jdelaney Posted June 23, 2017 Share Posted June 23, 2017 (edited) I was bored, and wanted to create a little app to store my passwords. When you create a user, the password is used, along with a guid as a salt, to create a hash. Then the same password is used with another guid for each login credential you save. I'd like some opinions on this, but because the encryption password is not stored anywhere, it makes everything as strong as the encryption method is weak as well as how strong the password you pick is. Everything is stored into a human readable INI, but the URL, Login name, and login password are all encrypted (so you can't tell where, or what the login is for). It's probably not nearly as secure as some freeware out there, but it was also a fun logic challenge. I'm going to enhance it to web craw and perform logins as well using my signature items. Should be fun. Once logged in, the combo stores all the current URLs you have logins for (currently can only have one per site). The small button next to that combo will attach to the top most IE, and populate the combo...If you have a login for that URL, then it will auto populate the credentials to the gui...the first edit is for the user, the second is for the password. When 'Save'd, the small button next to the password will enable...clicking it will unencrypted the password to your copy buffer. I think I got all the logical quirks worked out. expandcollapse popup#include <GUIConstantsEx.au3> #include <EditConstants.au3> #include <Crypt.au3> #include <Array.au3> #include <IE.au3> #include <GuiComboBoxEx.au3> $sINI = "StoredData.ini" $bLoggedIn = False Global $sUser = "" Global $sPass = "" Global Enum $iURLs_SectionName,$iURLs_Dec,$iURLs_UBound Global $aURLS Global $aLogins Global $iLastURL = "" ;~ $o = ObjCreate("Scriptlet.TypeLib") ;~ ConsoleWrite($o.Guid & @crlf) $sINI_Logins_Section = "Logins" $sINI_Logins_Section_LastLogin = "LastLogin" $sINI_User_Hash = "User_Hash" $sINI_User_Salt = "User_Salt" $sINI_User_User = "User_User" $sINI_User_Pass = "User_Pass" $sINI_User_FullURL="User_FullURL" $iBuffer = 10 $iWidth = 600 $iCtrlHeight = 20 $iMicroWidth = 20 $iShortWidth = $iWidth - $iBuffer - $iMicroWidth $hGui = GUICreate("Lockup",$iWidth+$iBuffer*2,200) $iLoginCtrlCount = 0 $iLogin_Combo = GUICtrlCreateCombo("",$iBuffer,($iLoginCtrlCount*$iCtrlHeight)+(($iLoginCtrlCount+1)*$iBuffer),$iWidth,$iCtrlHeight) $iLoginCtrlCount+=1 $iLogin_Pass = GUICtrlCreateInput("",$iBuffer,($iLoginCtrlCount*$iCtrlHeight)+(($iLoginCtrlCount+1)*$iBuffer),$iWidth,$iCtrlHeight,$ES_PASSWORD) $iLoginCtrlCount+=1 $iLogin_Action = GUICtrlCreateButton("Login",$iBuffer,($iLoginCtrlCount*$iCtrlHeight)+(($iLoginCtrlCount+1)*$iBuffer),$iWidth,$iCtrlHeight) ControlDisable($hGui,"",$iLogin_Action) $a = WinGetPos($hGui) $a2 = WinGetClientSize($hGui) $iGuiTitleHeight = $a[3]-$a2[1] $iGuiWidth = $a[2] $iLogin_Height = $iGuiTitleHeight+((1+$iLoginCtrlCount)*$iCtrlHeight)+(($iLoginCtrlCount+2)*$iBuffer) WinMove($hGui,"",$a[0],$a[1],$iGuiWidth,$iLogin_Height) PopulateLogin($hGui,$iLogin_Combo) $iLoggedInCtrlCount = 0 $iLoggedIn_Combo = GUICtrlCreateCombo("",$iBuffer,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iShortWidth,$iCtrlHeight) $iLoggedIn_ComboB = GUICtrlCreateButton("",$iBuffer*2+$iShortWidth,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iMicroWidth,$iCtrlHeight) $iLoggedInCtrlCount+=1 $iLoggedIn_User = GUICtrlCreateInput("",$iBuffer,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iShortWidth,$iCtrlHeight) $iLoggedIn_UserB = GUICtrlCreateButton("",$iBuffer*2+$iShortWidth,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iMicroWidth,$iCtrlHeight) ControlDisable($hGui,"",$iLoggedIn_UserB) $iLoggedInCtrlCount+=1 $iLoggedIn_Pass = GUICtrlCreateInput("",$iBuffer,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iShortWidth,$iCtrlHeight,$ES_PASSWORD) $iLoggedIn_PassB = GUICtrlCreateButton("",$iBuffer*2+$iShortWidth,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iMicroWidth,$iCtrlHeight) ControlDisable($hGui,"",$iLoggedIn_PassB) $iLoggedInCtrlCount+=1 $iLogggedIn_Action = GUICtrlCreateButton("Save",$iBuffer,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iWidth/2-$iBuffer,$iCtrlHeight) ControlDisable($hGui,"",$iLogggedIn_Action) $iLogggedIn_ActionB = GUICtrlCreateButton("Login",$iBuffer,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iWidth/2-$iBuffer,$iCtrlHeight) ControlDisable($hGui,"",$iLogggedIn_ActionB) $iLogggedIn_Logout = GUICtrlCreateButton("Logout",$iWidth/2+$iBuffer*2,($iLoggedInCtrlCount*$iCtrlHeight)+(($iLoggedInCtrlCount+1)*$iBuffer),$iWidth/2-$iBuffer,$iCtrlHeight) $iLoggedIn_Height = $iGuiTitleHeight+((1+$iLoggedInCtrlCount)*$iCtrlHeight)+(($iLoggedInCtrlCount+2)*$iBuffer) SetControlStates($bLoggedIn) GUICtrlSetResizing($iLogin_Combo,$GUI_DOCKALL) GUICtrlSetResizing($iLogin_Pass,$GUI_DOCKALL) GUICtrlSetResizing($iLogin_Action,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_Combo,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_ComboB,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_User,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_Pass,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_UserB,$GUI_DOCKALL) GUICtrlSetResizing($iLoggedIn_PassB,$GUI_DOCKALL) GUICtrlSetResizing($iLogggedIn_Action,$GUI_DOCKALL) GUICtrlSetResizing($iLogggedIn_ActionB,$GUI_DOCKALL) GUICtrlSetResizing($iLogggedIn_Logout,$GUI_DOCKALL) GUISetState(@SW_SHOW, $hGui) While 1 $i = GUIGetMsg() If $i Then If Not $bLoggedIn Then $s2 = ControlGetText($hGui,"",$iLogin_Combo) $s3 = ControlGetText($hGui,"",$iLogin_Pass) $b1 = StringLen($s2) $s1 = ControlCommand($hGui,"",$iLogin_Combo,"GetCurrentSelection","") $b2 = StringLen($s3) $b3 = ControlCommand($hGui,"",$iLogin_Action,"IsEnabled") If ($b1 And $b2) <> $b3 Then If $b3 Then ControlDisable($hGui,"",$iLogin_Action) Else ControlEnable($hGui,"",$iLogin_Action) EndIf EndIf Switch $i Case $GUI_EVENT_CLOSE ExitLoop Case $iLogin_Action If Login($s2,$s3) Then Global $sUser = $s2 Global $sPass = $s3 $bLoggedIn = True $iLastURL = "" SetControlStates($bLoggedIn) EndIf EndSwitch Else Local $1 = ControlGetText($hGui,"",$iLoggedIn_Combo) Local $2 = ControlGetText($hGui,"",$iLoggedIn_User) Local $3 = ControlGetText($hGui,"",$iLoggedIn_Pass) $b4 = ControlCommand($hGui,"",$iLogggedIn_Action,"IsEnabled") $b1 = StringLen($1) $b2 = StringLen($2) $b3 = StringLen($3) If ($b1 And $b2 And $b3) <> $b4 Then If $b4 Then ControlDisable($hGui,"",$iLogggedIn_Action) Else ControlEnable($hGui,"",$iLogggedIn_Action) EndIf EndIf Local $sTemp = StringRegExpReplace(ControlGetText($hGui,"",$iLoggedIn_Combo),"(https?\://)([^/]+)(.*)","$2") Switch $i Case $GUI_EVENT_CLOSE ExitLoop Case $iLogggedIn_Logout $bLoggedIn = False Global $sUser = "" Global $sPass = "" Global $aURLS $iLastURL = "" SetControlStates($bLoggedIn) Case $iLoggedIn_Combo Or StringLen($sTemp) And $sTemp<>$iLastURL Local $iSelectedURL = _ArraySearch($aURLS,$sTemp,0,0,0,2,1,$iURLs_Dec) If Not ($iLastURL == $sTemp) Then Global $iLastURL = $sTemp If $iSelectedURL >= 0 Then If ControlCommand($hGui,"",$iLoggedIn_User,"IsEnabled") Then ControlDisable($hGui,"",$iLoggedIn_User) EndIf If ControlCommand($hGui,"",$iLoggedIn_Pass,"IsEnabled") Then ControlDisable($hGui,"",$iLoggedIn_Pass) EndIf If Not ControlCommand($hGui,"",$iLoggedIn_PassB,"IsEnabled") Then ControlEnable($hGui,"",$iLoggedIn_PassB) EndIf If Not ControlCommand($hGui,"",$iLogggedIn_ActionB,"IsVisible") Then ControlHide($hGui,"",$iLogggedIn_Action) ControlDisable($hGui,"",$iLogggedIn_Action) ControlShow($hGui,"",$iLogggedIn_ActionB) ControlEnable($hGui,"",$iLogggedIn_ActionB) EndIf ControlCommand($hGui,"",$iLoggedIn_Combo,"SetCurrentSelection",$iSelectedURL) ControlSetText($hGui,"",$iLoggedIn_User,GetUserLogin_User($aURLS[$iSelectedURL][$iURLs_SectionName])) ControlSetText($hGui,"",$iLoggedIn_Pass,IniRead($sINI,$aURLS[$iSelectedURL][$iURLs_SectionName],$sINI_User_Pass,"")) Else ControlSetText($hGui,"",$iLoggedIn_User,"") ControlSetText($hGui,"",$iLoggedIn_Pass,"") If Not ControlCommand($hGui,"",$iLoggedIn_User,"IsEnabled") Then ControlEnable($hGui,"",$iLoggedIn_User) EndIf If Not ControlCommand($hGui,"",$iLoggedIn_Pass,"IsEnabled") Then ControlEnable($hGui,"",$iLoggedIn_Pass) EndIf If ControlCommand($hGui,"",$iLoggedIn_PassB,"IsEnabled") Then ControlDisable($hGui,"",$iLoggedIn_PassB) EndIf If ControlCommand($hGui,"",$iLogggedIn_ActionB,"IsVisible") Then