tonycst

How to store encryption password into encrypted file ?

7 posts in this topic

#include <Crypt.au3>
#include <File.au3>

$FileToEncrypt = "test.txt"
$FileOutput = "Encrypted.file"
$ALG = $CALG_AES_128 ;encryption algorithm
While 1
    $PasswordToEncryptWith = InputBox("Enter password", "Enter password that is used to encrypt the file/folder." & @CRLF & "That password will be saved into the encrypted files its self")
    If $PasswordToEncryptWith > "" Then
        ExitLoop
    Else
        Exit
    EndIf
WEnd
_Crypt_EncryptFile ($FileToEncrypt, $FileOutput, $PasswordToEncryptWith,$ALG)
FileWriteLine ($FileOutput,@CRLF & $PasswordToEncryptWith)

I use this to encrypt

ad to decrypt, i use

#include <Crypt.au3>
#include <File.au3>

$FileToDecrypt = "Encrypted.file"
$DecryptTo = "Decrypted.txt"
$ALG = $CALG_AES_128 ;encryption algorithm
$PasswordToDecryptWith = FileReadLine ($FileToDecrypt,-1) ;read last line password
$ReadOutput = FileRead ($FileToDecrypt)
$NewFileText = StringReplace ($ReadOutput,@CRLF & $PasswordToDecryptWith,"")
FileDelete ($FileToDecrypt)
FileWrite ($FileToDecrypt,$NewFileText)
_Crypt_DecryptFile ($FileToDecrypt ,$DecryptTo, $PasswordToDecryptWith,$ALG)

But when i open the file, all i see is ÿÿÿÿ

Does that mean i cant write to encrypted file without screwing it up or do i need to change writing  method ?

I want to store encryption algorith and password encrypted into encrypted file. It seem to be the only safe place to store password and care less about loosing it because its built into the encrypted file

Share this post


Link to post
Share on other sites



#4 ·  Posted (edited)

THe password written into the encrypted file is also encrypted.

Ok i think i found the problem.

But now i have another problem with writing the password into the encrypted file.

I use :

_Crypt_EncryptFile ($FileToEncrypt, $FileOutput, $PasswordToEncryptWith,$ALG)
$Lines = _FileCountLines($FileToEncrypt)
MsgBox(0,'',$Lines)

Msgbox says 4. Why is that ? There is only 1 line in the entire encrypted file (according to text editor).

Edited by tonycst

Share this post


Link to post
Share on other sites

OK solved

This is to encrypt

#include <Crypt.au3>
#include <File.au3>

$FileToEncrypt = "test.txt"
$FileOutput = "Encrypted.file"
$ALG = $CALG_AES_128 ;encryption algorithm
While 1
    $PasswordToEncryptWith = InputBox("Enter password", "Enter password that is used to encrypt the file/folder." & @CRLF & "That password will be saved into the encrypted files its self")
    If $PasswordToEncryptWith > "" Then
        ExitLoop
    Else
        Exit
    EndIf
WEnd
_Crypt_EncryptFile ($FileToEncrypt, $FileOutput, $PasswordToEncryptWith,$ALG)
FileWrite ($FileOutput,@CRLF & $PasswordToEncryptWith)

and this is to decrypt

#include <Crypt.au3>
#include <File.au3>

$FileToDecrypt = "Encrypted.file"
$DecryptTo = "Decrypted.txt"
$ALG = $CALG_AES_128 ;encryption algorithm
$PasswordToDecryptWith = FileReadLine ($FileToDecrypt,-1) ;read last line password
$FileOpen = FileOpen ($FileToDecrypt)
$FileRead = FileRead ($FileOpen)
$RemovedPassword = StringReplace ($FileRead,@CRLF & $PasswordToDecryptWith, "")
FileClose ($FileOpen)
FileDelete ($FileToDecrypt)
$NewFileToDecrypt = FileWrite ($FileToDecrypt,$RemovedPassword)
_Crypt_DecryptFile ($FileToDecrypt ,$DecryptTo, $PasswordToDecryptWith,$ALG)

Password stored into file is not encrypted at this point just for the references purpose and am SURE this script is way to complicated for such simple task so ill make it smaller as i learn.

Thanks !

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

THe password written into the encrypted file is also encrypted.

Still doesnt beat even the most lazy of circumvention, even if you bury the password.  At some point in the transmission and decryption the user is going to have 2 files with which they can easily diff the password string. Unless the receiver has to have a separate secret key to decrypt the password, in which case you should have just exchanged that original password, instead of the password for the password.

Edited by boththose

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

I can see where you come from.

Password1 for password2 is basically what it is, but password1 is not the same as password2. Password1 is stored into the script as already encrypted string.

Its a layer of protection.

Think about it. Its possible to crack a password when its nothing but a string (talking about compiled executable) But when executable is asking for a string that matches decryption output, its a totally different approach and the string that would be accepted cannot be extracted from the executable even if disassembled and hex edited because its encrypted with who knows what password and algorithm.

The only thing id worry about is getting the decrypted password wiped from the RAM so it cant be dumped. Do i just do assign blank values to all variables that had password stored ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now