Jump to content

Recommended Posts

Hi all,

I am working on a GUI program to update Google's Dynamic DNS (API at https://support.google.com/domains/answer/6147083?authuser=1&hl=en if you scroll to bottom). I am not a programmer by any means - just a sysadmin who has picked up on some things along the way. I am sure that there's better ways to do a lot of things in this script; I'm just going with what I know.

My challenge right now is that I'd like a better way to store the credentials both in memory as well as in system registry or INI file (not sure which way I want to go for local storage). How should I convert the passwords to a secure string in a manner that can't be easily reversed, yet is still accessible to the script? Is that even an option in AutoIt?

Can anybody provide me with links to good reference posts, or coding suggestions for how best to achieve this in the script below? I am using the WinHTTP UDF (https://github.com/dragana-r/autoit-winhttp/releases) to make my API calls.


DIM $aDomainList[1][4]
$aDomainList[0][0] = 0

$gMainGUI = GUICreate("Overkill's Google DNS Updater",800,800)

    $gDomainLabel = GUICtrlCreateLabel("FQDN",21,8)
    $gDomainInput = GUICtrlCreateInput("",60,5,300)

    $gUserLabel = GUICtrlCreateLabel("Username",5,36)
    $gUserInput = GUICtrlCreateInput("",60,32,130,Default,BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD))

    $gPasswordLabel = GUICtrlCreateLabel("Password",6,64)
    $gPassInput = GUICtrlCreateInput("",60,60,130,Default,BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD))

    $gAddButton = GUICtrlCreateButton("ADD DOMAIN",200,31,160,52)

    $gCurrentIP = GUICtrlCreateLabel("Current IP: " & _CheckIP(),5,780)

    $gDomainList = GUICtrlCreateListView("Domain | Resolved IP | Update Status",5,120,600,600)


while 1

    $m = GUIGetMsg()
    IF $M = $GUI_EVENT_CLOSE then Exit

    IF $M = $gAddButton Then
        $sAddDomain = GUICtrlRead($gDomainInput)
        $sAddUser = GUICtrlRead($gUserInput)
        $sAddPass = GUICtrlRead($gPassInput)
        $sResolveIP = _DNSCheck($sAddDomain)

        ;Google wants you to avoid sending updates when there are no changes
        If StringCompare($sResolveIP,_CheckIP()) = 0 Then
            $sStatus = "No change, not sending update"
            $sStatus = _DNSUpdate($sAddDomain,$sAddUser,$sAddPass)

        ;Check to make sure all fields are completed before continuing
        IF StringLen($sAddDomain) = 0 OR StringLen($sAddUser) = 0 OR StringLen($sAddPass) = 0 Then

            MsgBox(0,"","Please complete all fields")

        Else ; If the fields all have data, then continue

            ;Check to see if the entry exists in the array already
            $iSanity = _ArraySearch($aDomainList,$sAddDomain)

            IF $iSanity = 0 Then
                _ArrayAdd($aDomainList,$sAddDomain & "|" & $sAddUser & "|" & $sAddPass )
                    If @error = 0 Then
                        $aDomainList[0][0] += 1
                        $aDomainList[$aDomainList[0][0]][3] = GUICtrlCreateListViewItem($sAddDomain & "|" & $sResolveIP & "|" & $sStatus,$gDomainList)
                        MsgBox(0,"","Error adding input to list")
            Else ; If $iSanity <> 0
                    ; Update existing info in array and listviewitem
                    $aDomainList[$iSanity][0] = $sAddDomain
                    $aDomainList[$iSanity][1] = $sAddUser
                    $aDomainList[$iSanity][2] = $sAddPass
                    GUICtrlSetData($aDomainList[$iSanity][3],$sAddDomain & "|" & $sResolveIP & "|" & $sStatus)
            EndIf ; If $iSanity = 0

        EndIf ; If StringLen...

