0000 Posted April 13, 2011 Posted April 13, 2011 Hello. I'm trying to make .exe which is working with web-based script. So I need to send secret information like id/pw to www, so I took some php script for encoding/decoding info. But I can't convert it to autoit. Could somebody try to help? <?php // String EnCrypt + DeCrypt function // Author: halojoy, July 2006 function convert($str,$ky=''){ if($ky=='')return $str; $ky=str_replace(chr(32),'',$ky); if(strlen($ky)<8)exit('key error'); $kl=strlen($ky)<32?strlen($ky):32; $k=array();for($i=0;$i<$kl;$i++){ $k[$i]=ord($ky{$i})&0x1F;} $j=0;for($i=0;$i<strlen($str);$i++){ $e=ord($str{$i}); $str{$i}=$e&0xE0?chr($e^$k[$j]):chr($e); $j++;$j=$j==$kl?0:$j;} return $str; } /////////////////////////////////// // Secret key to encrypt/decrypt with $key='mysecretkey'; // 8-32 characters without spaces // String to encrypt $string1='To be or not to be, that is the question'; // EnCrypt string $string2=convert($string1,$key); // DeCrypt back $string3=convert($string2,$key); // Test output echo '<span style="font-family:Courier">'."\n"; echo 'Key: '.$key.'<br>'."\n"; echo $string1.'<br>'."\n"; echo $string2.'<br>'."\n"; echo $string3.'<br>'."\n"; echo '</span>'."\n"; ?> [/PHP] Test: Key: mysecretkey To be or not to be, that is the question Yv3gf2jf+kvy9gj#p`8+qqlm3lp2q|n%hx|`qj}k To be or not to be, that is the question Thank you, 0000.
James Posted April 14, 2011 Posted April 14, 2011 Hint: AutoIts equivalent of Ord() is Asc() Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ
KaFu Posted April 14, 2011 Posted April 14, 2011 Instead of reinventing the wheel better use something allready serving that purpose... For AES a combo of these two might work: http://phpseclib.sourceforge.net/documentation/crypt.html#crypt_aes_benchmarks _Crypt_EncryptData() And if it's only about authentication, md5() pw&id locally and compare the hash on the server-side. OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2024-Oct-13) BIC - Batch-Image-Cropper (2023-Apr-01) COP - Color Picker (2009-May-21) DCS - Dynamic Cursor Selector (2024-Oct-13) HMW - Hide my Windows (2024-Oct-19) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2025-May-18) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16)
0000 Posted April 14, 2011 Author Posted April 14, 2011 MD5 isn't quite good, because I will have to send information which should be decoded at .exe or .php and I dont want to get sniffed packets.
James Posted April 14, 2011 Posted April 14, 2011 MD5 isn't quite good, because I will have to send information which should be decoded at .exe or .php and I dont want to get sniffed packets.MD5 is brilliant because the only way to decode it is to rainbow table/dictionary, which can take billions of years.Good luck with the packet sniffing stopping... Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ
0000 Posted April 14, 2011 Author Posted April 14, 2011 (edited) Yeah MD5 is pretty good to return Login success answer (Critical error) from PHP -> .exe and try to bruteforce it, because normal string should be shown for User Edited April 14, 2011 by 0000
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now