Sign in to follow this  
Followers 0
Tumulus

Help with Hash

6 posts in this topic

I am creating a script that changes important account information, including passwords and usernames, but I can't take the input from a user at runtime. I could get the script to work with the information included in variables, but that is a security risk we want to avoid. As far as I can tell, _Crypt_HashData or possible _Crypt_EncryptData are how I would go about this. I looked at the help file and I am struggling to understand the implementation. 

Do I need an external document with the info? That would present the same issue. Do I need to create the variable and then run the function in another script and then add it in? I am quite lost.

Could somone give me a basic step-by-step rundown? 

Share this post


Link to post
Share on other sites



You would use EncryptData to do what you want. What you're going to need is a crypt key that is used to encrypt and decrypt the information.

#include <Crypt.au3>

_Crypt_Startup()
Global $sCryptKey = "EncryptThisData"
Global $sUsername = _Crypt_EncryptData("FakeUsername2016", $sCryptKey, $CALG_AES_256)
Global $sPassword = _Crypt_EncryptData("!FakePassword2016", $sCryptKey, $CALG_AES_256)

MsgBox("", "Encrypted Data", "Username: " & $sUsername & @CRLF & "Password: " & $sPassword)

$sUsername = BinaryToString(_Crypt_DecryptData($sUsername, $sCryptKey, $CALG_AES_256))
$sPassword = BinaryToString(_Crypt_DecryptData($sPassword, $sCryptKey, $CALG_AES_256))

MsgBox("", "Decrypt Data", "Username: " & $sUsername & @CRLF & "Password: " & $sPassword)

_Crypt_Shutdown()

You could still store the information in encrypted variables and decrypt them when you need to check it. Your information will still be stored in variables but they'll at least be somewhat protected.

Another alternative is use a database to store all of your information (all of your account information). There is a way to use sqlite to encrypt all of your information and just have the script (user) access the database when it needs it. Prompting the user for the password to access the encrypted database. Wrong password should return an error. What this would mean is to access the database the user needs to give the proper password which is not saved inside of your program. I haven't used it before, I've only seen a couple of topics.

1 person likes this

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

@Tumulus if you search the forum you will find where this has been discussed ad nauseam. In short, you cannot completely protect you script from anyone determined enough (or even half-heatedly interested enough) to get it. If you need that level of security, AutoIt is not the way to go. See some of the threads below as examples:

 

 

 

 

That being said, if you are interested in the encrypting functions they all come with pretty decent examples in the help file. What have you tried on your own? What is not working for you?

 

Edited by JLogan3o13

√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites

For password hashing:  secure is one-way encryption :sweating:

Currently I can not break it!
But it is not safe to check with AutoIt, it's too easy to be bypass!

Anyway, use MD5 or SHA1/512 to encryption for your password!


Regards,
 

Share this post


Link to post
Share on other sites

Thanks guys. @InunoTaishou That is a nice little example there. the syntax makes a lot more sense, and from that I can grasp the implementation.

Also, I understand that AutoIT isn't the most secure, and we will look at some other solutions. Really though, the big goal is to not have the passwords show up in various i house admin tools that run using administrator credentials and the security risk isn't so great as to stop using them. Those threads were really interesting though, and made me aware of some risks that I did not understand. Good links.

Share this post


Link to post
Share on other sites

Got it to work! Thanks @InunoTaishou the example was perfect.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • Valnurat
      By Valnurat
      Hi.
      A user have to be a member of specific groups. If the user is a member of 1 of the below groups it has to a member of "Mailuser_". If not then I need to add user to the "Mailuser_".
      But how can I search in the array. In the code I do If...then, but it will just jump to my next if...then and search in that "index". But that is not what I want. It seems that I have to do a new For...To, right? But there have to be a easier way to do this.
       
