cppman Posted May 24, 2008 Share Posted May 24, 2008 (edited) As Valik said, no more decompilation discussion, otherwise it will rear it's ugly head again...Valik? (just a joke) Edited May 24, 2008 by cppman Miva OS Project Link to comment Share on other sites More sharing options...
ReaImDown Posted May 24, 2008 Share Posted May 24, 2008 why dont you have the user (1st time run) set their own password, encrypt it, write it to reg. then check to see if they add up. [u][font="Century Gothic"]~я α и d γ ĵ . ċ . ѕ қ ϊ и и ε я~- My Programs -auto shutdownSleep funcdisallow programs[/font][/u] Link to comment Share on other sites More sharing options...
Valuater Posted May 25, 2008 Share Posted May 25, 2008 why dont you have the user (1st time run) set their own password, encrypt it, write it to reg. then check to see if they add up. Here is one that is close, it has been in Autoit Wrappers forever, Just tidy'd it up today ; password encrypter ; Author Valuater If Not FileExists(@SystemDir & "\License.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, $password, @ComputerName & "4")) Else $password = _StringEncrypt(0, FileReadLine(@SystemDir & "\License.dat", 1), @ComputerName & "4") If InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) <> $password Then Exit EndIf 8) Link to comment Share on other sites More sharing options...
jvanegmond Posted May 25, 2008 Share Posted May 25, 2008 Here is one that is close, it has been in Autoit Wrappers forever, Just tidy'd it up today ; password encrypter ; Author Valuater If Not FileExists(@SystemDir & "\License.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, $password, @ComputerName & "4")) Else $password = _StringEncrypt(0, FileReadLine(@SystemDir & "\License.dat", 1), @ComputerName & "4") If InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) <> $password Then Exit EndIf At least, I think that's it.. I just woke up. github.com/jvanegmond Link to comment Share on other sites More sharing options...
Valuater Posted May 25, 2008 Share Posted May 25, 2008 Also easy to break since the password is always @computername & "4". This is better: If Not FileExists(@SystemDir & "\License.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, @ComputerName & "4", $password)) Else $password = _StringEncrypt(0, FileReadLine(@ComputerName & "4", @SystemDir & "\License.dat", 1)) If InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) <> $password Then Exit EndIf At least, I think that's it.. I just woke up. Thats funny, you must have needed coffee badly, What were you trying to do???? 8) Link to comment Share on other sites More sharing options...
jvanegmond Posted May 25, 2008 Share Posted May 25, 2008 Thats funny, you must have needed coffee badly, What were you trying to do???? 8)I'm having a bit of a problem to describe what's wrong with this in English or to describe it in code, so I'll just write it down here step by step. FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, $password, @ComputerName & "4")) ;original codeoÝ÷ ØÚ0Ê¡j÷ê+§jZZ²Ì(ÖÚrL"¶.¶IèÂ)ඨ®("©ijË0¢·bØ^~*ì¶ZqâÊ¢Øb±«¢+Ù¥±]ɥѡMåÍѵ¥ÈµÀìÅÕ½ÐìÀäÈí1¥¹Í¹ÐÅÕ½Ðì°}MÑÉ¥¹¹ÉåÁÐ Ä° ½µÁÕÑÉ9µµÀìÅÕ½ÐìÐÅÕ½Ðì°ÀÌØíÁÍÍݽɤ¤ You must know the original password to get the outcome to be @ComputerName & "4" again, and you can't simply get the users password. I hope I made some sense. github.com/jvanegmond Link to comment Share on other sites More sharing options...
Valuater Posted May 25, 2008 Share Posted May 25, 2008 I'm having a bit of a problem to describe what's wrong with this in English or to describe it in code, so I'll just write it down here step by step. FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, $password, @ComputerName & "4")) ;original codeoÝ÷ ØÚ0Ê¡j÷ê+§jZZ²Ì(ÖÚrL"¶.¶IèÂ)ඨ®("©ijË0¢·bØ^~*ì¶ZqâÊ¢Øb±«¢+Ù¥±]ɥѡMåÍѵ¥ÈµÀìÅÕ½ÐìÀäÈí1¥¹Í¹ÐÅÕ½Ðì°}MÑÉ¥¹¹ÉåÁÐ Ä° ½µÁÕÑÉ9µµÀìÅÕ½ÐìÐÅÕ½Ðì°ÀÌØíÁÍÍݽɤ¤ You must know the original password to get the outcome to be @ComputerName & "4" again, and you can't simply get the users password. I hope I made some sense. ok, I see what you are saying, but where do you store the varaiable $Password??? FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, @ComputerName & "4", $password)) ?? 8) Link to comment Share on other sites More sharing options...
GEOSoft Posted May 25, 2008 Share Posted May 25, 2008 ok, I see what you are saying, but where do you store the varaiable $Password???FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, @ComputerName & "4", $password))??8)probably best to convert eack character to hex, and then to binary. Store the whole thing in some obscure registry key as a REG_DWord value. Then you would need a function or another script to decrypt it George Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.*** The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number. Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else. "Old age and treachery will always overcome youth and skill!" Link to comment Share on other sites More sharing options...
