here's one way i've seen here on the forums to obfuscate a script that is to be deployed:
-- obfuscate a command to send to the client:
Declare @cmds Nvarchar(MAX)
Declare @obfoo varbinary(MAX)
--build our varbinary
Set @cmds = '
PRINT ''This binary string will execute "SELECT * FROM SYS.OBJECTS":''
SELECT * FROM SYS.OBJECTS
'
--proof of concept: can we get the value back
Set @obfoo = CAST(@cmds as varbinary(MAX))
Select @obfoo
--this is what we would deploy to an end user
declare @_ as varbinary(max)
set @_ =0x0D000A005000520049004E0054002000270054006800690073002000620069006E00610072007900200073007400720069006E0067002000770069006C006C002000650078006500630075007400650020002200530045004C0045004300540020002A002000460052004F004D0020005300590053002E004F0042004A00450043005400530022003A0027000D000A00530045004C0045004300540020002A002000460052004F004D0020005300590053002E004F0042004A0045004300540053000D000A00
exec (@_)
Lowell