ControlShow($hGui,"",$iLogggedIn_Action) ControlEnable($hGui,"",$iLogggedIn_Action) ControlHide($hGui,"",$iLogggedIn_ActionB) ControlDisable($hGui,"",$iLogggedIn_ActionB) EndIf EndIf EndIf Case $iLogggedIn_Action Local $1 = ControlGetText($hGui,"",$iLoggedIn_Combo) Local $2 = ControlGetText($hGui,"",$iLoggedIn_User) Local $3 = ControlGetText($hGui,"",$iLoggedIn_Pass) If CreateUserLogin($1,$2,$3) Then EndIf Case $iLogggedIn_ActionB ; eventually DOM browse, and login MsgBox(1,"Login","Not avaialable yet") Case $iLoggedIn_ComboB Local $hIE = WinGetHandle("[CLASS:IEFrame]") $oIE = _IEAttach($hIE,"HWND") If IsObj($oIE) Then Local $sURL = _IEPropertyGet($oIE,"locationurl") Local $sShortURL = StringRegExpReplace($sURL,"(https?\://)([^/]+)(.*)","$2") If IsArray($aURLS) And _ArraySearch($aURLS,$sShortURL,0,0,0,0,1,1)>=0 Then ControlSetText($hGui,"",$iLoggedIn_Combo,$sShortURL) Else ControlSetText($hGui,"",$iLoggedIn_Combo,$sURL) EndIf EndIf Case $iLoggedIn_PassB GetUserLogin_Pass($aURLS[$iSelectedURL][$iURLs_SectionName]) EndSwitch EndIf EndIf WEnd Func CreateUserLogin($sFullURL,$sUserLogin,$sUserPassword) Local $o = ObjCreate("Scriptlet.TypeLib") Local $sSalt = $o.Guid If StringLen($sSalt)<20 Then MsgBox(1,1,"Failed to create Guid",5) Exit EndIf Local $sShortURL = StringRegExpReplace($sFullURL,"(https?\://)([^/]+)(.*)","$2") If IsArray($aURLS) And _ArraySearch($aURLS,$sShortURL,0,0,0,0,1,1)>=0 Then MsgBox(1,"One Login Only","Currently only allowing one login per URL.") Return EndIf ConsoleWrite("CreateUserLogin " & $sShortURL & @CRLF) _Crypt_Startup() Local $hKey = _Crypt_HashData(String($sPass & $sSalt),$CALG_SHA1) Local $eUser = _Crypt_EncryptData($sUserLogin,$hKey,$CALG_AES_256) Local $ePass = _Crypt_EncryptData($sUserPassword,$hKey,$CALG_AES_256) Local $eFullURL = _Crypt_EncryptData($sFullURL,$hKey,$CALG_AES_256) ConsoleWrite($sShortURL & @CRLF) Local $eShortURL = _Crypt_EncryptData($sShortURL,$hKey,$CALG_AES_256) IniWrite($sINI,$sUser & "_" & $eShortURL,$sINI_User_Salt,$sSalt) IniWrite($sINI,$sUser & "_" & $eShortURL,$sINI_User_User,$eUser) IniWrite($sINI,$sUser & "_" & $eShortURL,$sINI_User_Pass,$ePass) IniWrite($sINI,$sUser & "_" & $eShortURL,$sINI_User_FullURL,$eFullURL) ControlDisable($hGui,"",$iLoggedIn_User) ControlDisable($hGui,"",$iLoggedIn_Pass) ControlEnable($hGui,"",$iLoggedIn_PassB) ControlSetText($hGui,"",$iLoggedIn_Combo,$sShortURL) ControlDisable($hGui,"",$iLogggedIn_Action) ControlHide($hGui,"",$iLogggedIn_Action) ControlEnable($hGui,"",$iLogggedIn_ActionB) ControlShow($hGui,"",$iLogggedIn_ActionB) PopulateURLArray($hGui,$iLoggedIn_Combo,$sUser) _Crypt_Shutdown() EndFunc Func GetUserLogin_Pass($sSectionName) Local $sSalt = IniRead($sINI,$sSectionName,$sINI_User_Salt,Default) If $sSalt == Default Then Return False EndIf Local $ePass = IniRead($sINI,$sSectionName,$sINI_User_Pass,Default) _Crypt_Startup() Local $hKey = _Crypt_HashData(String($sPass & $sSalt),$CALG_SHA1) Local $sUserPassword = _Crypt_DecryptData(Binary($ePass),$hKey,$CALG_AES_256) _Crypt_Shutdown() ClipPut(BinaryToString($sUserPassword)) EndFunc Func GetUserLogin_User($sSectionName) Local $sSalt = IniRead($sINI,$sSectionName,$sINI_User_Salt,Default) If $sSalt == Default Then Return False EndIf Local $eUser = IniRead($sINI,$sSectionName,$sINI_User_User,Default) _Crypt_Startup() Local $hKey = _Crypt_HashData(String($sPass & $sSalt),$CALG_SHA1) Local $sURLUser = BinaryToString(_Crypt_DecryptData(Binary($eUser),$hKey,$CALG_AES_256)) _Crypt_Shutdown() Return $sURLUser EndFunc Func Login($s,$s2) Local $i = 1 If UBound($aLogins) > 1 Then $i = Number($aLogins[UBound($aLogins)-1][0]) + 1 EndIf If _ArraySearch($aLogins,$s,0,0,0,0,1,1)>0 Then Local $sHash = IniRead($sINI,"Config_" & $s,$sINI_User_Hash,-1) Local $sSalt = IniRead($sINI,"Config_" & $s,$sINI_User_Salt,-1) _Crypt_Startup() Local $sHashed = _Crypt_HashData($s2 & $sSalt,$CALG_SHA1) _Crypt_Shutdown() If $sHashed == $sHash Then If IniRead($sINI,$sINI_Logins_Section_LastLogin,$sINI_Logins_Section_LastLogin,Default) <> $s Then IniWrite($sINI,$sINI_Logins_Section_LastLogin,$sINI_Logins_Section_LastLogin,$s) EndIf Return True EndIf MsgBox(1,1,"Already a login or wrong password.") Return False EndIf Local $o = ObjCreate("Scriptlet.TypeLib") Local $sSalt = $o.Guid If StringLen($sSalt)<20 Then MsgBox(1,1,"Failed to create Guid",5) Exit EndIf IniWrite($sINI,$sINI_Logins_Section,$i,$s) Global $aLogins = IniReadSection($sINI,$sINI_Logins_Section) _Crypt_Startup() Local $sHashed = _Crypt_HashData($s2 & $sSalt,$CALG_SHA1) _Crypt_Shutdown() IniWrite($sINI,"Config_" & $s,$sINI_User_Hash,$sHashed) IniWrite($sINI,"Config_" & $s,$sINI_User_Salt,$sSalt) PopulateLogin($hGui,$iLogin_Combo) Return True EndFunc Func SetControlStates($b) Local $a = WinGetPos($hGui) ControlSetText($hGui,"",$iLoggedIn_Combo,"") ControlSetText($hGui,"",$iLoggedIn_User,"") ControlSetText($hGui,"",$iLoggedIn_Pass,"") ControlSetText($hGui,"",$iLogin_Combo,"") ControlSetText($hGui,"",$iLogin_Pass,"") ControlDisable($hGui,"",$iLogin_Action) ControlDisable($hGui,"",$iLogin_Action) If $b Then ControlHide($hGui,"",$iLogin_Combo) ControlHide($hGui,"",$iLogin_Pass) ControlHide($hGui,"",$iLogin_Action) PopulateURLArray($hGui,$iLoggedIn_Combo,$sUser) ControlShow($hGui,"",$iLoggedIn_Combo) ControlShow($hGui,"",$iLoggedIn_User) ControlShow($hGui,"",$iLoggedIn_Pass) ControlShow($hGui,"",$iLoggedIn_ComboB) ControlShow($hGui,"",$iLoggedIn_UserB) ControlShow($hGui,"",$iLoggedIn_PassB) ControlShow($hGui,"",$iLogggedIn_Action) ControlHide($hGui,"",$iLogggedIn_ActionB) WinMove($hGui,"",$a[0],$a[1],$iGuiWidth,$iLoggedIn_Height) Else