Golbez Posted May 18, 2022 Posted May 18, 2022 (edited) is there a difference when you test run a script from scite compared to running the au3? i have made a script to interact with a program i use for work. for some reason when i start my script by running the au3 it do not get the same results i get when i run it from scite. somethings i noticed: 1. i sends a user name and it should be all capital letters. happens when i run from scite but when i run the au3 it only capitalizes the first character of the string 2. it seems to send the username or password in correctly when i run the au3 but i can not replicate it when i run from scite. expandcollapse popup#Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=Helper.ico #AutoIt3Wrapper_Res_Fileversion=0.2.3.2 #AutoIt3Wrapper_Res_Fileversion_AutoIncrement=y #AutoIt3Wrapper_Add_Constants=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ---------------------------------------------------------------------------- AutoIt Version: 3.3.16.0 Author: Ray smith Script Function: To log into csi! #ce ---------------------------------------------------------------------------- #include <Sound.au3> #Include "CryptoNG.au3" #include <WinAPIDiag.au3> #include <WindowsConstants.au3> #include <APIDiagConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> Opt("SendKeyDelay", 6) ;5 milliseconds Opt("WinTitleMatchMode", 1) ;1=start, 2=subStr, 3=exact, 4=advanced, -1 to -4=Nocase Opt("MouseCoordMode", 2) ;1=absolute, 0=relative, 2=client If FileExists(@ScriptDir & "\settings.ini") = 0 Then IniWrite(@ScriptDir & "\settings.ini", "Account", "User", "") IniWrite(@ScriptDir & "\settings.ini", "Account", "Pass", "") IniWrite(@ScriptDir & "\settings.ini", "Account", "Attempts", 0) IniWrite(@ScriptDir & "\settings.ini", "Settings", "Prog", "") IniWrite(@ScriptDir & "\settings.ini", "Settings", "NextLogin", 2000) IniWrite(@ScriptDir & "\settings.ini", "Settings", "MouseSpeed", 0) EndIf Const $SECRET = _WinAPI_UniqueHardwareID($UHID_All) ; The password used to derive the key. Const $SECRET_SALT = _WinAPI_UniqueHardwareID($UHID_All) ; The cryptographic salt to use for key derivation. Const $ITERATIONS = 100 ; Number of hashing iterations. Const $KEY_BIT_LENGTH = $CNG_KEY_BIT_LENGTH_AES_192 ; The key length (in bits) of the derived key. Must be a multiple of 8. Const $ALGORITHM = $CNG_BCRYPT_SHA1_ALGORITHM ; A string specifying the desired algorithm provider. Default is "Microsoft Primitive Provider". Global $title = "Sign In", $title2 = "Mongoose", $firstrun = 0, $attempts = 0 , $prog, $sAlgId = $CNG_BCRYPT_AES_ALGORITHM Global $timebeforenextlogin = IniRead(@ScriptDir & "\settings.ini", "Settings", "NextLogin", "2000") Global $mousemovespeed = IniRead(@ScriptDir & "\settings.ini", "Settings", "MouseSpeed", "0") Global $aSound = _SoundOpen(@WindowsDir & "\media\tada.wav"), $delay = 100 Global $vEncryptKey = _CryptoNG_PBKDF2($SECRET, $SECRET_SALT, $ITERATIONS, $KEY_BIT_LENGTH, $ALGORITHM) HotKeySet("{esc}", "terminate") HotKeySet("^+!{HOME}", "getprogname") $Form1 = GUICreate("Form1", 196, 99, 314, 185) $user = GUICtrlCreateInput("", 88, 8, 105, 21) If IniRead(@ScriptDir & "\settings.ini", "account", "user", "") <> "" Then GUICtrlSetData($user, IniRead(@ScriptDir & "\settings.ini", "account","user", "")) EndIf $pass = GUICtrlCreateInput("", 88, 32, 105, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD)) If IniRead(@ScriptDir & "\settings.ini", "account", "pass", "") <> "" Then GUICtrlSetData($pass, _CryptoNG_DecryptData($sAlgId, IniRead(@ScriptDir & "\settings.ini", "account","pass", ""), $vEncryptKey)) If GUICtrlRead($pass) = "" Then GUICtrlSetData($user, "") EndIf $Button1 = GUICtrlCreateButton("Login", 16, 64, 75, 25) $Label1 = GUICtrlCreateLabel("User Name", 16, 8, 57, 17) $label2 = GUICtrlCreateLabel("Password", 16, 32, 50, 17) $Label3 = GUICtrlCreateLabel("Attempts:", 104, 64, 48, 17) $Attempt = GUICtrlCreateLabel("", 160, 64, 22, 17) $Label4 = GUICtrlCreateLabel("Previous:", 104, 80, 48, 17) $Previous = GUICtrlCreateLabel("", 160, 80, 22, 17) If IniRead(@ScriptDir & "\settings.ini", "account", "attempts", "") <> "" Then GUICtrlSetData($Previous, IniRead(@ScriptDir & "\settings.ini", "account","attempts", "")) EndIf GUISetState(@SW_SHOW) if @Compiled = 0 Then TraySetIcon(@ScriptDir & "\Helper.ico") GUISetIcon(@ScriptDir & "\Helper.ico") EndIf While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE terminate() Case $Button1 If $firstrun = 0 Then If IniRead(@ScriptDir & "\settings.ini", "settings", "prog", "") = "" Then $prog = FileOpenDialog("Program name: ", @ScriptDir, "Applications (*.exe)") Run($prog) Else Run(IniRead(@ScriptDir & "\settings.ini", "settings", "prog", "")) EndIf Sleep($delay) WinWaitActive($title) inputaccount() inputpass() $firstrun = 1 EndIf sleep(2000) entercsifun() EndSwitch WEnd func entercsifun() ; click okay to move to next attempt While WinExists($title) = 1 or WinExists($title2) = 1 If WinExists($title2) = 1 then If Not WinActive($title2) Then WinActivate($title2) Sleep($delay) ControlSend($title2, "", "", "{enter}") EndIf Sleep($delay) inputpass() Sleep($timebeforenextlogin) WEnd _SoundPlay($aSound, 1) MsgBox(0, "Success after " & $attempts & " attempts!!", "You have been