Jump to content

Recommended Posts

Hi all,

I am working on a GUI program to update Google's Dynamic DNS (API at https://support.google.com/domains/answer/6147083?authuser=1&hl=en if you scroll to bottom). I am not a programmer by any means - just a sysadmin who has picked up on some things along the way. I am sure that there's better ways to do a lot of things in this script; I'm just going with what I know.

My challenge right now is that I'd like a better way to store the credentials both in memory as well as in system registry or INI file (not sure which way I want to go for local storage). How should I convert the passwords to a secure string in a manner that can't be easily reversed, yet is still accessible to the script? Is that even an option in AutoIt?

Can anybody provide me with links to good reference posts, or coding suggestions for how best to achieve this in the script below? I am using the WinHTTP UDF (https://github.com/dragana-r/autoit-winhttp/releases) to make my API calls.

#include<WinHTTP.au3>
#include<GUIConstantsEx.au3>
#include<EditConstants.au3>
#include<iNet.au3>
#include<Array.au3>

DIM $aDomainList[1][4]
$aDomainList[0][0] = 0

$gMainGUI = GUICreate("Overkill's Google DNS Updater",800,800)

    $gDomainLabel = GUICtrlCreateLabel("FQDN",21,8)
    $gDomainInput = GUICtrlCreateInput("",60,5,300)

    $gUserLabel = GUICtrlCreateLabel("Username",5,36)
    $gUserInput = GUICtrlCreateInput("",60,32,130,Default,BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD))

    $gPasswordLabel = GUICtrlCreateLabel("Password",6,64)
    $gPassInput = GUICtrlCreateInput("",60,60,130,Default,BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD))

    $gAddButton = GUICtrlCreateButton("ADD DOMAIN",200,31,160,52)

    $gCurrentIP = GUICtrlCreateLabel("Current IP: " & _CheckIP(),5,780)

    $gDomainList = GUICtrlCreateListView("Domain | Resolved IP | Update Status",5,120,600,600)


GUISetState(@SW_SHOW,$gMainGUI)

while 1

    $m = GUIGetMsg()
    IF $M = $GUI_EVENT_CLOSE then Exit

    IF $M = $gAddButton Then
        $sAddDomain = GUICtrlRead($gDomainInput)
        $sAddUser = GUICtrlRead($gUserInput)
        $sAddPass = GUICtrlRead($gPassInput)
        $sResolveIP = _DNSCheck($sAddDomain)

        ;Google wants you to avoid sending updates when there are no changes
        If StringCompare($sResolveIP,_CheckIP()) = 0 Then
            $sStatus = "No change, not sending update"
        Else
            $sStatus = _DNSUpdate($sAddDomain,$sAddUser,$sAddPass)
        EndIf

        ;Check to make sure all fields are completed before continuing
        IF StringLen($sAddDomain) = 0 OR StringLen($sAddUser) = 0 OR StringLen($sAddPass) = 0 Then

            MsgBox(0,"","Please complete all fields")

        Else ; If the fields all have data, then continue

            ;Check to see if the entry exists in the array already
            $iSanity = _ArraySearch($aDomainList,$sAddDomain)

            IF $iSanity = 0 Then
                _ArrayAdd($aDomainList,$sAddDomain & "|" & $sAddUser & "|" & $sAddPass )
                    If @error = 0 Then
                        $aDomainList[0][0] += 1
                        $aDomainList[$aDomainList[0][0]][3] = GUICtrlCreateListViewItem($sAddDomain & "|" & $sResolveIP & "|" & $sStatus,$gDomainList)
                    Else
                        MsgBox(0,"","Error adding input to list")
                    EndIf
            Else ; If $iSanity <> 0
                    ; Update existing info in array and listviewitem
                    $aDomainList[$iSanity][0] = $sAddDomain
                    $aDomainList[$iSanity][1] = $sAddUser
                    $aDomainList[$iSanity][2] = $sAddPass
                    GUICtrlSetData($aDomainList[$iSanity][3],$sAddDomain & "|" & $sResolveIP & "|" & $sStatus)
            EndIf ; If $iSanity = 0

        EndIf ; If StringLen...


