Jump to content

PHP -> AutoIt

0000

By 0000,
in AutoIt General Help and Support

 Share

Recommended Posts

0000 Wayfarer

0000

Posted
Posted

Hello.

I'm trying to make .exe which is working with web-based script. So I need to send secret information like id/pw to www, so I took some php script for encoding/decoding info. But I can't convert it to autoit. Could somebody try to help?

<?php
// String EnCrypt + DeCrypt function
// Author: halojoy, July 2006
function convert($str,$ky=''){
if($ky=='')return $str;
$ky=str_replace(chr(32),'',$ky);
if(strlen($ky)<8)exit('key error');
$kl=strlen($ky)<32?strlen($ky):32;
$k=array();for($i=0;$i<$kl;$i++){
$k[$i]=ord($ky{$i})&0x1F;}
$j=0;for($i=0;$i<strlen($str);$i++){
$e=ord($str{$i});
$str{$i}=$e&0xE0?chr($e^$k[$j]):chr($e);
$j++;$j=$j==$kl?0:$j;}
return $str;
}
///////////////////////////////////
// Secret key to encrypt/decrypt with
$key='mysecretkey'; // 8-32 characters without spaces
// String to encrypt
$string1='To be or not to be, that is the question';
// EnCrypt string
$string2=convert($string1,$key);
// DeCrypt back
$string3=convert($string2,$key);
// Test output
echo '<span style="font-family:Courier">'."\n";
echo 'Key: '.$key.'<br>'."\n";
echo $string1.'<br>'."\n";
echo $string2.'<br>'."\n";
echo $string3.'<br>'."\n";
echo '</span>'."\n";
?> 
[/PHP]

Test:

Key: mysecretkey
To be or not to be, that is the question
Yv3gf2jf+kvy9gj#p`8+qqlm3lp2q|n%hx|`qj}k
To be or not to be, that is the question

Thank you, 0000.

Link to comment
Share on other sites
KaFu Universalist

KaFu

Posted
Posted

Instead of reinventing the wheel better use something allready serving that purpose...

For AES a combo of these two might work:

http://phpseclib.sourceforge.net/documentation/crypt.html#crypt_aes_benchmarks

_Crypt_EncryptData()

And if it's only about authentication, md5() pw&id locally and compare the hash on the server-side.

de.png OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu
prog_icon_amt.png AMT - Auto-Movie-Thumbnailer (2022-Nov-26) prog_icon_bic.png BIC - Batch-Image-Cropper (2023-Apr-01) prog_icon_cop.png COP - Color Picker (2009-May-21)
prog_icon_dcs.png DCS - Dynamic Cursor Selector (2024-Feb-16) prog_icon_hmw.png HMW - Hide my Windows (2018-Sep-16) prog_icon_hrc.png HRC - HotKey Resolution Changer (2012-May-16) 
prog_icon_icu.png ICU - Icon Configuration Utility (2018-Sep-16) prog_icon_smf.png SMF - Search my Files (2023-Jun-03) - THE file info and duplicates search tool prog_icon_ssd.png SSD - Set Sound Device (2017-Sep-16)

Link to comment
Share on other sites
James Universalist

James

Posted
Posted

MD5 isn't quite good, because I will have to send information which should be decoded at .exe or .php and I dont want to get sniffed packets.

MD5 is brilliant because the only way to decode it is to rainbow table/dictionary, which can take billions of years.

Good luck with the packet sniffing stopping...

Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ
Link to comment
Share on other sites
0000 Wayfarer

0000

Posted
  • Author
Posted (edited)

Yeah MD5 is pretty good to return Login success answer (Critical error) from PHP -> .exe and try to bruteforce it, because normal string should be shown for User :unsure:

Edited by 0000
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...