Jump to content

Secure online login for your script [Source Code].


FaridAgl
 Share

Recommended Posts

#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
 
$Title = "Secure Online Login"
$Form_Login = GUICreate($Title, 251, 137)
$Label_Username = GUICtrlCreateLabel("Username:", 10, 10, 55, 15)
$Input_Username = GUICtrlCreateInput("", 10, 25, 121, 21)
GUICtrlSetLimit(-1, 15)
$Label_Password = GUICtrlCreateLabel("Password:", 10, 55, 53, 15)
$Input_Password = GUICtrlCreateInput("", 10, 70, 121, 21, $ES_PASSWORD)
$Button_Login = GUICtrlCreateButton("Login", 10, 100, 75, 25, $BS_DEFPUSHBUTTON)
$Button_BuyNow = GUICtrlCreateButton("Buy Now", 165, 100, 75, 25)
GUISetState(@SW_SHOW)
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button_Login
If GUICtrlRead($Input_Username) = "" Or GUICtrlRead($Input_Password) = "" Then ;If fields are empty don't proceed.
MsgBox(48, $Title, "Enter both Username & Password and then try again.", 0, $Form_Login)
Else
GUISetState(@SW_HIDE) ;Temporary hide GUI
SplashTextOn($Title, "Verifying Username && Password, please wait...", 300, 50, -1, -1, 33, "Comic Sans MS", 10)
If InetRead("http://yourdomain.com/users/" & GUICtrlRead($Input_Username) & ".dat", 1) = GUICtrlRead($Input_Password) Then ;If you typed your Username "demo" here, it will read this URL: http://yourdomain.com/users/demo.dat" and if the content readed is = GUICtrlRead($Input_Password) then ...
SplashOff()
GUIDelete($Form_Login)
ExitLoop
Else
SplashOff()
GUISetState(@SW_SHOW)
MsgBox(16, $Title, "Wrong Username or Password." & @CRLF & "Remember Username and Password are case sensitive.", 0, $Form_Login)
EndIf
EndIf
Case $Button_BuyNow
ShellExecute("http://www.autoitscript.com/forum/") ;Your site here!
EndSwitch
WEnd
;You should uplad a file like this: "YourUsername.dat", and this file should have your password in it.
;Sorry for bad english, correct me.

If you see any bug or weakness in this script plz post here coz i'm using it in one of my programs.

Edited by D4RKON3
Link to comment
Share on other sites

#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
 
$Title = "Secure Online Login"
$Form_Login = GUICreate($Title, 251, 137)
$Label_Username = GUICtrlCreateLabel("Username:", 10, 10, 55, 15)
$Input_Username = GUICtrlCreateInput("", 10, 25, 121, 21)
GUICtrlSetLimit(-1, 15)
$Label_Password = GUICtrlCreateLabel("Password:", 10, 55, 53, 15)
$Input_Password = GUICtrlCreateInput("", 10, 70, 121, 21, $ES_PASSWORD)
$Button_Login = GUICtrlCreateButton("Login", 10, 100, 75, 25, $BS_DEFPUSHBUTTON)
$Button_BuyNow = GUICtrlCreateButton("Buy Now", 165, 100, 75, 25)
GUISetState(@SW_SHOW)
While 1
$nMsg = GUIGetMsg()
Switch $nMsg
Case $GUI_EVENT_CLOSE
Exit
Case $Button_Login
If GUICtrlRead($Input_Username) = "" Or GUICtrlRead($Input_Password) = "" Then ;If these fields are empty then don't proceed.
MsgBox(48, $Title, "Enter both Username & Password, then try again.", 0, $Form_Login)
Else
GUISetState(@SW_HIDE) ;Temporary hide GUI
SplashTextOn($Title, "Verifying Username && Password, please wait...", 300, 50, -1, -1, 33, "Comic Sans MS", 10)
If InetRead("http://yourdomain.com/users/" & GUICtrlRead($Input_Username) & ".dat", 1) = GUICtrlRead($Input_Password) Then ;If you typed the Username "demo" here, it will read this URL: http://yourdomain.com/users/demo.dat" and if the content read is = GUICtrlRead($Input_Password) then ...
SplashOff()
GUIDelete($Form_Login)
ExitLoop
Else
SplashOff()
GUISetState(@SW_SHOW)
MsgBox(16, $Title, "Wrong Username or Password." & @CRLF & "Remember, Username and Password are case sensitive.", 0, $Form_Login)
EndIf
EndIf
Case $Button_BuyNow
ShellExecute("http://www.autoitscript.com/forum/") ;Your site here!
EndSwitch
WEnd
;You should upload a file like this: "YourUsername.dat", and this file should have your password in it.

Corrected some grammar and spelling.

EDIT: You should have the file encrypted on your site using some form of automated encryption key generation that is unique to each PC/Account. Then have the client decrypt and check the password.

Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to comment
Share on other sites

  • 1 year later...

Weaknesses - It's a simple matter of looking at which url your script reads, and opening it in a browser to view

usernames and passwords.

Store encrypted usernames and passwords in an sql database.

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Link to comment
Share on other sites

I was using this code for a short period of time long time ago, it's not secure even if you are on a simple project!

I suggest you to create a php script on your server that takes the username and md5 of the password with the GET method, then validate it with the sql database and return the valid value, for example 1 if account is valid (using "echo 1;").

Take a look at InetRead too.

Link to comment
Share on other sites

I was using this code for a short period of time long time ago, it's not secure even if you are on a simple project!

I suggest you to create a php script on your server that takes the username and md5 of the password with the GET method, then validate it with the sql database and return the valid value, for example 1 if account is valid (using "echo 1;").

Take a look at InetRead too.

You're giving yourself advice now, or did you login with the wrong account.

AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Link to comment
Share on other sites

  • 5 months later...
  • Moderators

ClzTimothy, have you not read through the thread to see that this method is not safe? Even the script's creator has recognized the error of his ways.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...