    EndIf ; If $m = $gaddbutton


WEnd

;----------------------------------------------------------------------------------------

Func _DNSCheck($sFQDN)
    $sJSON = _INetGetSource("https://dns.google.com/resolve?name=" & $sFQDN & "&cd=1")
    ConsoleWrite($sJSON & @CRLF)
    $sIPAddress = StringRegExpReplace($sJSON,'^.*data": "(.*?)".*?$',"\1")
    Return $sIPAddress
EndFunc

;----------------------------------------------------------------------------------------

Func _DNSUpdate($sFQDN,$sUser,$sPass)

    Local $sGoogleAPIURI = "https://domains.google.com"

    Local $hOpen = _WinHttpOpen()
    Local $hConnect = _WinHttpConnect($hOpen, $sGoogleAPIURI)
    Local $sHeader = _
        'Authorization: Basic ' & _Base64Encode($sUser & ":" & $sPass) & @CRLF & _
        'Accept: */*' & @CRLF & _
        'User-Agent: AutoITScript/' & @AutoItVersion & @CRLF & _
        'Content-Type: application/x-www-form-urlencoded'
    Local $aHTTPResponse = _WinHttpSimpleSSLRequest($hConnect, "POST", "/nic/update", Default, "hostname=" & $sFQDN, $sHeader, True, Default, Default, Default, True)

    _WinHttpCloseHandle($hConnect)
    _WinHttpCloseHandle($hOpen)

    If IsArray($aHTTPResponse) Then
        $sHTTPResponse = "Header:" & @CRLF & $aHTTPResponse[0] & @CRLF & "Data:" & @CRLF & $aHTTPResponse[1] & @CRLF & @CRLF & @CRLF
        Return $aHTTPResponse[1]
    Else
        $sHTTPResponse = "NO REPLY"
        Return "No reply from " & $sGoogleAPIURI
    EndIf

EndFunc

;----------------------------------------------------------------------------------------

Func _Base64Encode($sData)
    Local $oXml = ObjCreate("Msxml2.DOMDocument")
    If Not IsObj($oXml) Then
        SetError(1, 1, 0)
    EndIf

    Local $oElement = $oXml.createElement("b64")
    If Not IsObj($oElement) Then
        SetError(2, 2, 0)
    EndIf

    $oElement.dataType = "bin.base64"
    $oElement.nodeTypedValue = Binary($sData)
    Local $sReturn = $oElement.Text

    If StringLen($sReturn) = 0 Then
        SetError(3, 3, 0)
    EndIf

    Return $sReturn
EndFunc

;----------------------------------------------------------------------------------------

Func _CheckIP()
    Return _INetGetSource("https://domains.google.com/checkip")
EndFunc

;----------------------------------------------------------------------------------------

 

Link to post
Share on other sites
  • 7 months later...
  • Moderators

@Overkill unfortunately this has been asked and answered dozens if not hundreds of times on the forum. You are sadly never going to get 100% obfuscation/encryption/etc. from an AutoIt script; any determined person can either decompile the code or pull the contents out of memory fairly easily. If you need 100% security, you are going to have to go with a different language.

That said: if you accept a certain degree of risk, there are a number of threads in which people have talked about different methods they have employed - from storing in an encrypted file and including the file in the script to trying to link up to a remote server for authentication. You can do a forum search and come across these discussions pretty easily; it all boils down to the level of risk you are willing to accept.

Edit: On a Mod note, we typically lock threads that go around and around the subject of obfuscating or encrypting passwords, for the very reason I give above. I am happy at the moment to leave this topic open if others would like to offer suggestions on what they have done. If, however, the Moderation team senses the release of the Oozlum bird, the topic will die quickly.

Edited by JLogan3o13

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites

In theory you could save the password encrypted, then you program asks for the passcode at startup and the credentials are de-encrypted and used.

Spoiler

Renamer - Rename files and folders, remove portions of text from the filename etc.

GPO Tool - Export/Import Group policy settings.

MirrorDir - Synchronize/Backup/Mirror Folders

BeatsPlayer - Music player.

Params Tool - Right click an exe to see it's parameters or execute them.

String Trigger - Triggers pasting text or applications or internet links on specific strings.

