_Crypt($s_ToCrypt) One way encryption method.

[JSThePatriot]

Okay I have try myself with the source code to decrypt this, but as of yet have been unable. I would like to give everyone a chance to crack it. I will be including the source code. With some sample outputs.

The function: _Crypt($s_ToCrypt)

;===============================================================================
;
; Function Name:    _Crypt($s_ToCrypt)
; Description:    One way encryption for storing strings in a safe format
; Parameter(s):  $s_ToCrypt = The string that you want to be encrypted.
; Requirement(s):   String Input
; Return Value(s):  On Success - Returns the hashed string
;                  On Failure - Sets @error to 1 and Returns -1
; Author(s):        Jarvis Stubblefield
;
; Example:          MsgBox(0, "Crypt Test", _Crypt("192.168.0.1") & " and " & _Crypt("Hello my name is Jarvis"))
;===============================================================================

Func _Crypt($s_ToCrypt)
    Local $c_Split, $n_Split
    Local $temp, $i, $s_Crypt
    
    $c_Split = StringSplit($s_ToCrypt, "")
    
    For $i = 1 To $c_Split[0]
        $temp = $temp & Asc($c_Split[$i]) * $c_Split[0] * 37 / 25 * 2 / 11 + $c_Split[0]
    Next
    
    For $i = 1 To StringLen($temp) / 3 Step 8
        $s_Crypt = $s_Crypt & Hex(StringMid($temp, $i, 8), 2)
    Next

    If $s_Crypt = "" Then
        SetError(1)
        Return -1
    Else
        Return $s_Crypt
    EndIf
EndFunc;==>_Crypt

For "192.168.1.1" this returns:

9C092F

Yes that is Hex...o using my _HexToString($strHex) UDF (comes with AutoIt) the return is

/

For "password" this returns:

F92FD8D1FF74

The hex return is:

ù/ØÑÿt

Let me know if anyone can decrypt this and what the code is.

Thanks,

JS

[Ejoc]

I started working on it, and I know I can get it working. Basicly I am generating a table of the floating point numbers to generate to make the Hex from. I can go a few "bytes" in from your returned hash and retrieve the original String length. Once I have the original string length it wont be that hard to rebuild your $temp. Plus since you take 8 characters from $temp for the hex conversion but are only preforming that stringlen($temp)/3 times, you will on large strings get to a point where the characters at the end of the string dont effect the hash except for the fact that it needs a character in that position.

Now I will say that I doubt i will be able to always reproduce the original string, *But* I dont need too. I can produce strings that will generate the same hash, which is equally effective.

I've giving up on telling people to use established encryption methods that have already been ported to AutoIt.

[Fur]

I've giving up on telling people to use established encryption methods that have already been ported to AutoIt.

Now that's a shame because:

#1 - No encryption anyone comes up with on their own is worth a damn. Unless you've gotten a Phd in cryptography, don't even bother trying.

#2 - Those of us who understand #1, would love to know what has been 'ported' to AutoIt already!!

Cheers!

[JSThePatriot]

Now that's a shame because:

#1 - No encryption anyone comes up with on their own is worth a damn. Unless you've gotten a Phd in cryptography, don't even bother trying.

#2 - Those of us who understand #1, would love to know what has been 'ported' to AutoIt already!!

Cheers!

<{POST_SNAPBACK}>

#1

LOL I didnt do this for an actual encryption. I would use MD5 or actually I would use AxCrypts stuff. Theirs is quite secure and open source.

#2

Check Ejoc's sig he has the link right there. He has been working on encryption quite a bit.

Thanks for the critism.

JS

[JSThePatriot]

I started working on it, and I know I can get it working.  Basicly I am generating a table of the floating point numbers to generate to make the Hex from.  I can go a few "bytes" in from your returned hash and retrieve the original String length.  Once I have the original string length it wont be that hard to rebuild your $temp.  Plus since you take 8 characters from $temp for the hex conversion but are only preforming that stringlen($temp)/3 times, you will on large strings get to a point where the characters at the end of the string dont effect the hash except for the fact that it needs a character in that position.

Now I will say that I doubt i will be able to always reproduce the original string, *But* I dont need too.  I can produce strings that will generate the same hash, which is equally effective.

I've giving up on telling people to use established encryption methods that have already been ported to AutoIt.

<{POST_SNAPBACK}>

@Ejoc I would love to see some code that gets the string length. That is what I was having trouble with. I wasnt making this to get away from established encryption methods because I know those are much more secure. I have my Security + cert so I know my little deal is feable, but it gave me something to do .

Dont give up. You have made quite a useful UDF. When I need real encryption you will be sure I will be visiting you if I want it done solely in AutoIt.

JS

[Ejoc]

Sorry if I came off sounding negative towards you JS, that was not my intent. I just have a built-up level of frustration seeing people(again not you) with no real programming abilities asking questions anyone who took 1 programming class in any lanugage should be able to answer, and they have the jobs I should have. So I just get really frustrated looking for work, and seeing people who basicly have my job, needing me to help them keep it. So its not related to you, and not to cryptography, I'm just in a super bad mood.

Ok to get back on topic I'll work on it some more and try to get you some helpful code, right now alot of it is still in my head so what I have isn't that useful for you. But 1 thing that makes it "easy" to crack is that an "A" is encoded in $temp that same reguardless of where in the string it was since an "A" is:

(Asc("A") * 37 / 25 * 2 / 11) * $string_len + $string_len

or

17.490909090909090909090909090909 * $string_len + $string_len

so you can brute force try different string lengths and check each 2 Hex digits from the returned hash. As you try each new set of Hex digits the possible string lengths will drop off very quickly.