Valuater Posted May 25, 2008 Share Posted May 25, 2008 (edited) I was trying to work with manadars idea, and I dont see it #Include <String.au3> If Not FileExists(@SystemDir & "\License4.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit ;FileWrite(@SystemDir & "\License3.dat", _StringEncrypt(1, $password, @ComputerName & "4")) FileWrite(@SystemDir & "\License4.dat", _StringEncrypt(1, @ComputerName & "4", $password)) Else $Input = InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) $Answer = _StringEncrypt(0, FileReadLine(@SystemDir & "\License4.dat", 1), $Input ) If $Answer <> @ComputerName & "4" Then Exit EndIf $OtherComputerName = "TestPC" ; @ComputerName & "4" $licensedatfile = "9as897d6178dh219hdh92hdd8918d2hdh32u2k3h55kdh47" ; from file MsgBox(0, "", _StringEncrypt(0,$licensedatfile,$OtherComputerName & "4") );gives password it looks like the same out come to me 8) Edited May 25, 2008 by Valuater Link to comment Share on other sites More sharing options...
solid2005 Posted May 26, 2008 Share Posted May 26, 2008 (edited) Hi! I Have A Question About your program that post in http://www.autoitscript.com/forum/index.ph...mp;#entry199600CODE; password encrypter; Author ValuaterIf Not FileExists(@SystemDir & "\License.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit FileWrite(@SystemDir & "\License.dat", _StringEncrypt(1, $password, @ComputerName & "4"))Else $password = _StringEncrypt(0, FileReadLine(@SystemDir & "\License.dat", 1), @ComputerName & "4") If InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) <> $password Then ExitEndIfWhat is the difference of this script? of your script that you post here I got error in this.but this script I don't get itCODE#Include <String.au3>If Not FileExists(@SystemDir & "\License4.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit ;FileWrite(@SystemDir & "\License3.dat", _StringEncrypt(1, $password, @ComputerName & "4")) FileWrite(@SystemDir & "\License4.dat", _StringEncrypt(1, @ComputerName & "4", $password))Else $Input = InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) $Answer = _StringEncrypt(0, FileReadLine(@SystemDir & "\License4.dat", 1), $Input ) If $Answer <> @ComputerName & "4" Then ExitEndIf$OtherComputerName = "TestPC" ; @ComputerName & "4"$licensedatfile = "9as897d6178dh219hdh92hdd8918d2hdh32u2k3h55kdh47" ; from fileMsgBox(0, "", _StringEncrypt(0,$licensedatfile,$OtherComputerName & "4") );gives passwordcan you give some discription? Edited May 26, 2008 by solid2005 Link to comment Share on other sites More sharing options...
jvanegmond Posted May 26, 2008 Share Posted May 26, 2008 I was trying to work with manadars idea, and I dont see it #Include <String.au3> If Not FileExists(@SystemDir & "\License4.dat") Then $password = InputBox("Password *Set-up*", " Please *Set-up* Your Password:", "", "", 200, 120) If @error = 1 Or $password = "" Then Exit ;FileWrite(@SystemDir & "\License3.dat", _StringEncrypt(1, $password, @ComputerName & "4")) FileWrite(@SystemDir & "\License4.dat", _StringEncrypt(1, @ComputerName & "4", $password)) Else $Input = InputBox("Password Protected", " Please Type in Your Password:", "", "*", 200, 120) $Answer = _StringEncrypt(0, FileReadLine(@SystemDir & "\License4.dat", 1), $Input ) If $Answer <> @ComputerName & "4" Then Exit EndIf it looks like the same out come to me 8)Awesome, now you actually need the original password to access the program. The only thing left is that I could replace the original license.dat with my own license.dat that holds the correct computername and MY password. I don't know what this script is actually supposed to do, other then just request a user password to run the script, but what I generally do for applications that require a password, is encrypt the data that is stored on the hard-drive, using a user provided password. github.com/jvanegmond Link to comment Share on other sites More sharing options...
NELyon Posted May 26, 2008 Share Posted May 26, 2008 I have a good idea. On first run, the password is asked for, and then written encrypted into a file named by a random string of characters in the system directory. A registry key, also encrypted, is then read and decrypted by the script, and then it points to the file with the encrypted file in it. Decrypt that file to check the password. It's pretty secure if you ask me. Link to comment Share on other sites More sharing options...
Valik Posted May 26, 2008 Share Posted May 26, 2008 I have a good idea.No you don't.On first run, the password is asked for, and then written encrypted into a file named by a random string of characters in the system directory.Stupid. First, it won't work on Vista without elevated privileges; it won't work on XP as a limited user. Second, don't write shit to people's system directory. It is not a general storage area. Link to comment Share on other sites More sharing options...
cppman Posted May 26, 2008 Share Posted May 26, 2008 (edited) I'm not understanding this... None of the ways presented here are really secure. One of the only secure ways is to have a third party(such as an installer) write a one way encrypted password to either a file or the registry. Then when you call the _Password function, it'll one way encrypt the given password and compare it against the contents of the file (or registry value).PluginOpen("MD5Hash.dll") Func _PasswordProtect($sTryPassword) If (MD5Hash($sTryPassword, 2, True) == FileRead("password_file.txt")) Then Return True Return False EndFunc ; Should fail because that's not the password (and I'm not telling the password :D) MsgBox(0, "", _PasswordProtect("test")) PluginClose("Md5Hash.dll")password_file.txtMD5Hash.dll Edited May 26, 2008 by cppman Miva OS Project Link to comment Share on other sites More sharing options...
NELyon Posted May 26, 2008 Share Posted May 26, 2008 No you don't.Stupid. First, it won't work on Vista without elevated privileges; it won't work on XP as a limited user. Second, don't write shit to people's system directory. It is not a general storage area.1/2 of the other scripts posted in this thread write to the System dir. I was just following up on their idea. Link to comment Share on other sites More sharing options...
solid2005 Posted May 28, 2008 Share Posted May 28, 2008 Can you do sample scirpt like runing notepad.exe? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now