Inconspicuous - Hide files in plain sight, not fully encrypted.

Regedit Control - Registry browsing history, quickly jump into any saved key.

Time4Shutdown - Write the time for shutdown in minutes.

Power Profiles Tool - Set a profile as active, delete, duplicate, export and import.

Finished Task Shutdown - Shuts down pc when specified window/Wndl/process closes.

NetworkSpeedShutdown - Shuts down pc if download speed goes under "X" Kb/s.

IUIAutomation - Topic with framework and examples

Au3Record.exe

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By ThomasBennett
      Good morning, everyone, 
      I have had very good luck with using _WD_ElementActionEx 'CLICKANDHOLD'. What would be the best practice with dragging and dropping web elements? I would prefer to not to have to use any dragging and dropping but I haven't figured out a way to change the order the elements are displayed programmatically. 
      I have a list of elements that are drag and drop. These elements in code are using <UL></UL> for the entire list and the actual web elements that are being manipulated are in <LI></LI> tags. These do not look like a bulleted list but that is the code that is being used. I've spoken with the web developer and there isn't any hot keys or keyboard commands that can be used to move these elements.
      I know where the new and original web element appears and can select them using the _WD_WaitElement and _WD_FindElement combo. I can find the number of items in the list by looking at the code; I haven't started pulling the values out just yet. I am trying to figure out if there is a place to change the listed order.
      Using the 'CLICKANDHOLD' feature as part of _WD_ElementActionEx does work and I know more or less where I need to drop it the new web element; the problem I am having is scrolling exactly to where I need the new web element dropped. It should be dropped beneath the original web element. 
      What's the best method to output the number of children associated with the <UL></UL>? I am guessing that _WD_ElementActionEx 'CHILDCOUNT' would be it; but I haven't figured out how to get the call to output in a msgbox or in the console. 
      #cs ---------------------------------------------------------------- Name ..........: Please Note!.au3 Description ...: To be used to add new lessons to existing playlists and to update the pre-existing lesson with the Please Note! PowerPoint SciTE 32-bit ..: Version 4.4.6 Author(s) .....: Thomas E. Bennett Date ..........: 20220929 Recommended Reading / Requirements https://www.autoitscript.com/forum/topic/191990-webdriver-udf-w3c-compliant-version-01162021/#comments https://www.autoitscript.com/wiki/WebDriver https://www.autoitscript.com/wiki/WebDriver#Installation https://www.autoitscript.com/wiki/Adding_UDFs_to_AutoIt_and_SciTE https://www.autoitscript.com/autoit3/docs/intro/running.htm#CommandLine wd_core.au3 wd_helper.au3 From wd_core.au3 Global Const $_WD_LOCATOR_ByCSSSelector = "css selector" Global Const $_WD_LOCATOR_ByXPath = "xpath" Global Const $_WD_LOCATOR_ByLinkText = "link text" Global Const $_WD_LOCATOR_ByPartialLinkText = "partial link text" Global Const $_WD_LOCATOR_ByTagName = "tag name" #ce ---------------------------------------------------------------- #include "wd_core.au3" #include "wd_helper.au3" #include <MsgBoxConstants.au3> #include <Excel.au3> #include <AutoItConstants.au3> Local $sDesiredCapabilities, $sSession, $sElement ; Create application object and open an example workbook Local $oExcel = _Excel_Open() If @error Then Exit MsgBox($MB_SYSTEMMODAL, "Excel UDF: _Excel_RangeRead Example", "Error creating the Excel application object." & @CRLF & "@error = " & @error & ", @extended = " & @extended) Local $oWorkbook = _Excel_BookOpen($oExcel, @ScriptDir & "\{PRIVACY}.xlsx") If @error Then MsgBox($MB_SYSTEMMODAL, "Excel UDF: _Excel_RangeRead Example", "Error opening workbook '" & @ScriptDir & "\{PRIVACY}.xlsx'." & @CRLF & "@error = " & @error & ", @extended = " & @extended) _Excel_Close($oExcel) Exit EndIf ; Read data from a single cell on the active sheet of the specified workbook ;Local $sResult = _Excel_RangeRead($oWorkbook, Default, "A1") ;If @error Then Exit MsgBox($MB_SYSTEMMODAL, "Excel