      Func FindADInfo() Local $sUsersSource, $sBackupFolder, $sSiteHomePath, $sFileOpenDialog Local $aSamAccountName[1][1], $aTempSamAccountName[1] For $i = 0 to UBound($aAllMailSites) - 1 if $aAllMailSites[$i] <> "" then if $bDebugMode Then ConsoleWrite("Collecting AD info for " & StringRight($aAllMailSites[$i], 2) & StringMid($aAllMailSites[$i], StringInStr($aAllMailSites[$i], ",") - 2, 2) & @CRLF) Else _FileWriteLog($hFile, "Collecting AD info for " & StringRight($aAllMailSites[$i], 2) & StringMid($aAllMailSites[$i], StringInStr($aAllMailSites[$i], ",") - 2, 2)) EndIf $aSamAccountName = _AD_GetObjectsInOU($aAllMailSites[$i] & ",OU=company,DC=AD,DC=company,DC=ORG", "(&(objectcategory=person)(objectclass=user))",2, "sAMAccountName,distinguishedName,displayname", "displayname") _ArrayDelete($aSamAccountName, 0) for $x = 0 to UBound($aSamAccountName) -1 if StringInStr($aSamAccountName[$x][1],"Resources") = 0 Then local $aUserGroups = _AD_GetUserGroups($aSamAccountName[$x][1]) _ArrayDisplay($aUserGroups,$aSamAccountName[$x][0]) if IsArray($aUserGroups) Then for $y = 1 to UBound($aUserGroups) -1 ;MsgBox(0,"",$aUserGroups[$y]) If StringInStr($aUserGroups[$y],"Office365_E3_SharedMailBox") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E3_OPP_EXO_SPO") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E3_OPP_EXO_SFBPLUS") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E3_OPP_EXO_SFB") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E3_OPP") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E3_FULL") <> 0 Or StringInStr($aUserGroups[$y],"Office365_E1_EXO") <> 0 Then If StringInStr($aUserGroups[$y],"Mailuser_") = 0 Then ConsoleWrite($aSamAccountName[$x][0] & " Add to mailgroup") EndIf EndIf Next EndIf EndIf Next EndIf Next EndFunc ;==>FindADInfo  
    • VaishnaviBUtpat
      By VaishnaviBUtpat
      <!DOCTYPE html> <html lang="en" xml:lang="en" style="height: 100%;" xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <style> * { margin: 0; padding: 0; } .th-lk { color: #3665d0; font-family: Arial; font-size: small; text-decoration: none; } .th-lk { vertical-align: 0px; } .th-menu2 .th-lk { line-height: 2em; margin-bottom: 0px; margin-right: 0px; overflow: hidden; padding: 0; text-decoration: none; text-overflow: ellipsis; white-space: nowrap; width: 100%; } .th-menu2 .th-lk { color: black; font-weight: bold; } .th-menu2 > li > .th-lk { display: block; padding-left: 8px; width: auto; } .th-menu2 .th-menu2-sub-item .th-lk, .th-menu2 .th-menu2-sub-item-hov .th-lk { margin-right: 20px; } .th-menu2-sub-item { position: relative !important; } .th-menu2 .th-menu2-item, .th-menu2 .th-menu2-item-hov, .th-menu2 .th-menu2-sub-item, .th-menu2 .th-menu2-sub-item-hov { background-repeat: repeat-x; border-left-style: solid; border-left-width: 1px; border-right-style: solid; border-right-width: 1px; border-top-style: solid; border-top-width: 1px; height: 2em; list-style: none; margin-bottom: 0px; padding: 0; width: 100%; } .th-menu2 .th-menu2-item, .th-menu2 .th-menu2-item-hov, .th-menu2 .th-menu2-sub-item, .th-menu2 .th-menu2-sub-item-hov { background-color: #ECECEC; background-image: url(sap_skins/default/styling/lshape/chg_butt_det_nav.gif); border-left-color: #d3d1ce; border-right-color: #d3d1ce; border-top-color: #d3d1ce; border-top-width: 0px; } .th-menu2 { border: 0 solid black; left: 0px; list-style: none; margin: 0; padding: 0; position: relative; } .th-menu2 { z-index: 10006; } .th-menu2 { background-color: white; } div { zoom: 1; } .th-sc-content { left: 0px; position: absolute; top: 0px; } .th-sc-container { left: 0px; overflow: hidden; position: relative; top: 0px; } .th-sc-top { position: relative; } .th-sc-top, .th-sc-content, .th-sc-container, .th-sc-buttondown, .th-sc-buttonup { width: 172px; } .th-sc-buttonup, .th-sc-container { z-index: 10101; } .th-sc-top { z-index: 10100; } body, td, th { font-family: Arial,Helvetica,sans-serif; font-size: small; } .th-l-navcontainer, .th_l_downcontainer { border-right-style: solid; border-right-width: 1px; width: 172px; } .th-l-navcontainer, .th_l_downcontainer { background-color: white; border-right-color: #d3d1ce; } body, html { margin: 0px; border: 0; margin: 0; } </style> </head> <body><form name="myFormId" id="myFormId" action="/sap(ZT1TVVJEWDFWVFVsOWZYMTlmTWpNNU9UWmZXWTlwZG5telZ1RGhBSUFBQ3Nyc2tBPT0=)/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=100&amp;sap-language=EN&amp;sap-domainrelax=min" method="post" target="WorkAreaFrame2"><div class="th-ajax-area" id="rootAreaDiv"><div id="C1_W1_V2" tgt="" dhe="false"><table width="100%" style="table-layout: fixed;" cellspacing="0" cellpadding="0"><tbody><tr><td><table width="100%" style="table-layout: fixed;" cellspacing="0" cellpadding="0"><tbody><tr valign="top"><td class="th-l-navcontainer" id="th_l_navcontainer"><div class="th-sc-top" id="C1_W1_V2_thescroll" style="height: 786px;"><div class="th-sc-container" id="C1_W1_V2_thescroll_scbox" style="height: 786px;"><div class="th-sc-content" id="C1_W1_V2_thescroll_sccontent"><div class="th-ajax-area" id="C1_W1_V2_$navbar"><div id="C7_W35_V36" tgt="" dhe="true" excevt="" intevt="c:C7_W35_V36:C1_W1_V2_C7_W35_V36_MainNavigationLinks.do;" automode="true"><div class="th-ajax-area" id="C1_W1_V2_C7_W35_V36_MainNavigationLinks.do"><ul class="th-menu2" id="C7_W35_V36_mainmenu" style="width: 171px;"><li class="th-menu2-sub-item"><a title="Sales Cycle" class="th-lk" id="C7_W35_V36_UTL-SLS" onclick="htmlbSubmitLib('htmlb',this,'thtmlb:link:click:0','myFormId','C7_W35_V36_UTL-SLS','UTL\x2dSLS\x2dWC',0);return false" onfocus="thSaveKbFocus(this);" oncontextmenu="return false;" href="javascript:void(0)">Sales Cycle</a></li></ul></div></div></div></div></div></div></td></tr></tbody></table></td></tr></tbody></table></div></div></form></body> </html> How to capture above HTML element using AutoIT
    • cu0x
      By cu0x
      Hello guys,
       
