Jump to content

'simple' password hashing

prismite
 Share

Recommended Posts

prismite Seeker

prismite

Posted
Posted

Hi folks, been a while since I've had to post but I figured I'd be back sooner or later...

I have written a small amateur program that takes a bit of data from a user (inluding Username and Password) then follows a few choice instructions, writing the info (un/pw) to a .ini file so as to make future inquiries that much faster. 

Now that the script is functional, I'd like to have the .ini reflect a hashed password, so that other people viewing the file wont see the clear text. 

I've manage to do that, showing an 'encrypted' input2 ... but I cant seem to get my decryption working correctly. It shows a '0' when I run the program the next time. Take a look..

#include <ButtonConstants.au3>
#include <ComboConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <GuiStatusBar.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <WinAPI.au3>
#include <GDIPlus.au3>
#include <IE.au3>
#include <Crypt.au3>

#Region ### START Koda GUI section ### Form=Form1.kxf
    $form1 = GUICreate("BACC-MAC 2.0", 338, 155, 192, 124)
    $input1 = GUICtrlCreateInput(IniRead("BACC-MAC.ini", "Config", "Input1", ""), 24, 24, 121, 21)
    $group1 = GUICtrlCreateGroup("Username", 8, 8, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $readhiddenpw = IniRead("BACC-MAC.ini", "Config", "Input2", "")
    $decryptme = Encrypting ($readhiddenpw)
    $input2 = GUICtrlCreateInput($decryptme, 192, 24, 121, 21)
    $group2 = GUICtrlCreateGroup("Password", 176, 8, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $input3 = GUICtrlCreateInput("", 112, 80, 121, 21)
    $group3 = GUICtrlCreateGroup("MAC", 96, 64, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $button1 = GUICtrlCreateButton("Go!", 128, 120, 75, 25)
    GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
    
    $sEncrypted = ""

While 1
    $nmsg = GUIGetMsg()
    $username = (GUICtrlRead($input1))
    $password = (GUICtrlRead($input2))
    $cpemac = (GUICtrlRead($input3))

    Encrypting ($sEncrypted)
    
    Switch $nmsg
        Case $gui_event_close
            IniWrite("BACC-MAC.ini", "Config", "Input1", GUICtrlRead($input1))
            IniWrite("BACC-MAC.ini", "Config", "Input2", $sEncrypted)
            Exit
        Case $button1
            bacc()
            IniWrite("BACC-MAC.ini", "Config", "Input1", GUICtrlRead($input1))
            IniWrite("BACC-MAC.ini", "Config", "Input2", $sEncrypted)
            Exit
    EndSwitch
WEnd

Func Encrypting ($password)
   $sEncrypted = StringEncrypt (True, "Encrypted", $password)
   $sDecrypted = StringEncrypt (False, $sEncrypted, $password)
EndFunc

Func StringEncrypt($bEncrypt, $sData, $sPassword)
    _Crypt_Startup() ; Start the Crypt library.
    Local $sReturn = ''
    If $bEncrypt Then ; If the flag is set to True then encrypt, otherwise decrypt.
        $sReturn = _Crypt_EncryptData($sData, $sPassword, $CALG_RC4)
    Else
        $sReturn = BinaryToString(_Crypt_DecryptData($sData, $sPassword, $CALG_RC4))
    EndIf
    _Crypt_Shutdown() ; Shutdown the Crypt library.
    Return $sReturn
EndFunc


 

.

Link to comment
Share on other sites
perfaram Seeker

perfaram

Posted
Posted (edited)

The best solution would be to use _Crypt_HashData, then save the hashed data to your INI file. And when you need to check the password, then use _Crypt_HashData again (on the password the user provided) and compare it with the saved one :-)

EDIT : HOHOHO looks like I didn't understand your question the right way....

Edited by perfaram

Never forget to mark a question as resolved, this button has been purposely created :-P 

Link to comment
Share on other sites
perfaram Seeker

perfaram

Posted
Posted (edited)

Okay, I think your misunderstood the StringEncrypt function. 

$bEncrypt is to choose whether you want to crypt or decrypt,

$sData should be the string you want to encrypt, and

$sPassword the key used to crypt

Take a look at this if you don't understand

Anyway, this should be better : 

#include <ButtonConstants.au3>
#include <ComboConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <GuiStatusBar.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <WinAPI.au3>
#include <GDIPlus.au3>
#include <IE.au3>
#include <Crypt.au3>
Global $key="MyKeyForCrypting"
#Region ### START Koda GUI section ### Form=Form1.kxf
    $form1 = GUICreate("BACC-MAC 2.0", 338, 155, 192, 124)
    $input1 = GUICtrlCreateInput(IniRead("BACC-MAC.ini", "Config", "Input1", ""), 24, 24, 121, 21)
    $group1 = GUICtrlCreateGroup("Username", 8, 8, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $readhiddenpw = IniRead("BACC-MAC.ini", "Config", "Input2", "")
    $decryptme = StringEncrypt(False, IniRead("BACC-MAC.ini", "Config", "Input2", ""), $key)
    $input2 = GUICtrlCreateInput($decryptme, 192, 24, 121, 21)
    $group2 = GUICtrlCreateGroup("Password", 176, 8, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $input3 = GUICtrlCreateInput("", 112, 80, 121, 21)
    $group3 = GUICtrlCreateGroup("MAC", 96, 64, 153, 49)
    GUICtrlCreateGroup("", -99, -99, 1, 1)
    $button1 = GUICtrlCreateButton("Go!", 128, 120, 75, 25)
    GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###

    $sEncrypted = ""

While 1
    $nmsg = GUIGetMsg()
    $username = (GUICtrlRead($input1))
    $password = (GUICtrlRead($input2))
    $cpemac = (GUICtrlRead($input3))

    Switch $nmsg
        Case $gui_event_close
            IniWrite("BACC-MAC.ini", "Config", "Input1", GUICtrlRead($input1))
            IniWrite("BACC-MAC.ini", "Config", "Input2", StringEncrypt(True, GUICtrlRead($input2), $key))
            Exit
        Case $button1
            IniWrite("BACC-MAC.ini", "Config", "Input1", GUICtrlRead($input1))
            IniWrite("BACC-MAC.ini", "Config", "Input2", StringEncrypt(True, GUICtrlRead($input2), $key))
            Exit
    EndSwitch
WEnd

Func StringEncrypt($bEncrypt, $sData, $sPassword)
    _Crypt_Startup() ; Start the Crypt library.
    Local $sReturn = ''
    If $bEncrypt Then ; If the flag is set to True then encrypt, otherwise decrypt.
        $sReturn = _Crypt_EncryptData($sData, $sPassword, $CALG_RC4)
    Else
        $sReturn = BinaryToString(_Crypt_DecryptData($sData, $sPassword, $CALG_RC4))
    EndIf
    _Crypt_Shutdown() ; Shutdown the Crypt library.
    Return $sReturn
EndFunc
Edited by perfaram

Never forget to mark a question as resolved, this button has been purposely created :-P 

Link to comment
Share on other sites
guinness Universalist

guinness

Posted
Posted

The example StringEncrypt() is meant to mimic the old function _StringEncrypt().

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...