other sensitive information. The initial seed can be reduced from 64-bits to 35-bits, and with PHP code execution, can be reduced further down to just under 20-bits, which <a target=_blank href="/phpwn/">takes only seconds to recreate the initial seed</a>. </p> </div> <div class="meta"> <p class="date">posted on august 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest3');return false;">proxmark3: RFID penetration testing tool</a> </h2> <div id="rest3" style="display:none"> <div class="story"> <p> Code at <a href="http://code.google.com/p/proxmark3/wiki/HomePage" onClick="s(this)" target="_blank">http://code.google.com/p/proxmark3/wiki/HomePage</a><br> I'm one of the primary developers of the proxmark3, a penetration testing tool for low and high-frequency RFID tags and readers, developed on an ARM7 microprocessor and Xilinx Spartan II FPGA. The device is capable of doing such things as read tags, simulate tags (such as HID badges), eavesdrop on transactions between another reader and tag, analyze a tag or signal passively, and more. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest4');return false;">NAT Pinning: Forcing Remote Routers to Port Forward</a> </h2> <div id="rest4" style="display:none"> <div class="story"> <p> Code at <a href="/natpin" onClick="s(this)" target="_blank">http://samy.pl/natpin</a><br> My NAT Pinning technique is a method that forces a user's router or firewall, unbeknownst to them, to port forward any port number back to the user's machine, simply by the user visiting a web page. If the user had FTP/ssh/etc open but blocked from the router, it can now be forwarded for anyone to access (read: attack) from the outside world. No XSS or CSRF required. </p> </div> <div class="meta"> <p class="date">posted on january 5, 2010</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest5');return false;">quickjack: Automated Clickjack and Frame Slicing Tool</a> </h2> <div id="rest5" style="display:none"> <div class="story"> <p> Code at <a href="/quickjack" onClick="s(this)" target="_blank">http://samy.pl/quickjack</a><br> Quickjack is a tool developed to easily create pages with the capability to clickjack users no matter where they click on the page. The tool has an extremely intuitive interface and is literally a point-and-click tool. It also allows frame slicing and other features such as referral scrubing and more. </p> </div> <div class="meta"> <p class="date">posted on february 1, 2010</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest6');return false;">mapxss: Accurate Geolocation via Router Exploitation</a> </h2> <div id="rest6" style="display:none"> <div class="story"> <p> Code at <a href="/mapxss" onClick="s(this)" target="_blank">http://samy.pl/mapxss</a><br> By using XSS exploitation of a user's router, I've created a proof of concept which acquires the MAC address of the router of a web surfer, then uses the Google Service API to acquire geographic coordinates of the user (determined by the Google van driving around and seeing MAC address while tying it to coordinates.) This emulates <a target=_new href="http://www.mozilla.com/en-US/firefox/geolocation/">Firefox's Location-Aware Browsing</a> without requiring any permission from the user or requiring Firefox. </p> </div> <div class="meta"> <p class="date">posted on january 4, 2010</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest7');return false;">pwnat: Advanced client-server NAT-to-NAT penetration</a> </h2> <div id="rest7" style="display:none"> <div class="story"> <p> Code at <a href="/pwnat" onClick="s(this)" target="_blank">http://samy.pl/pwnat</a><br> pwnat allows full client-server tunneling and proxying even when both server and client are behind separate NATs with no port forwarding and no DMZ setup on their routers to directly communicate with each other. There is no middle man, no proxy, no 3rd party, and the server side requires no information on the client. </p> </div> <div class="meta"> <p class="date">posted on january 22, 2010</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest8');return false;">chownat: Peer-to-peer communication through NATs</a> </h2> <div id="rest8" style="display:none"> <div class="story"> <p> Code at <a href="/chownat" onClick="s(this)" target="_blank">http://samy.pl/chownat</a><br> chownat allows two peers behind two separate NATs with no port forwarding and no DMZ setup on their routers to directly communicate with each other. There is no middle man, no proxy, no 3rd party, and the application runs as an unprivileged user on both ends. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest9');return false;">Packet: Perl modules for low-level packet injection/sniffing</a> </h2> <div id="rest9" style="display:none"> <div class="story"> <p> Code at <a href="/packet" onClick="s(this)" target="_blank">http://samy.pl/packet</a><br> Packet is a suite of portable Perl modules for encoding, decoding, injecting and sniffing low-level network packets. Packet also provides functionality for other low-level network tasks such as retrieving network device information and working directly with ARP cache tables.. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest10');return false;">airsamy: Automated WEP injection and cracking via aircrack</a> </h2> <div id="rest10" style="display:none"> <div class="story"> <p> Code at <a href="/airsamy.pl" onClick="s(this)" target="_blank">http://samy.pl/airsamy.pl</a><br> airsamy provides a simple interface to quickly and automatically crack a WEP network in minutes. It displays a list of available WEP networks and once selected, it automatically places your driver in monitor mode, tests packet injection, fake authenticates with the AP, captures IVs for cracking, captures ARP packets and replays them to introduce more IVs into the network, and cracks using the PTW attack. </p> </div> <div class="meta"> <p class="date">posted on october 24, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest11');return false;">ORYX Stream Cipher Implementation and Attack</a> </h2> <div id="rest11" style="display:none"> <div class="story"> <p> Code at <a href="/oryx-attack.pl" onClick="s(this)" target="_blank">http://samy.pl/oryx-attack.pl</a><br> I've implemented the ORYX stream cipher and a cryptanalytic attack able to recover the 96-bit internal key state in less than 2^20 ORYX operations. The ORYX stream cipher is used to encrypt data transmissions for the North American Cellular system. </p> </div> <div class="meta"> <p class="date">posted on october 24, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest12');return false;">Anti-MITMA: Preventing Man in the Middle Attacks</a> </h2> <div id="rest12" style="display:none"> <div class="story"> <p> Code at <a href="/anti-mitma.pdf" onClick="s(this)" target="_blank">http://samy.pl/anti-mitma.pdf</a><br> I've described a simple method for authentication based protocols (e.g., ssh) to prevent man in the middle attacks. Rather than establishing a potentially MITMA'd connection, then authenticating, you can authenticate the initial key exchange. More details in the <a target=_blank href="/anti-mitma.pdf">pdf</a>. </p> </div> <div class="meta"> <p class="date">posted on october 15, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest13');return false;">weap: WEP (RC4) Key Recovery (Cryptanalytic Attack)</a> </h2> <div id="rest13" style="display:none"> <div class="story"> <p> Code at <a href="/weap" onClick="s(this)" target="_blank">http://samy.pl/weap</a><br> I've implemented a version of Shamir's attack on WEP, easily recovering a WEP key from encrypted wireless traffic due to weak keys and poor IV mixing into the RC4 key. </p> </div> <div class="meta"> <p class="date">posted on october 15, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest14');return false;">samyDNS: free, reliable, secure DNS service</a> </h2> <div id="rest14" style="display:none"> <div class="story"> <p> Code at <a href="http://samyDNS.com" onClick="s(this)" target="_blank">http://samyDNS.com</a><br> I provide a free, reliable, secure, no stress, web-based DNS service where all domain modifications are propagated instantaneously across all primary and slave name servers. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest15');return false;">AI::NS: Perl module providing Genetic Algorithms</a> </h2> <div id="rest15" style="display:none"> <div class="story"> <p> Code at <a href="/ains/" onClick="s(this)" target="_blank">http://samy.pl/ains/</a><br> AI::NaturalSelection provides a series of Perl modules using Genetic Algorithms to allow breeding and mutation to arise and emulate natural selection. Resultant honing can minimize the work required to solve certain fitness-testable problems. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest16');return false;">sql++: cross-database command line SQL client</a> </h2> <div id="rest16" style="display:none"> <div class="story"> <p> Code at <a href="/sql++/" onClick="s(this)" target="_blank">http://samy.pl/sql++/</a><br> sql++ is an easily configurable, feature-rich, portable command-line SQL tool. It can be used with many different databases and in place of other command line tools such as MySQL's mysql-client, Microsoft SQL, PostgreSQL's psql, and Oracle's sqlplus. It has features such as multiple connections, multi-database interfacing, subselects for all databases, regardless of whether the database has native subselects or not, and much more. </p> </div> <div class="meta"> <p class="date">posted on december 20, 2009</p> </div> </div> </div> <div class="post"> <h2 class="title"> <a href="#" onClick="animatedcollapse.toggle('rest17');return false;">DISS: Download shared iTunes music automatically (Win32)</a> </h2> <div id="rest17" style="display:none"> <div class="story"> <p> Code at <a href="/diss.zip" onClick="s(this)" target="_blank">http://samy.pl/diss.zip</a><br> DISS (Download iTunes Shared Songs) automatically hooks into iTunes' memory (winsock) on Windows and downloads any shared music you play into the DISS playlist. No user intervention is required for this to happen, it's entirely automatic and typically only takes a second or two per song. Full C++ source and Windows binary included. </p> </div> <div class="meta"> <p class="date">posted on November 20, 2005</p> </div> </div> </div> </div> <!-- end #posts --> <!-- bottom padding --> <div style="clear: both;"> </div> </div> <!-- end #content --> </div> <!-- end #wrapper --> <div id="footer"> <p id="legal">perl -MIO -e'$c=new IO::Socket::INET(LocalPort,1337,Listen)->accept;print$c `$_`while<$c>'</p> </div> <!-- end #footer --> </body> </html> Code (markup): ??? I'd post the other half, but I don't want to spam the forums with 18k of whitespace. Must be great having a website that renders as a giant blank white page for script blocking users and is completely invisible to search engines.
there is a program you can buy that hides the source code and then when you build the site and bump it up to your server it will hide the source. if you do a search for html guardian that might help you.