Jump to content

Register Value Decrypting


Go to solution Solved by JohnJohnson,

Recommended Posts

Hi all, 

I am fairly new to AutoIt and still experimenting with it. Now I've learned a lot by just surfing the forums and Google for the things I could not cipher out myself. 

But now I really need help on something. Let me explain the situation.

I've wrote a script that encrypts a string and then writes it in the register. Now I want to read that entry and decrypt it. With _Crypt_DecryptData this does not work.

Local $regread          = RegRead("HKCU\Software\Example", "VALUE")
        Local $sUserKey         = "YourPasswordHere"
        Local $decrypted        = _Crypt_DecryptData(String($sData), $sUserKey, $CALG_AES_256)
        Local $Value            = BinaryToString($decrypted)    
        Local $ValueCode        = "YourOriginalValueHere"
        If $Value = $ValueCode Then
                   MsgBox( 64, "Correct!", "The values are identical!")

                Else 
                   MsgBox( 64, "Fail", "The values are not identical! Error:"&@error&"")

Could you point me to the right directions? Or maybe tell me what I am doing wrong. Or help me out of my dreams and tell me this is impossible! 

Thanx in advance!

Link to comment
Share on other sites

Right, maybe i typed it wrongly in the example script. But even as the way you describe it, It doesnt decrypt right.

I've also tested if i change the $regread to $regread = RegRead(), it gives the same output as $regread = RegRead("HKCUSoftwareExample", "Value"). So it looks like the function _Crypt_DecryptData reads $regread as RegRead() and that isn't working within the function. 
 

But to store the value in a ini file or put it in the code, beats my intention of reading the register in the first place. So maybe someone has a better idea?

Link to comment
Share on other sites

Positive, if i let the script write it in a ini file the right value is displayed in the ini file. Does it work for you then? Because i thought maybe it has something to do with admin rights, but that is not the case either. Because if that was the case then the right value would not be written in the ini file, or what file soever.

[btw, with the right value, i mean the value that is displayed in the register.]

Edited by JohnJohnson
Link to comment
Share on other sites

Your code is horribly formatted for this post, looks like a snippet of a much larger script. Also, it is not even able to run. You really should provide a reproducible script for others to help with. Here is working code, you should use _Crypt_DeriveKey():

#include <Crypt.au3>

_Crypt_Startup()
$sPassword = _Crypt_DeriveKey("YourPasswordHere", $CALG_AES_256)
RegWrite("HKCU\Software\Example", "VALUE", "REG_SZ", _Crypt_EncryptData("YourOriginalValueHere", $sPassword, $CALG_AES_256))
_Crypt_DestroyKey($sPassword)

DecryptData()

Func DecryptData()
    Local $regread = RegRead("HKCU\Software\Example", "VALUE")
    Local $sUserKey = _Crypt_DeriveKey("YourPasswordHere", $CALG_AES_256)
    Local $decrypted = _Crypt_DecryptData($regread, $sUserKey, $CALG_AES_256)
    Local $Value = BinaryToString($decrypted)
    Local $ValueCode = "YourOriginalValueHere"
    If $Value = $ValueCode Then
        MsgBox(64, "Correct!", "The values are identical!")
    Else
        MsgBox(64, "Fail", "The values are not identical! Error: " & @error)
    EndIf
EndFunc   ;==>DecryptData
Link to comment
Share on other sites

For some reason, everytime I use a variable within the function _Crypt_decryptData() it is not working, but if i put in the right values within brackets it is working.. I have to do this with the value that needs to be decrypted and the password that is used to decrypt it. Anyone has a clue why this is?

Link to comment
Share on other sites

  • Solution

So i've made a work-around to ensure it will be fixed! 

 

#include <Crypt.au3>

_Crypt_Startup()

$sPassword = "YourPasswordHere"
RegWrite("HKCU\Software\Example", "VALUE", "REG_SZ", _Crypt_EncryptData("YourOriginalValueHere", $sPassword, $CALG_AES_256))
_Crypt_DestroyKey($sPassword)

DecryptData()

Func DecryptData()
    local $temp = RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders", "AppData")
    Local $regread = RegRead("HKCU\Software\Example", "VALUE")
    IniWrite(""&$temp&"\789869654790", "5678", "09346", $regread)
    local $regvalue = IniRead(""&$temp&"\789869654790", "5678", "09346", "89023857639300")
    Local $sUserKey = "YourPasswordHere"
    Local $decrypted = _Crypt_DecryptData($regvalue, $sUserKey, $CALG_AES_256)
    Local $Value = BinaryToString($decrypted)
    Local $ValueCode = "YourOriginalValueHere"
    _Crypt_DestroyKey($sUserKey)
    If $Value = $ValueCode Then
        FileDelete(""&$temp&"\789869654790")
        MsgBox(64, "Correct!", "The values are identical!")
    Else
        MsgBox(64, "Fail", "The values are not identical! Error: " & @error)
        FileDelete(""&$temp&"\789869654790")
    EndIf
EndFunc   ;==>DecryptData
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...