cetipabo Posted January 31, 2022 Share Posted January 31, 2022 (edited) Hello, i have a piece of python code that i would like to convert in Autoit, it's about cryptography and I don't know anything about it. rand = 'xxxxxxxxxxxxxxx' password = 'yyyyyyyyyyyyyyyy' auth_key = 'zzzzzzzzzzzzzzzzzzzz' KEY_AES = hmac.new(rand, auth_key, sha256).digest() Final_Password = AES.new(KEY_AES[:16], AES.MODE_CBC, KEY_AES[16:]).decrypt(password) anyone know how this piece of code could be converted in autoit code ? Thank you for helping ! Edited January 31, 2022 by cetipabo Link to comment Share on other sites More sharing options...
cetipabo Posted January 31, 2022 Author Share Posted January 31, 2022 (edited) i found something here : So with this _hmac function i guess the begining would be : $rand = 'xxxxxxxxxxxxxxx' $password = 'yyyyyyyyyyyyyyyy' $auth_key = 'zzzzzzzzzzzzzzzzzzzz' $KEY_AES =_HashHMAC("SHA256", $rand, $auth_key) I still have this last line to convert : Final_Password = AES.new(KEY_AES[:16], AES.MODE_CBC, KEY_AES[16:]).decrypt(password) Edited January 31, 2022 by cetipabo Link to comment Share on other sites More sharing options...
Danyfirex Posted February 1, 2022 Share Posted February 1, 2022 Hello, Could you show a working Python example? Saludos Danysys.com AutoIt... UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut Link to comment Share on other sites More sharing options...
cetipabo Posted February 1, 2022 Author Share Posted February 1, 2022 Full code sent in PM Link to comment Share on other sites More sharing options...
cetipabo Posted February 1, 2022 Author Share Posted February 1, 2022 (edited) edit: wrong Edited February 1, 2022 by cetipabo Link to comment Share on other sites More sharing options...
Danyfirex Posted February 1, 2022 Share Posted February 1, 2022 I don't have enough time to check this deeply but I'm sure You can handle all with CryptoNG UDF. With the one in your first comment you just can handle the hash HMAC part. Saludos cetipabo 1 Danysys.com AutoIt... UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut Link to comment Share on other sites More sharing options...
cetipabo Posted February 1, 2022 Author Share Posted February 1, 2022 thanks @Danyfirex i found out the meaning of both KEY_AES[:16] and KEY_AES[16:], if i'm not wrong it basicaly slice the string in 2, first from start to 16 and second from 16 to the end of the string. Link to comment Share on other sites More sharing options...
Danyfirex Posted February 1, 2022 Share Posted February 1, 2022 Yes @cetipabo first half and second half. Saludos Danysys.com AutoIt... UDFs: VirusTotal API 2.0 UDF - libZPlay UDF - Apps: Guitar Tab Tester - VirusTotal Hash Checker Examples: Text-to-Speech ISpVoice Interface - Get installed applications - Enable/Disable Network connection PrintHookProc - WINTRUST - Mute Microphone Level - Get Connected NetWorks - Create NetWork Connection ShortCut Link to comment Share on other sites More sharing options...
TheXman Posted February 2, 2022 Share Posted February 2, 2022 (edited) On 1/31/2022 at 4:56 PM, cetipabo said: rand = 'xxxxxxxxxxxxxxx' password = 'yyyyyyyyyyyyyyyy' auth_key = 'zzzzzzzzzzzzzzzzzzzz' KEY_AES = hmac.new(rand, auth_key, sha256).digest() Final_Password = AES.new(KEY_AES[:16], AES.MODE_CBC, KEY_AES[16:]).decrypt(password) Using CryptoNG, as suggested by Danyfirex, it would look something like this: expandcollapse popup#AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include <CryptoNG.au3> Const $RAND = "Some random value", _ $AUTH_KEY = "This is a test auth key value", _ $ENCRYPTED_PASSWORD = Binary("0x1ABE71DDDEDE44B3BC0B127F4581319A") ;Password123! aes_cbc_decrypt_example() Func aes_cbc_decrypt_example() Local $sDecryptedMessage = "" Local $xHash = Binary(""), _ $xEncryptionKey = Binary(""), _ $xIV = Binary("") ;Create a 256-bit/32-byte hash value using HMAC-SHA256 $xHash = _CryptoNG_HashData($CNG_BCRYPT_SHA256_ALGORITHM, $RAND, True, $AUTH_KEY) If @error Then Exit ConsoleWrite("HASH ERROR: " & _CryptoNG_LastErrorMessage()) ;Split hash value into encryption key (1st 16 bytes) & iv (last 16 bytes) $xEncryptionKey = BinaryMid($xHash, 1, 16) $xIV = BinaryMid($xHash, 17) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($ENCRYPTED_PASSWORD, $xEncryptionKey, $xIV) If @error Then Exit ConsoleWrite("DECRYPT ERROR: " & _CryptoNG_LastErrorMessage()) ;Display results ConsoleWrite(@CRLF) ConsoleWrite("CryptoNG AES CBC Data Decryption Example" & @CRLF & @CRLF) ConsoleWrite("Encrypted Password = " & $ENCRYPTED_PASSWORD & @CRLF) ConsoleWrite("Encrypted Password (BASE64) = " & _CryptoNG_CryptBinaryToString($ENCRYPTED_PASSWORD, $CNG_CRYPT_STRING_BASE64) & @CRLF) ConsoleWrite("RAND = " & $RAND & @CRLF) ConsoleWrite("AUTH Key = " & $AUTH_KEY & @CRLF & @CRLF) ConsoleWrite("HMAC-SHA256 Value = " & $xHash & @CRLF & @CRLF) ConsoleWrite("Encrypt Key = " & $xEncryptionKey & @CRLF) ConsoleWrite("Encrypt Key (Base64) = " & _CryptoNG_CryptBinaryToString($xEncryptionKey, $CNG_CRYPT_STRING_BASE64) & @CRLF) ConsoleWrite("IV = " & $xIV & @CRLF) ConsoleWrite("IV (Base64) = " & _CryptoNG_CryptBinaryToString($xIV, $CNG_CRYPT_STRING_BASE64) & @CRLF) ConsoleWrite("Decrypted Password = " & $sDecryptedMessage & @CRLF) EndFunc Console Output: CryptoNG AES CBC Data Decryption Example Encrypted Password = 0x1ABE71DDDEDE44B3BC0B127F4581319A Encrypted Password (BASE64) = Gr5x3d7eRLO8CxJ/RYExmg== RAND = Some random value AUTH Key = This is a test auth key value HMAC-SHA256 Value = 0x9674193E8C503BE24EA76FE74883FCAEE36DA19CCF8FF2A49DEA0087D9BECBEC Encrypt Key = 0x9674193E8C503BE24EA76FE74883FCAE Encrypt Key (Base64) = lnQZPoxQO+JOp2/nSIP8rg== IV = 0xE36DA19CCF8FF2A49DEA0087D9BECBEC IV (Base64) = 422hnM+P8qSd6gCH2b7L7A== Decrypted Password = Password123! Validation: Edited February 2, 2022 by TheXman Danyfirex 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
cetipabo Posted February 7, 2022 Author Share Posted February 7, 2022 Thanks @TheXman ! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now