UDF: _Excel_RangeRead Example 1", "Error reading from workbook." & @CRLF & "@error = " & @error & ", @extended = " & @extended) ;MsgBox($MB_SYSTEMMODAL, "Excel UDF: _Excel_RangeRead Example 1", "Data successfully read." & @CRLF & "Value of cell A1: " & $sResult) SetupChrome() _WD_Startup() $sSession = _WD_CreateSession($sDesiredCapabilities) Sleep (15000) Local $aResult = _Excel_RangeRead($oWorkbook, Default, "A16:E16") For $i = 0 To UBound($aResult, 1) - 1 ;ConsoleWrite("========= Start Row =========" & @CRLF) ;ConsoleWrite($aResult[$i][0] & @CRLF) ; Column A -- Course Playlist Number ;ConsoleWrite($aResult[$i][1] & @CRLF) ; Column B -- Course Playlist Title ;ConsoleWrite($aResult[$i][2] & @CRLF) ; Column C -- Original Lesson Title ;ConsoleWrite($aResult[$i][3] & @CRLF) ; Column D -- Updated Lesson Number ;ConsoleWrite($aResult[$i][4] & @CRLF) ; Column E -- Updated Lesson Title ;ConsoleWrite("========= End Row =========" & @CRLF & @CRLF) _WD_Navigate($sSession, "{PRIVACY}" & $aResult[$i][0]) _WD_LoadWait($sSession, 2000) ; Find the Available Lessons search box and enter the appropriate value _WD_WaitElement($sSession, $_WD_LOCATOR_ByXPath, "//input[@id='titleSearch']") $sElement = _WD_FindElement($sSession, $_WD_LOCATOR_ByXPath, "//input[@id='titleSearch']") ; Click the Sign in button _WD_ElementAction($sSession, $sElement, 'value', $aResult[$i][3]) Send("{Enter}") ; Find the correct "Add" hyperlink _WD_WaitElement($sSession, $_WD_LOCATOR_ByXPath, "//span[text()='" & $aResult[$i][4] & "']/following-sibling::div") $sElement = _WD_FindElement($sSession, $_WD_LOCATOR_ByXPath, "//span[text()='" & $aResult[$i][4] & "']/following-sibling::div") ; Click the "Add" hyperlink _WD_ElementAction($sSession, $sElement, 'click') ; Number of Child Elements _WD_WaitElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']") $sElement = _WD_FindElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']") _WD_ElementActionEx($sSession, $sElement, 'CHILDCOUNT') Exit ; Click and Hold the appropriate element _WD_WaitElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']//span[@class='item-description' and text()='" & $aResult[$i][4] & "']/parent::li") $sElement = _WD_FindElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']//span[@class='item-description' and text()='" & $aResult[$i][4] & "']/parent::li") _WD_ElementActionEx($sSession, $sElement, 'clickandhold', 0, 0, 0, 10000) ; Hover the appropriate element _WD_WaitElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']//span[@class='item-description' and text()='" & $aResult[$i][4] & "']/following-sibling::a") $sElement = _WD_FindElement($sSession, $_WD_LOCATOR_ByXPath, "//ul[@id='selected-items']//span[@class='item-description' and text()='" & $aResult[$i][4] & "']/following-sibling::a") _WD_ElementActionEx($sSession, $sElement, 'HOVER') Exit Next Exit _WD_DeleteSession($sSession) _WD_Shutdown() Exit Func SetupChrome() ; Google Chrome _WD_Option('Driver', "C:\Users\thomas.bennett\Desktop\AutoIt\include\chromedriver.exe") _WD_Option('Port', 9515) ;_WD_Option('DriverParams', '--verbose --log-path="' & @ScriptDir & '\chrome.log"') $sDesiredCapabilities = '{"capabilities": {"alwaysMatch": {"unhandledPromptBehavior": "ignore", ' & _ '"goog:chromeOptions": {"w3c": true, "excludeSwitches": ["enable-automation"], "useAutomationExtension": false, ' & _ '"prefs": {"credentials_enable_service": false},' & _ '"args": ["start-maximized"] }}}}' EndFunc Console Output
      >"C:\Program Files (x86)\AutoIt3\SciTE\..\AutoIt3.exe" "C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.au3" /run /prod /ErrorStdOut /in "C:\Users\thomas.bennett\Desktop\AutoIt\Please Note!\Please Note!.au3" /UserParams +>09:22:40 Starting AutoIt3Wrapper (21.316.1639.1) from:SciTE.exe (4.4.6.0) Keyboard:00000409 OS:WIN_10/2009 CPU:X64 OS:X64 Environment(Language:0409) CodePage:0 utf8.auto.check:4 +> SciTEDir => C:\Program Files (x86)\AutoIt3\SciTE UserDir => C:\Users\thomas.bennett\AppData\Local\AutoIt v3\SciTE\AutoIt3Wrapper SCITE_USERHOME => C:\Users\thomas.bennett\AppData\Local\AutoIt v3\SciTE >Running AU3Check (3.3.14.5) from:C:\Program Files (x86)\AutoIt3 input:C:\Users\thomas.bennett\Desktop\AutoIt\Please Note!