Muhammad_Awais_Sharif

is it a good option to use _Crypt_DecryptData for a small password manager utility

1 post in this topic

is it a good option to use _Crypt_DecryptData for a small password manager utility for personal use ?

 

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • Fenzik
      By Fenzik
      ; Title .........: Password
      ; AutoIt Version : 3.3.14.2
      ; Description ...: UDF to work with passwords. Mostly ported from Javascript at http:rumkin.com/tools/password/passchk.php and improved a bit
      ; Author(s) .....: Fenzik + Team Adaptech
      ; #CURRENT# =====================================================================================================================
      ;_Password_Generate
      ;_Password_GetcharsetSize
      ;_Password_GetEntropy
      ;_Password_IsCommonWord
      ;_Password_Startup
      ; ===============================================================================================================================
       
      It's my first UDF so please be nice.:)
       
      If somebody have better idea how to store common dictionary and frequency table please post here...
       
      Have fun!
       
      Fenzik
       
      Password.zip
    • Codefuser
      By Codefuser
      I am writing an obfuscator currently with quite a few features, as I have found no good obfuscators yet that are complex enough to be nearly impossible to deobfuscate (as of course it is impossible to reach a 100% level of obfuscation where no one can deobfuscate it).
      Current obfuscation methods include flow obfuscation, string encryption, proxy calls, unique renaming scheme (create gibberish WinAPI like name), junk codes, and removing all functions (merging them with the main script), traps to prevent automated deobfuscation, debugger detection, VM detection, moving strings to other parts of scripts (functions, proxy strings, etc), exit if not compiled, file integrity check. Decompile protection is also added (nothing that violates the reverse engineering clause of the ToS, I am using a PE loader with protections built into it.)
      Does anyone have any ideas for more obfuscation methods to add?
       
    • NewVersionTester
      By NewVersionTester
      Hi,
      please have a look at this vulnerability: https://packetstormsecurity.com/files/137077/AutoIT-3-DLL-Hijacking.html
       
      You have not replied for months, so it is already public now.
    • giangnguyen
      By giangnguyen
      I am looking for a way to set up either VIRTUAL_PROTECT or PAGE_GUARD for memory protection. I currently don't know how to do this, I have made the encryption for my EXE Protector, the RunPE module, and basically everything that I need. I also have made an advanced obfuscation tool, which I might release here on the forums in the future, to make sure the code is impossible to be understood. However, people can dump the original EXE from memory when I am injecting it. So how would I implement VIRTUAL_PROTECT, PAGE_GUARD or other methods of protecting memory?
    • 09stephenb
      By 09stephenb
      How secure is:

      _Crypt_EncryptFile _Crypt_DecryptFile I understand the strength of encryption is mainly down to the algorithm and password, but I’m not referring to either of these, I am looking to find out how strong the code behind crypt it.

      I have noticed when encrypting a file, it uses a “.tmp” file while encrypting. In my experience a “.tmp” file is temporary and is deleted after use. But does this file contain any data that is related to the file being encrypted, or worse the password itself. Even though the file is deleted, it could possibly be recovered with a tool like: https://www.piriform.com/recuva.

      I'm not quite sure if this is a potential security threat, and if anyone could say if it is or not then that would be much appreciated.