    EndIf ; If $m = $gaddbutton



Func _DNSCheck($sFQDN)
    $sJSON = _INetGetSource("https://dns.google.com/resolve?name=" & $sFQDN & "&cd=1")
    ConsoleWrite($sJSON & @CRLF)
    $sIPAddress = StringRegExpReplace($sJSON,'^.*data": "(.*?)".*?$',"\1")
    Return $sIPAddress


Func _DNSUpdate($sFQDN,$sUser,$sPass)

    Local $sGoogleAPIURI = "https://domains.google.com"

    Local $hOpen = _WinHttpOpen()
    Local $hConnect = _WinHttpConnect($hOpen, $sGoogleAPIURI)
    Local $sHeader = _
        'Authorization: Basic ' & _Base64Encode($sUser & ":" & $sPass) & @CRLF & _
        'Accept: */*' & @CRLF & _
        'User-Agent: AutoITScript/' & @AutoItVersion & @CRLF & _
        'Content-Type: application/x-www-form-urlencoded'
    Local $aHTTPResponse = _WinHttpSimpleSSLRequest($hConnect, "POST", "/nic/update", Default, "hostname=" & $sFQDN, $sHeader, True, Default, Default, Default, True)


    If IsArray($aHTTPResponse) Then
        $sHTTPResponse = "Header:" & @CRLF & $aHTTPResponse[0] & @CRLF & "Data:" & @CRLF & $aHTTPResponse[1] & @CRLF & @CRLF & @CRLF
        Return $aHTTPResponse[1]
        $sHTTPResponse = "NO REPLY"
        Return "No reply from " & $sGoogleAPIURI



Func _Base64Encode($sData)
    Local $oXml = ObjCreate("Msxml2.DOMDocument")
    If Not IsObj($oXml) Then
        SetError(1, 1, 0)

    Local $oElement = $oXml.createElement("b64")
    If Not IsObj($oElement) Then
        SetError(2, 2, 0)

    $oElement.dataType = "bin.base64"
    $oElement.nodeTypedValue = Binary($sData)
    Local $sReturn = $oElement.Text

    If StringLen($sReturn) = 0 Then
        SetError(3, 3, 0)

    Return $sReturn


Func _CheckIP()
    Return _INetGetSource("https://domains.google.com/checkip")



Link to comment
Share on other sites

  • 7 months later...
  • Moderators

@Overkill unfortunately this has been asked and answered dozens if not hundreds of times on the forum. You are sadly never going to get 100% obfuscation/encryption/etc. from an AutoIt script; any determined person can either decompile the code or pull the contents out of memory fairly easily. If you need 100% security, you are going to have to go with a different language.

That said: if you accept a certain degree of risk, there are a number of threads in which people have talked about different methods they have employed - from storing in an encrypted file and including the file in the script to trying to link up to a remote server for authentication. You can do a forum search and come across these discussions pretty easily; it all boils down to the level of risk you are willing to accept.

Edit: On a Mod note, we typically lock threads that go around and around the subject of obfuscating or encrypting passwords, for the very reason I give above. I am happy at the moment to leave this topic open if others would like to offer suggestions on what they have done. If, however, the Moderation team senses the release of the Oozlum bird, the topic will die quickly.

Edited by JLogan3o13

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to comment
Share on other sites

In theory you could save the password encrypted, then you program asks for the passcode at startup and the credentials are de-encrypted and used.


Renamer - Rename files and folders, remove portions of text from the filename etc.

GPO Tool - Export/Import Group policy settings.

MirrorDir - Synchronize/Backup/Mirror Folders

BeatsPlayer - Music player.

Params Tool - Right click an exe to see it's parameters or execute them.

String Trigger - Triggers pasting text or applications or internet links on specific strings.

Inconspicuous - Hide files in plain sight, not fully encrypted.

Regedit Control - Registry browsing history, quickly jump into any saved key.

Time4Shutdown - Write the time for shutdown in minutes.

Power Profiles Tool - Set a profile as active, delete, duplicate, export and import.

Finished Task Shutdown - Shuts down pc when specified window/Wndl/process closes.

NetworkSpeedShutdown - Shuts down pc if download speed goes under "X" Kb/s.

IUIAutomation - Topic with framework and examples


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...