\Please Note!.au3 +>09:22:40 AU3Check ended.rc:0 >Running:(3.3.14.5):C:\Program Files (x86)\AutoIt3\autoit3.exe "C:\Users\thomas.bennett\Desktop\AutoIt\Please Note!\Please Note!.au3" +>Setting Hotkeys...--> Press Ctrl+Alt+Break to Restart or Ctrl+BREAK to Stop. _WD_Option ==> Success [0] : Parameters: Option=Driver Value=C:\Users\thomas.bennett\Desktop\AutoIt\include\chromedriver.exe _WD_Option ==> Success [0] : Parameters: Option=Port Value=9515 _WD_IsLatestRelease ==> Success [0] : True _WD_Startup: OS: WIN_10 WIN32_NT 22000 _WD_Startup: AutoIt: 3.3.14.5 _WD_Startup: Webdriver UDF: 0.10.1 (Up to date) _WD_Startup: WinHTTP: 1.6.4.2 _WD_Startup: Driver: C:\Users\thomas.bennett\Desktop\AutoIt\include\chromedriver.exe (32 Bit) _WD_Startup: Params: _WD_Startup: Port: 9515 _WD_Startup: Command: "C:\Users\thomas.bennett\Desktop\AutoIt\include\chromedriver.exe" _WD_Startup ==> Success [0] __WD_Post ==> Success [0] : HTTP status = 200 _WD_CreateSession ==> Success [0] : 2542b35e47b8f9b2558cd92ad1418811 __WD_Post ==> Success [0] : HTTP status = 200 _WD_Navigate ==> Success [0] : Parameters: URL={PRIVACY} _WD_LoadWait ==> Success [0] : Parameters: Delay=2000 Timeout=Default Element=Default _WD_WaitElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='Username'] Delay=Default Timeout=Default Options=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_FindElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='Username'] StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_ElementAction ==> Success [0] : Parameters: Command=value Option=<masked> _WD_WaitElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='Password'] Delay=Default Timeout=Default Options=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_FindElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='Password'] StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_ElementAction ==> Success [0] : Parameters: Command=value Option=<masked> _WD_WaitElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@value='Sign In'] Delay=Default Timeout=Default Options=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_FindElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@value='Sign In'] StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_ElementAction ==> Success [0] : Parameters: Command=click Option=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_Navigate ==> Success [0] : Parameters: URL={PRIVACY} _WD_LoadWait ==> Success [0] : Parameters: Delay=2000 Timeout=Default Element=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_Navigate ==> Success [0] : Parameters: URL={PRIVACY} _WD_LoadWait ==> Success [0] : Parameters: Delay=2000 Timeout=Default Element=Default _WD_WaitElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='titleSearch'] Delay=Default Timeout=Default Options=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_FindElement ==> Success [0] : Parameters: Strategy=xpath Selector=//input[@id='titleSearch'] StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_ElementAction ==> Success [0] : Parameters: Command=value Option=<masked> _WD_WaitElement ==> Timeout [7] : Parameters: Strategy=xpath Selector=//span[text()='{PRIVACY}']/following-sibling::div Delay=Default Timeout=Default Options=Default __WD_Post ==> No match [8] : HTTP status = 404 _WD_FindElement ==> No match [8] : Parameters: Strategy=xpath Selector=//span[text()='{PRIVACY}']/following-sibling::div StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> No match [8] : HTTP status = 404 _WD_ElementAction ==> No match [8] : Parameters: Command=click Option=Default _WD_WaitElement ==> Success [0] : Parameters: Strategy=xpath Selector=//ul[@id='selected-items'] Delay=Default Timeout=Default Options=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_FindElement ==> Success [0] : Parameters: Strategy=xpath Selector=//ul[@id='selected-items'] StartNodeID=Default Multiple=Default ShadowRoot=Default __WD_Post ==> Success [0] : HTTP status = 200 _WD_ExecuteScript ==> Success [0] _WD_ElementActionEx ==> Success [0] : Parameters: Element=21c01052-8b86-4058-b8f6-d9dfa750f9ee Command=CHILDCOUNT XOffset=Default YOffset=Default Button=Default HoldDelay=Default Modifier=Default +>09:23:20 AutoIt3.exe ended.rc:0 +>09:23:20 AutoIt3Wrapper Finished. >Exit code: 0 Time: 40.88  