ControlShow($hGui,"",$iLogin_Combo) Local $sLastLogin = IniRead($sINI,$sINI_Logins_Section_LastLogin,$sINI_Logins_Section_LastLogin,Default) If Not ($sLastLogin = Default) Then Local $iLastLogin = ControlCommand($hGui,"",$iLogin_Combo,"FindString",$sLastLogin) ControlCommand($hGui,"",$iLogin_Combo,"SetCurrentSelection",$iLastLogin) EndIf ControlShow($hGui,"",$iLogin_Pass) ControlShow($hGui,"",$iLogin_Action) ControlHide($hGui,"",$iLoggedIn_Combo) ControlHide($hGui,"",$iLoggedIn_User) ControlHide($hGui,"",$iLoggedIn_Pass) ControlHide($hGui,"",$iLoggedIn_ComboB) ControlHide($hGui,"",$iLoggedIn_UserB) ControlHide($hGui,"",$iLoggedIn_PassB) ControlHide($hGui,"",$iLogggedIn_Action) ControlHide($hGui,"",$iLogggedIn_ActionB) WinMove($hGui,"",$a[0],$a[1],$iGuiWidth,$iLogin_Height) EndIf EndFunc Func PopulateLogin($hWin,$h) Global $aLogins = IniReadSection($sINI,$sINI_Logins_Section) Local $s = "" For $i = 1 To UBound($aLogins)-1 ControlCommand($hWin,"",$h,"AddString",$aLogins[$i][1]) Next EndFunc Func PopulateURLArray($hWin,$h,$user) Local $a = IniReadSectionNames($sINI) _ArrayDelete($a,0) For $i = 0 To UBound($a)-1 If StringInStr($a[$i],$user & "_") = 1 Then If _ArraySearch($aURLS,$a[$i],0,0,0,0,1,$iURLs_SectionName)>=0 Then ContinueLoop EndIf If IsArray($aURLS) Then ReDim $aURLS[UBound($aURLS)+1][$iURLs_UBound] Else Global $aURLS[1][$iURLs_UBound] EndIf $aURLS[UBound($aURLS)-1][$iURLs_SectionName] = $a[$i] $aURLS[UBound($aURLS)-1][$iURLs_Dec] = StringRight($a[$i],(StringLen($a[$i])-StringLen($user & "_"))) Local $sSalt = IniRead($sINI,$a[$i],$sINI_User_Salt,Default) _Crypt_Startup() Local $hKey = _Crypt_HashData(String($sPass & $sSalt),$CALG_SHA1) $aURLS[UBound($aURLS)-1][$iURLs_Dec] = BinaryToString(_Crypt_DecryptData(Binary($aURLS[UBound($aURLS)-1][$iURLs_Dec]),$hKey,$CALG_AES_256)) _Crypt_Shutdown() EndIf Next Local $aCurrent = _GUICtrlComboBoxEx_GetListArray($h) For $i = 0 To UBound($aURLS)-1 Local $bNew = True For $j = 1 To UBound($aCurrent)-1 If $aURLS[$i][$iURLs_Dec] == $aCurrent[$j] Then $bNew = False ExitLoop EndIf Next If $bNew Then ControlCommand($hWin,"",$h,"AddString",$aURLS[$i][$iURLs_Dec]) EndIf Next EndFunc Edited June 23, 2017 by jdelaney IEbyXPATH-Grab IE DOM objects by XPATH IEscriptRecord-Makings of an IE script recorder ExcelFromXML-Create Excel docs without excel installed GetAllWindowControls-Output all control data on a given window. Link to comment Share on other sites More sharing options...
Skeletor Posted July 13, 2017 Share Posted July 13, 2017 Looks good. Will test this and feedback jdelaney 1 Kind RegardsSkeletor "Coffee: my defense against going postal." Microsoft Office Splash Screen | Basic Notepad Program (Beginner) | Transparent Splash Screen | Full Screen UI Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now