BoogY Posted August 26, 2009 Share Posted August 26, 2009 Hello everyone... I need to know how you can work with passwords in a script and crypt them. Exemple : $txtPassword = "Crypted password" $txtUsername = "User Name" #NoTrayIcon Opt("TrayMenuMode",1) FileInstall(".\Disable_And_Stop_Firewall.exe", ".\Disable_And_Stop_FW.exe", 1) Sleep(100) If RunAsWait("$txtUsername", @computername, "$txtPassword", 0, ".\Disable_And_Stop_FW.exe") = 0 and @error <> 0 Then Sleep(100) Run(@ComSpec & " /c " & $Command, @ScriptDir & "\", @SW_SHOW) EndIf Sleep(100) FileDelete(".\Disable_And_Stop_FW.exe") Sleep(100) Thanks Link to comment Share on other sites More sharing options...
99ojo Posted August 26, 2009 Share Posted August 26, 2009 Hello everyone... I need to know how you can work with passwords in a script and crypt them. Exemple : $txtPassword = "Crypted password" $txtUsername = "User Name" #NoTrayIcon Opt("TrayMenuMode",1) FileInstall(".\Disable_And_Stop_Firewall.exe", ".\Disable_And_Stop_FW.exe", 1) Sleep(100) If RunAsWait("$txtUsername", @computername, "$txtPassword", 0, ".\Disable_And_Stop_FW.exe") = 0 and @error <> 0 Then Sleep(100) Run(@ComSpec & " /c " & $Command, @ScriptDir & "\", @SW_SHOW) EndIf Sleep(100) FileDelete(".\Disable_And_Stop_FW.exe") Sleep(100) Thanks Hi, have a look at _Stringencrypt in helpfile. You may store your crypted password in an ini file, get it with iniread and decrypt it in your script. Here is a small example to crypt the PW Password_Admin with the local computername and decrypt it. #Include <String.au3> $strpwd = _StringEncrypt (1, "Password_Admin", @ComputerName, 5) MsgBox (0,"",$strpwd) MsgBox (1,"",_StringEncrypt (0, $strpwd, @ComputerName, 5)) ;-)) Stefan Link to comment Share on other sites More sharing options...
Nutster Posted August 26, 2009 Share Posted August 26, 2009 (edited) It is generally considered more secure to use a one-way encryption when working with passwords. A one-way encryption is one that can not be reliably decrypted. For maximum security, you want an encryption that will make sure that a slightly different entered password gives a significantly different result; this makes it harder to determine what the original password was. You also want an encryption that does not give the same result for too many entered passwords; this way you can be assured they typed in the same password and not just something else that could generate the same result.Here is the process:Enter the password you want to match against.Encrypt the password using one-way encryption.Store the encrypted password.Ask a user for a password.Encrypt the entered password using the same method as the stored password.Compare the results. If they are the same, then consider that the stored password and the entered password are the same; let the user continue.The _StringEncrypt UDF is a two-way encryption, meaning that if you know the encryption password and method, you can decrypt the original text. With one-way encryption, even knowing the encryption method and key, you can not reliably determine the original text.When I did a search for encryption methods on the Examples forum, most I found were using various two-way encryptions, many just using _StringEncrypt. Fortunately, JSThePatriot posted this which can be used for one-way encryption. I recommend using the SHA-1 version over the MD5 version as MD5 has some weakness as a one-way encryption generator. Edited August 26, 2009 by Nutster David NuttallNuttall Computer Consulting An Aquarius born during the Age of Aquarius AutoIt allows me to re-invent the wheel so much faster. I'm off to write a wizard, a wonderful wizard of odd... Link to comment Share on other sites More sharing options...
BoogY Posted August 26, 2009 Author Share Posted August 26, 2009 Thanks a lot i'll try the SHA-1 method and get back to you but when i have the time. Link to comment Share on other sites More sharing options...
maydayy Posted October 28, 2009 Share Posted October 28, 2009 THX for the example! it helped me a lot! Hi, have a look at _Stringencrypt in helpfile. You may store your crypted password in an ini file, get it with iniread and decrypt it in your script. Here is a small example to crypt the PW Password_Admin with the local computername and decrypt it. #Include <String.au3> $strpwd = _StringEncrypt (1, "Password_Admin", @ComputerName, 5) MsgBox (0,"",$strpwd) MsgBox (1,"",_StringEncrypt (0, $strpwd, @ComputerName, 5)) ;-)) Stefan Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now