      My thought is once AutoIt knows how many child elements there are; I am hoping that there would be a way to change the sort or priority order that the <LI></LI>'s are shown in. 
      Thank you for your time and efforts on this and as I progress I'll update this topic, 




      Thomas 
    • By TheXman
      Encryption / Decryption / Hashing
      Purpose
      Cryptography API: Next Generation (CNG) is Microsoft's long-term replacement for their CryptoAPI.  Microsoft's CNG is designed to be extensible at many levels and cryptography agnostic in behavior.  Although the Crypt.au3 UDF lib that is installed with AutoIt3 still works perfectly, the advapi32.dll functions that it uses have been deprecated.  In addition the Crypt.au3 UDF lib, as it is currently written, has a very limited ability to decrypt AES data that was not encrypted using Crypt.au3.  That is because Crypt.au3 functions do not allow you to specify an actual key or initialization vector (IV).  It only lets you specify data to be used to derive a key and uses a static IV.  This UDF was created to offer a replacement for the deprecated functions used by Crypt.au3.  According to Microsoft, deprecated functions may be removed in future release.  It was also created to allow more flexibility in encryption/decryption and to expand the ability for users to implement cryptography in their scripts.
      Description
      This UDF implements some of Microsoft's Cryptography API: Next Generation (CNG) Win32 API functions.  It implements functions to encrypt/decrypt text and files, generate hashes, derive keys using Password-Based Key Derivation Function 2 (PBKDF2), and has several cryptography-related helper functions.  The UDF can implement any encryption/decryption algorithms and hashing algorithms that are supported by the installed cryptography providers on the PC in which it is running.  Most, if not all, of the values that you would commonly use to specify that desired algorithms, key bit lengths, and other magic number type values, are already defined as constants or enums in the UDF file.
      To flatten the learning curve, there is an example file that shows examples of all of the major functionality.  This example file is not created to be an exhaustive set of how to implement each feature and parameter.  It is designed to give you a template or guide to help you hit the ground running in terms of using the functions.  I have tried to fully document the headers of all of the functions as well as the code within the functions themselves.    As of v1.4.0, there is also a Help file that includes all of the functions, with examples.
      Current UDF Functions
      Algorithm-Specific Symmetric Encryption/Decryption Functions _CryptoNG_AES_CBC_EncryptData _CryptoNG_AES_CBC_DecryptData
        _CryptoNG_AES_CBC_EncryptFile _CryptoNG_AES_CBC_DecryptFile
        _CryptoNG_AES_ECB_EncryptData _CryptoNG_AES_ECB_DecryptData
        _CryptoNG_AES_GCM_EncryptData _CryptoNG_AES_GCM_DecryptData
        _CryptoNG_3DES_CBC_EncryptData _CryptoNG_3DES_CBC_DecryptData
        _CryptoNG_3DES_CBC_EncryptFile _CryptoNG_3DES_CBC_DecryptFile
        Generic Symmetric Encryption/Decryption Functions _CryptoNG_EncryptData _CryptoNG_DecryptData
        _CryptoNG_EncryptFile _CryptoNG_DecryptFile
        Hashing Functions _CryptoNG_HashData _CryptoNG_HashFile
        _CryptoNG_PBKDF2
        Asymmetric (Public/Private Key) Encryption/Decryption Functions _CryptoNG_RSA_CreateKeyPair
        _CryptoNG_RSA_EncryptData _CryptoNG_RSA_DecryptData
        Misc / Helper Functions _CryptoNG_CryptBinaryToString _CryptoNG_CryptStringToBinary
        _CryptoNG_GenerateRandom
        _CryptoNG_EnumAlgorithms _CryptoNG_EnumRegisteredProviders _CryptoNG_EnumKeyStorageProviders
        _CryptoNG_LastErrorMessage
        _CryptoNG_Version  
      Related Links
      Cryptography API: Next Generation - Main Page
      Cryptography API: Next Generation - Reference
      Cryptography API: Next Generation - Primitives
      Cryptography API: Next Generation - Cryptographic Algorithm Providers
    • By RTFC
      CodeCrypter enables you to encrypt scripts without placing the key inside the script.
      This is because this key is extracted from the user environment at runtime by, for example:
      password user query any macro (e.g., @username) any AutoIt function call any UDF call some permanent environment variable on a specific machine (and not created by your script) a server response a device response anything else you can think of, as long as it's not stored in the script any combination of the above You need several scripts to get this to work, and they are scattered over several threads, so here's a single bundle that contains them all (including a patched version of Ward's AES.au3; with many thanks to Ward for allowing me to include this script here):
      Latest version: 3.4 (3 Dec 2021): please follow this link.
      Note: if you experience issues under Win8/8.1 (as some users have reported), please upgrade to Win10 (or use Win7) if you can; as far as I can tell, the scripts in the bundle all work under Win7 & Win10 (and XP). Moreover, I have no access to a Win8 box, so these issues will not be fixed, at least not by yours truly.
       
