Sign in to follow this  
Followers 0
wuruoyu

Is there a way to encrypt $vCryptKey string used by _Crypt_EncryptData()

3 posts in this topic

#1 ·  Posted (edited)

Is there a way to encrypt $vCryptKey string used by _Crypt_EncryptData()

In following example, the "secretkey" is $vCryptKey

$encryptedPW = _Crypt_EncryptData(StringToBinary($sString), "secretkey", $CALG_RC4)

The reason:

I want to use _Crypt_EncryptData() to encrypt password and store encrypted password to an INI file.

I am concern about the security risks that if the script is reverse engineered, because Au3Stripper does not strip strings, the "secretkey" is showing in plain text.

Thanks in advance.

 

 

Edited by wuruoyu

Share this post


Link to post
Share on other sites



You could generate the secret key based on some information from the local system. Like the bios software, hardware, or some unique id generated from the OS. This will make the encryption unique to just that computer so it will be decrypted unless the program is decompiled on that system

Here's some more system info functions

I think _ComputerGetOSs will give you the system product key, which you could use too

Share this post


Link to post
Share on other sites

Try 

Or you can double encrypt it.
The most reliable solution would be to obfuscate your script using an obfuscator/obfuscating it manually.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0