Jump to content
Sign in to follow this  
LordBoling

Changing decrypt php to autoit

Recommended Posts

LordBoling

Hey guys. I am stuck again.

I have a website that takes orders and, of course, encrypts the card numbers.

I have been trying to rewrite the PHP decryption to work in Autoit, but I have been having difficulties.

Here is my PHP Function:

function cc_decrypt($string,$key) {
   $key = md5($key); //to improve variance
  /* Open module, and create IV */
  $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '','cfb', '');
  $key = substr($key, 0, mcrypt_enc_get_key_size($td));
  $iv_size = mcrypt_enc_get_iv_size($td);
  $iv = substr($string,0,$iv_size);
  $string = substr($string,$iv_size);
  /* Initialize encryption handle */
   if (mcrypt_generic_init($td, $key, $iv) != -1) {

     /* Encrypt data */
     $c_t = mdecrypt_generic($td, $string);
     mcrypt_generic_deinit($td);
     mcrypt_module_close($td);
       return $c_t;
   } else {
    trigger_error("cc_decrypt(C): Unable to decrypt input", E_USER_NOTICE);
   } 
}

I looked at Crypt but I could not find that it would work with a Rijndael encryption. I also need to be able to determine the IV.

Does anyone have any ideas for me? Thanks.

Share this post


Link to post
Share on other sites
LordBoling

No ideas?

Share this post


Link to post
Share on other sites
LordBoling

Thanks JohnOne. I had thought so as well, which should mean that the proper way to decrypt this using autoit is the following:

$CC = _Crypt_DecryptData($CC,$KEY,$CALG_AES_256)

With the credit card number being $CC, the preset key as $KEY and as this is a 256bit Rijndael $CALG_AES_256 should be the correct hash id.

However using this I get an error of 2, failed to decrypt.

Am I doing something wrong?

Share this post


Link to post
Share on other sites
aNewLyfe

you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure :mellow:

Btw, good luck with it, im trying to install that mcrypt plugin to my server atm, it sucks.


:alien: ~ Every Living Thing is a Code Snippet of World Application ~ :alien:

Share this post


Link to post
Share on other sites
LordBoling

you may simply InetGet(site.com/cc_decrypt.php?key=xxx&session=uniquecodefortempbypass) but it wont be secure :mellow:

I could do that or just pull the card number from the invoice. I am hoping to avoid that though.

I wish I understood encryptions better. Though I have been coding for 6 years now I have never worked with encryptions before.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×