      How the bits and pieces fit together:
      CodeCrypter is a front-end for the MCF UDF library (you need version 1.3 or later). Its thread is here:
      '?do=embed' frameborder='0' data-embedContent>>
      The MCF package (also contained in the CodeScannerCrypter bundle) contains MCF.au3 (the library itself) plus a little include file called MCFinclude.au3. The latter you have to include in any script you wish to encrypt. Any code preceding it will not be encrypted, any code following it will be encrypted. You define the dynamic key inside MCFinclude.au3, in the UDF: _MCFCC_Init().
      From the same post you can download an MCF Tutorial which I heartily recommend, because encrypting a script requires a number of steps in the right order, namely:
      In MCFinclude.au3, define and/or choose your dynamic key(s) (skip this step = use default setting) include MCFinclude.au3 in your target script Run CodeScanner (version 2.3+) on your target script, with setting WriteMetaCode=True (see '?do=embed' frameborder='0' data-embedContent>>), then close CodeScanner. Start CodeCrypter press the Source button to load your target file enable Write MCF0 (tick the first option in Main Settings) Enable "Encrypt" (last option in the Main Settings) Go to the Tab Encrypt and set up the encryption the way you want (skip this = use default settings) Return to Main Tab and press "Run" if all goes well, a new script called MCF0test.au3 is created in the same directory as your target. It has no includes and no redundant parts. Please check that it works as normal. (see Remarks if not) It all sounds far more complicated than it is, really.
      Not convinced? Check out:
      a simple HowTo Guide: HowToCodeCrypt.pdf an updated and extended Q & A pdf (FAQ, also included in the bundle) to help you get started:CodeCrypterFAQ.pdf For additional explanations/examples in response to specific questions by forum members (how it works, what it can/cannot do), see elsewhere in this thread, notably:
      Simple analogy of how it works: post #53, second part General Explanation and HowTo: post #9, 51, 75, 185/187, 196, 207, 270, 280 (this gets a bit repetitive) BackTranslation: post #179 Obfuscation: post #36 (general), 49 (selective obfuscation) Specific features and fixes: post #3 (security), 84 (redefining the expected runtime response), 169 (Curl Enum fix), 185/187 (using license keys), 194 (replacing Ward's AES UDF with different encryption/decryption calls), 251 (AV detection issue), 262 (extract key contents to USB on different target machine prior to encryption) Limitations: post #26 (@error/@extended), 149 (FileInstall), 191 (AES.au3 on x64) Not recommended: post #46/249 (static encryption), 102 (programme logic error), 237 (parsing password via cmdline)  
      Technical notes:
      BackTranslation is a test to check that the MetaCode translation worked. Skip it at your peril. It also turns your multi-include composite script into a single portable file without redundant parts (you can opt to leave the redundant parts in, if you want).
      CodeCrypter can also obfuscate (vars and UDF names) and replace strings, variable names and UDF names with anything else you provide, for  example, for language translation). After CodeScanner separates your target's structure from its contents, CodeCrypter (actually MCF, under the hood) can change any part, and then generate a new script from whichever pieces you define. See the MCF Tutorial for more explanation and examples.
      Encryption currently relies on Ward's excellent AES UDF and TheXman's sophisticated CryptoNG bundle. You can replace these with any other algorithm you like (but this is not trivial to do: edit MCFinclude.au3 UDF _MCFCC(), and MCF.au3 UDF _EncryptEntry(), see post #194 in this thread). AES by Ward, and CryptoNG by TheXman are also included in the bundle (with many thanks to Ward and TheXman for graciously allowing me to republish their outstanding work).
      Going to lie down now...
      RT
       
