Jump to content
Sign in to follow this  
allSystemsGo

Help on password-protecting a script

Recommended Posts

allSystemsGo

I set up many computers a week and have to download the same programs for them every time. So, to speed up the process I have wrote a script that will download them for me. However, some of the files and programs that are required rest on our server, so I would like to password protect this script. I have tried a method that I found in the forums...but it does not seem to be working for me. Please help!

#include <crypt.au3>

$sInput = InputBox(@ScriptName, "Enter your password...")
_AutoMD5_Data_Decrypt($sInput)
;;;from here the rest of the script works on getting the downloads
Func _AutoMD5_Data_Decrypt($sInput) ; Returns true if passwords match, or false if they don't.

Global $sPass = FileReadLine("\\server\folder\password.txt", 1) ; Retrieve the password via whatever method you choose to store it...actual directory changed for posting
_Crypt_Startup()
$sEncryptedInput = _Crypt_HashData($sInput, $CALG_MD5)
_Crypt_Shutdown()
If String($sEncryptedInput) = String($sPass) Then
Return True
Else
Return False
EndIf
EndFunc ;==>_AutoMD5_Data_Decrypt

The input box appears and I can type in a password...but even if it is wrong it still allows the script to continue. Also, if I click Cancel on the input box, it still allows the script to run.

This is what I used to generate the encryption and the _AutoMD5_Data_Decrypt Function...

#include <Crypt.au3>

$vData = InputBox(@ScriptName, "Enter a password to encrypt.")
$sOutFile = FileSelectFolder("Select folder to output your encrypted key to.", "", 6)
If @error Then Exit
$sOutFile&="\EncryptedPass.txt"
_AutoMD5_Data_Create($vData, $sOutFile)
If msgbox(4 + 32 + 262144, @ScriptName, "Do you wish to view your encrypted key?") = 6 Then ShellExecute($sOutFile)
Exit

Func _AutoMD5_Data_Create($vData, $sOutFile)
    _Crypt_StartUp()
    $sEncryptedString = _Crypt_HashData($vData, $CALG_MD5)
    If $sEncryptedString = -1 Then
        msgbox(16 + 262144, @ScriptName, "Failed to create MD5 hash. Error in command. " & @error)
        Exit
    Else
        $hFile = FileOpen($sOutFile, 2)
        FileWrite($hFile, String($sEncryptedString) & @CRLF)
        FileClose($hFile)
    EndIf
    _Crypt_Shutdown()
    If msgbox(4 + 32 + 262144, @ScriptName, "Do you wish to test the output?") = 6 Then
        $sInput = InputBox(@ScriptName, "Enter your password...")
        _AutoMD5_Test_Decryption($sInput, $sEncryptedString, $sOutFile)
    EndIf
    _AutoMD5_Create_Commands($sOutFile)
    Return $sEncryptedString
EndFunc

Func _AutoMD5_Test_Decryption($sInput, $sEncryptedString, $sOutFile)
    _Crypt_Startup()
    $sInputEncryptedString = _Crypt_HashData($sInput, $CALG_MD5)
    _Crypt_Shutdown()
    If String($sInputEncryptedString) = String($sEncryptedString) Then
        msgbox(64 + 262144, @ScriptName, "WORKS!" &@LF&@LF& _
            "Encrypted Password Shows As: " & @TAB & $sEncryptedString &@LF&@LF& _
            "The Input Password Shows As: " & @TAB & $sInputEncryptedString)
    Else
        msgbox(64 + 262144, @ScriptName, "FAILED!" &@LF&@LF& _
        "Encrypted Password Shows As: " & @TAB & $sEncryptedString &@LF&@LF& _
            "The Input Password Shows As: " & @TAB & $sInputEncryptedString)
    EndIf
EndFunc

Func _AutoMD5_Create_Commands($sOutFile)
    $hFile = FileOpen($sOutFile, 1)
    FileWrite($hFile,  @CRLF & '#include <Crypt.au3>' & @CRLF & @CRLF & _
        '$sInput = InputBox(@ScriptName, "Enter your password...")' & @CRLF & @CRLF & _
        'Func _AutoMD5_Data_Decrypt($sInput) ; Returns true if passwords match, or false if they don''t.' & @CRLF & @TAB & _
        '$sPass = _Get_Stored_Encrypted_Password() ; Retrieve the password via whatever method you choose to store it.' & @CRLF & @TAB & _
        '_Crypt_Startup()' & @CRLF & @TAB & _
        '$sEncryptedInput = _Crypt_HashData($sInput, $CALG_MD5)' & @CRLF & @TAB & _
        '_Crypt_Shutdown()' & @CRLF & @TAB & _
        'If String($sInputEncryptedString) = String($sEncryptedString) Then' & @CRLF & @TAB & @TAB & _
        'Return True' & @CRLF & @TAB & _
        'Else' & @CRLF & @TAB & @TAB & _
        'Return False' & @CRLF & @TAB & _
        'EndIf' & @CRLF & _
        'EndFunc')
    FileClose($hFile)
EndFunc