      im trying to solved a problem that I have.
       
      Need to get some chinese text from an old Wise script, and in the wise file says f.e. Ù×÷ϵͳ¡£ ÇëÉý¼¶Ä. Is there any way to convert it to traditional chinese?
       
      Already tryied the following code...
       
      #include <MsgBoxConstants.au3> Example() Func Example() ; Define the string that will be converted later. ; NOTE: This string may show up as ?? in the help file and even in some editors. ; This example is saved as UTF-8 with BOM. It should display correctly in editors ; which support changing code pages based on BOMs. Local Const $sString = "Ù×÷ϵͳ¡£ ÇëÉý¼¶Ä" ; Temporary variables used to store conversion results. $dBinary will hold ; the original string in binary form and $sConverted will hold the result ; afte it's been transformed back to the original format. Local $dBinary = Binary(""), $sConverted = "" ; Convert the original UTF-8 string to an ANSI compatible binary string. $dBinary = StringToBinary($sString) ; Convert the ANSI compatible binary string back into a string. $sConverted = BinaryToString($dBinary) ; Display the resulsts. Note that the last two characters will appear ; as ?? since they cannot be represented in ANSI. DisplayResults($sString, $dBinary, $sConverted, "ANSI") ; Convert the original UTF-8 string to an UTF16-LE binary string. $dBinary = StringToBinary($sString, 2) ; Convert the UTF16-LE binary string back into a string. $sConverted = BinaryToString($dBinary, 2) ; Display the resulsts. DisplayResults($sString, $dBinary, $sConverted, "UTF16-LE") ; Convert the original UTF-8 string to an UTF16-BE binary string. $dBinary = StringToBinary($sString, 3) ; Convert the UTF16-BE binary string back into a string. $sConverted = BinaryToString($dBinary, 3) ; Display the resulsts. DisplayResults($sString, $dBinary, $sConverted, "UTF16-BE") ; Convert the original UTF-8 string to an UTF-8 binary string. $dBinary = StringToBinary($sString, 4) ; Convert the UTF8 binary string back into a string. $sConverted = BinaryToString($dBinary, 4) ; Display the resulsts. DisplayResults($sString, $dBinary, $sConverted, "UTF8") EndFunc ;==>Example ; Helper function which formats the message for display. It takes the following parameters: ; $sOriginal - The original string before conversions. ; $dBinary - The original string after it has been converted to binary. ; $sConverted- The string after it has been converted to binary and then back to a string. ; $sConversionType - A human friendly name for the encoding type used for the conversion. Func DisplayResults($sOriginal, $dBinary, $sConverted, $sConversionType) MsgBox($MB_SYSTEMMODAL, "", "Original:" & @CRLF & $sOriginal & @CRLF & @CRLF & "Binary:" & @CRLF & $dBinary & @CRLF & @CRLF & $sConversionType & ":" & @CRLF & $sConverted) EndFunc ;==>DisplayResults Thanks a lot!
    • nacerbaaziz
      By nacerbaaziz
      Hi dear
      I want create retractable bar using autoit
      I tried creating slider, but there's a problem with screen reader for the blind, so is there another retractable tape?
      It is advisable to not accept dragging with the keybord only with  mouse
      note:
      This bar is needed in the process of raising and lowering the volume
      I hope that there is a solution to do that
      i waiting your responses.
      Thanks in advance to all members and administrators
    • XanzyX
      By XanzyX
      Is there a function out there that will edit an existing file witha a "Save" and "Cancel" at the bottom?
      Example: Funcrion("TestFile.txt")