    • By RTFC
      The CodeScannerCrypterBundle (ca. 2.9 MB unzipped) contains the following UDFs and utilities:
      CodeScanner: analyse AutoIt script structure and content, identify potential issues, generate MCF data files CodeCrypter: front-end GUI for the MCF library, for script encryption (without storing the decryption key(s) in the script!) MetaCodeFile UDF (MCF library): for analysis and user-defined alterations of AutoIt script structure and content MCFinclude.au3: #include this UDF in any AutoIt script that you wish CodeCrypter to process CryptoNG, by TheXman; encryption UDF using Bcrypt dll calls (32/64-bit; various algorithms) StoreCCprofile.au3/readCSdatadump.au3/helloworld.au3: auxiliary utilities and example script HowToCodeCrypt.pdf: a simple guide in five steps CodeCrypterFAQ.pdf: questions and answers, partly based upon exchanges in the CodeCrypter thread. MetaCodeTutorial.pdf: the MCF engine explained; useful for encryption, GUI translation, code translation, and much more... Please follow the links for additional information.
    • By izmegna
      I am trying to auto login to web app that has the following HTML for the username, password and submit button:
      USERNAME:
      <input name="usernameField" tabindex="0" class="inp" id="usernameField" type="text" value="" message="FND_SSO_USER_NAME">
      Password:
      <input name="passwordField" tabindex="0" class="inp" id="passwordField" type="password" value="" message="FND_SSO_PASSWORD">
      Login:
      <button tabindex="0" class="OraButton left" style="padding-right: 6px; padding-left: 6px;" onclick="submitCredentials()" message="FND_SSO_LOGIN">Log In</button>
      Following is the AutoIT script I am using I am passing the username and password via cmd but it is not working, any suggestion?
       
      #include <IE.au3>
      Local $url ="https://www.Intra.edwa.com"
      Local $oIE =_IECreate($url)
      _IELoadWait($oIE)
      Local $oUser =_IEGetObjById($oIE,"usernameField")
      Local $oPass =_IEGetObjById($oIE,"passwordField")
      _IEFormElementSetValue($oUser, $CmdLine[1])
      _IEFormElementSetValue($oPass, $CmdLine[2])
      _IELoadWait($oIE)
      $oLinks = _IETagNameGetCollection($oIE, "input")
      For $oLink In $oLinks
          If String($oLink.type) = "submit" And String($oLink.value) = "Sign In" Then
                _IEAction($oLink, "click")
                ExitLoop
          EndIf
      Next
×
×
  • Create New...