Share this post


Link to post
Share on other sites
allSystemsGo

How about adding something like this at the start of your script:

#Region --- CodeWizard generated code Start ---
;MsgBox features: Title=Yes, Text=Yes, Buttons=OK and Cancel, Icon=None
If Not IsDeclared("iMsgBoxAnswer") Then Local $iMsgBoxAnswer
$iMsgBoxAnswer = MsgBox(1,"test","custom text")
Select
Case $iMsgBoxAnswer = 1 ;OK
;Continue Script
Case $iMsgBoxAnswer = 2 ;Cancel
Exit

EndSelect
#EndRegion --- CodeWizard generated code End ---

It would help as far as the correct action when Cancel is clicked...but at this point I am more concerned about the actual password working.

Share this post


Link to post
Share on other sites
DOTCOMmunications

Maybe it is just me but it looks like you are just returning true or false for the password and then not acting on that information to either end the script or continue its execution.

You might want to have it return something that you can then check with an If..Else.. statement to then either close the script with a message box or continue it (the code below is untested and based simply on your code)

#include
; Set to false so even if box is cancelled will return as password incorrect
Global $sReturn = "False"

$sInput = InputBox(@ScriptName, "Enter your password...")
_AutoMD5_Data_Decrypt($sInput)
If $sReturn = "False" Then
MsgBox(0, "", "Password incorrect")
Exit
Else
;;;from here the rest of the script works on getting the downloads
EndIf
Func _AutoMD5_Data_Decrypt($sInput) ; Returns true if passwords match, or false if they don't.

Global $sPass = FileReadLine("\\server\folder\password.txt", 1) ; Retrieve the password via whatever method you choose to store it...actual directory changed for posting
_Crypt_Startup()
$sEncryptedInput = _Crypt_HashData($sInput, $CALG_MD5)
_Crypt_Shutdown()
If String($sEncryptedInput) = String($sPass) Then
$sReturn = "True"
Else
$sReturn = "False"
EndIf
EndFunc ;==>_AutoMD5_Data_Decrypt
Edited by DOTCOMmunications

Share this post


Link to post
Share on other sites
allSystemsGo

Maybe it is just me but it looks like you are just returning true or false for the password and then not acting on that information to either end the script or continue its execution.

You might want to have it return something that you can then check with an If..Else.. statement to then either close the script with a message box or continue it (the code below is untested and based simply on your code)

#include
; Set to false so even if box is cancelled will return as password incorrect
Global $sReturn = "False"

$sInput = InputBox(@ScriptName, "Enter your password...")
_AutoMD5_Data_Decrypt($sInput)
If $sReturn = "False" Then
MsgBox(0, "", "Password incorrect")
Exit
Else
;;;from here the rest of the script works on getting the downloads
EndIf
Func _AutoMD5_Data_Decrypt($sInput) ; Returns true if passwords match, or false if they don't.

Global $sPass = FileReadLine("\\server\folder\password.txt", 1) ; Retrieve the password via whatever method you choose to store it...actual directory changed for posting
_Crypt_Startup()
$sEncryptedInput = _Crypt_HashData($sInput, $CALG_MD5)
_Crypt_Shutdown()
If String($sEncryptedInput) = String($sPass) Then
$sReturn = "True"
Else
$sReturn = "False"
EndIf
EndFunc ;==>_AutoMD5_Data_Decrypt

Thanks for the help! However, this tells me that the password is incorrect either way. It doesn't let me get into the goods of the script, so thats a start...

Share this post


Link to post
Share on other sites
allSystemsGo

Changed the key to an INI file, changed FileReadLine to INIRead and all is well!

Share this post


Link to post
Share on other sites
DOTCOMmunications

Glad you got it working now, it might of been the CRLF at the end of the password in the encrypted file that was preventing it from verifying, you could of stripped that and whitespace out of both strings to make sure (just guessing that was the cause as i have had this happen to me when comparing strings before)

Edited by DOTCOMmunications

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×