0000 0 Posted April 13, 2011 Hello. I'm trying to make .exe which is working with web-based script. So I need to send secret information like id/pw to www, so I took some php script for encoding/decoding info. But I can't convert it to autoit. Could somebody try to help? <?php // String EnCrypt + DeCrypt function // Author: halojoy, July 2006 function convert($str,$ky=''){ if($ky=='')return $str; $ky=str_replace(chr(32),'',$ky); if(strlen($ky)<8)exit('key error'); $kl=strlen($ky)<32?strlen($ky):32; $k=array();for($i=0;$i<$kl;$i++){ $k[$i]=ord($ky{$i})&0x1F;} $j=0;for($i=0;$i<strlen($str);$i++){ $e=ord($str{$i}); $str{$i}=$e&0xE0?chr($e^$k[$j]):chr($e); $j++;$j=$j==$kl?0:$j;} return $str; } /////////////////////////////////// // Secret key to encrypt/decrypt with $key='mysecretkey'; // 8-32 characters without spaces // String to encrypt $string1='To be or not to be, that is the question'; // EnCrypt string $string2=convert($string1,$key); // DeCrypt back $string3=convert($string2,$key); // Test output echo '<span style="font-family:Courier">'."\n"; echo 'Key: '.$key.'<br>'."\n"; echo $string1.'<br>'."\n"; echo $string2.'<br>'."\n"; echo $string3.'<br>'."\n"; echo '</span>'."\n"; ?> [/PHP] Test: Key: mysecretkey To be or not to be, that is the question Yv3gf2jf+kvy9gj#p`8+qqlm3lp2q|n%hx|`qj}k To be or not to be, that is the question Thank you, 0000. Share this post Link to post Share on other sites
James 377 Posted April 14, 2011 Hint: AutoIts equivalent of Ord() is Asc() Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ Share this post Link to post Share on other sites
KaFu 295 Posted April 14, 2011 Instead of reinventing the wheel better use something allready serving that purpose... For AES a combo of these two might work: http://phpseclib.sourceforge.net/documentation/crypt.html#crypt_aes_benchmarks _Crypt_EncryptData() And if it's only about authentication, md5() pw&id locally and compare the hash on the server-side. OS: Win10-1909 - 64bit - German, AutoIt Version: 3.3.14.5, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2019-Dec-21) BIC - Batch-Image-Cropper (2019-Dec-11) COP - Color Picker (2009-May-21) HMW - Hide my Windows (2018-Sep-16) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2019-Dec-07) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16) Share this post Link to post Share on other sites
0000 0 Posted April 14, 2011 MD5 isn't quite good, because I will have to send information which should be decoded at .exe or .php and I dont want to get sniffed packets. Share this post Link to post Share on other sites
James 377 Posted April 14, 2011 MD5 isn't quite good, because I will have to send information which should be decoded at .exe or .php and I dont want to get sniffed packets.MD5 is brilliant because the only way to decode it is to rainbow table/dictionary, which can take billions of years.Good luck with the packet sniffing stopping... Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ Share this post Link to post Share on other sites
0000 0 Posted April 14, 2011 (edited) Yeah MD5 is pretty good to return Login success answer (Critical error) from PHP -> .exe and try to bruteforce it, because normal string should be shown for User Edited April 14, 2011 by 0000 Share this post Link to post Share on other sites