[Ejoc]

There is a bug in this, currently it only works w/ 1 or 2 character strings. I have a pretty good idea where the problem is.

expandcollapse popup

;MsgBox(0, "Crypt Test", _Crypt("192.168.0.1") & " and " & _Crypt("Hello my name is Jarvis"))
$s      = "@@"
$hash   = _Crypt($s)
$s2     = _Decrypt($hash)
$hash2  = _Crypt($s2)

msgbox(0,"","<" & $s  & "> = " & $hash & @CRLF & _
            "<" & $s2 & "> = " & $hash2)

Func _Crypt($s_ToCrypt)
    Local $c_Split, $n_Split
    Local $temp, $i, $s_Crypt
    
    $c_Split = StringSplit($s_ToCrypt, "")
    
    For $i = 1 To $c_Split[0]
        $temp = $temp & Asc($c_Split[$i]) * $c_Split[0] * 37 / 25 * 2 / 11 + $c_Split[0]
    Next
    For $i = 1 To StringLen($temp) / 3 Step 8
        $s_Crypt = $s_Crypt & Hex(StringMid($temp, $i, 8), 2)
    Next

    If $s_Crypt = "" Then
        SetError(1)
        Return -1
    Else
        Return $s_Crypt
    EndIf
EndFunc;==>_Crypt

Func _Decrypt($s_ToDecrypt,$speed=-1)
    Local $i,$temp,$s,$a,$n,$possible=0,$f,$scale,$x,$y,$s2
    Local $char_start=32,$char_stop=126,$length_start=1,$length_stop=64
    Local $hex_table,$possible_table,$float_table

    If $speed <> -1 Then
        $char_start     = 1
        $char_stop      = 255
        $length_start   = 1
        $length_stop    = 255
    EndIf

    Dim $hex_table[256][256]
;Dim $possible_str_len[256]
    Dim $float_table[256][256]
    Dim $possible_table[1][3]


    $scale  = 37 / 25 * 2 / 11
    For $i = $char_start To $char_stop
        $f                  = $i * $scale
        For $n = $length_start To $length_stop
            $float_table[$i][$n]    = $f * $n + $n
            $hex_table[$i][$n]      = Hex(StringLeft($f * $n + $n,8),2)
        Next
    Next
;msgbox(0,"decrypt",$t & @crlf & StringLeft($float_table[Asc("A")][1] + 1,8))
;msgbox(0,"decrypt",$t & @crlf & $hex_table[Asc("A")][1])
    $s  = StringMid($s_ToDecrypt,1,2)
    For $i = $char_start To $char_stop
        For $n = $length_start To $length_stop
            If $s = $hex_table[$i][$n] Then
                $possible_table[$possible][0]   = $n    ; string length
                $possible_table[$possible][1]   = Chr($i); first char
                $possible_table[$possible][2]   = $float_table[$i][$n]
                $possible += 1
                ReDim $possible_table[$possible+1][3]
            EndIf
        Next
    Next
    redim $hex_table

    For $i = 0 To $possible - 1
        For $n = StringLen($possible_table[$i][1])*2+1 To StringLen($s_ToDecrypt) Step 2
            $s  = StringMid($s_ToDecrypt,$n,2)
            For $x = $char_start To $char_stop
                $s2 = $possible_table[$i][2] & $float_table[$x][$possible_table[$i][0]]
                $s3 = Hex(StringMid($s2,(($n-1)/2)*8+1,8),2)
                If $s = $s3 Then
                    $possible_table[$possible][0]   = $possible_table[$i][0]
                    $possible_table[$possible][1]   = $possible_table[$i][1] & Chr($x)
                    $possible_table[$possible][2]   = $s2
                    If _Crypt($possible_table[$possible][1]) = $s_ToDecrypt Then
                        Return $possible_table[$possible][1]
                    EndIf
                    $possible += 1
                    ReDim $possible_table[$possible+1][3]
                EndIf
            Next
        Next
    Next

    $s = ""
    For $i = 0 To $possible -1
        If $s_ToDecrypt = _Crypt($possible_table[$i][1]) Then

            $s = $possible_table[$i][1]
            $i = $possible
        EndIf
    Next

    return $s
EndFunc

[JSThePatriot]

Sorry if I came off sounding negative towards you JS, that was not my intent. I just have a built-up level of frustration seeing people(again not you) with no real programming abilities asking questions anyone who took 1 programming class in any lanugage should be able to answer, and they have the jobs I should have.  So I just get really frustrated looking for work, and seeing people who basicly have my job, needing me to help them keep it.  So its not related to you, and not to cryptography, I'm just in a super bad mood.

Ok to get back on topic   I'll work on it some more and try to get you some helpful code, right now alot of it is still in my head so what I have isn't that useful for you.  But 1 thing that makes it "easy" to crack is that an "A" is encoded in $temp that same reguardless of where in the string it was since an "A" is:

(Asc("A") * 37 / 25 * 2 / 11) * $string_len + $string_len

or

17.490909090909090909090909090909 * $string_len + $string_len

so you can brute force try different string lengths and check each 2 Hex digits from the returned hash.  As you try each new set of Hex digits the possible string lengths will drop off very quickly.

<{POST_SNAPBACK}>

Nah its alright. I understand your frustration though. Dont worry about it. You didnt bother me. I just wanted to straighten everything out.

Interesting concept on the letters. I didnt think of that when I first made it... well I did, but I thought I took care of it as 1 and 11 dont return the same thing. My error there. I was basically just making this so I could 1 play around and 2 possibly use it to confuse a user from straight editing my config file. I love reinventing the wheel or atleast taking a stab at a spoke on the wheel .

Sorry about the job situation. I understand. I have just recently opened my own business, but its not paying all the bills now that my wife quit her job so I have to look for a job again. The job market is no fun.

JS