logged into csi!", 2.5) terminate() EndFunc Func inputaccount() Sleep($delay) If GUICtrlRead($user) = "" Then Local $userI = InputBox("no user name found", "input user name: ") GUICtrlSetData($user,$userI) EndIf ControlSend($title, "", "", "{tab 6}") Sleep($delay) ControlSend($title, "", "", StringUpper(GUICtrlRead($user))) Sleep($delay) ControlSend($title, "", "", "{tab}") EndFunc Func inputpass() GUICtrlSetData($attempt, $attempts) ControlClick($title, "", "", 'left', 1, 237, 335) Sleep($delay) If GUICtrlRead($pass) = "" Then Local $passI = InputBox("no password found", "input password: ") GUICtrlSetData($pass,$passI) EndIf ControlSend($title, "", "", GUICtrlRead($pass)) Sleep($delay) $attempts += 1 ControlSend($title, "", "", "{enter}") EndFunc Func getprogname() $prog = FileOpenDialog("Program name: ", @ScriptDir, "Applications (*.exe)") MsgBox(0,"",$prog) ClipPut($prog) EndFunc Func terminate() _SoundClose($aSound) IniWrite(@ScriptDir & "\settings.ini", "account", "User", GUICtrlRead($user)) Sleep($delay) IniWrite(@ScriptDir & "\settings.ini", "account", "Pass", _CryptoNG_EncryptData($sAlgId, GUICtrlRead($pass), $vEncryptKey)) Sleep($delay) If $attempts = "" Then $attempts = 0 IniWrite(@ScriptDir & "\settings.ini", "account", "Attempts", $attempts) Sleep($delay) IniWrite(@ScriptDir & "\settings.ini", "settings", "Prog", $prog) Sleep($delay) Exit EndFunc Edited May 18, 2022 by Golbez
Luke94 Posted May 18, 2022 Posted May 18, 2022 I had a similar problem and compiling specifically for x64 (assuming you're running a 64-bit operating system) seemed to solve it.
Golbez Posted May 18, 2022 Author Posted May 18, 2022 55 minutes ago, Luke94 said: I had a similar problem and compiling specifically for x64 (assuming you're running a 64-bit operating system) seemed to solve it. tried this, still seems to do it
TheXman Posted May 18, 2022 Posted May 18, 2022 (edited) Just taking a cursory look at your script, I can see that you have a major issue with your encrypted/decrypted password. There is a difference between BINARY strings and TEXT strings, especially how they are stored in memory and in files. The result from CryptoNG_EncryptData() is a BINARY string, not a TEXT string. Ini files are text files and the functions that work with them are assuming that they are working with text. So when you save that BINARY string using IniWrite, it is converting & storing that BINARY string as the TEXT representation of its value in hex. That is NOT the same thing. When you try to decrypt the password, as it says in the CryptoNG help file, the data to be decrypted should be a BINARY string (the same value that was returned when you executed CryptoNG_EncryptData()). But in your case, since you stored the BINARY string as its TEXT representation in hex, the password that is read for decryption is not BINARY data. You could probably fix the issue in one of multiple ways. The easiest way if you are going to store the BINARY string as its TEXT representation in hex, would be to convert that TEXT back to binary before decrypting it. You could use the BINARY() function to do that. Another way, would be to save the BINARY data as encoded Base64 text and decode the Base64 TEXT back into BINARY when you retrieve it for decryption. You could use the CryptoNG helper functions CryptoNG_CryptBinaryToString() and CryptoNG_CryptStringToBinary() to do the Base64 encoding and decoding. If you had been doing any sort of decent @error checking, CryptoNG_DecryptData() would have told you that the data to be decrypted was invalid (not BINARY). 😉 I hope that you understand what I'm trying to say. If not, let me know which parts you don't quite understand and I'll try to explain it differently or provide an example that shows what I mean. Edit: @Golbez In general, the above information is correct. However, in this particular case and given the way that I wrote the decryption functions in CryptoNG, if you pass the TEXT representation of the binary data (i.e. "0x010203") to CryptoNG_DecryptData(), it does convert it to BINARY before trying to decrypt it. It wasn't written that way so one could supply the TEXT representation of the BINARY string, but it just so happens that it will work. So looking a little closer at the way you are storing & retrieving the password, your encryption/decryption should work. I say "should" because I obviously can't run your script and I'm not going to extract & execute the relevant code from it. I guess that's what I get for taking a cursory look at the code. Edited May 19, 2022 by TheXman CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman
Golbez Posted May 19, 2022 Author Posted May 19, 2022 (edited) 14 hours ago, TheXman said: Just taking a cursory look at your script, I can see that you have a major issue with your encrypted/decrypted password. There is a difference between BINARY strings and TEXT strings, especially how they are stored in memory and in files. The result from CryptoNG_EncryptData() is a BINARY string, not a TEXT string. Ini files are text files and the functions that work with them are assuming that they are working with text. So when you save that BINARY string using IniWrite, it is converting & storing that BINARY string as the TEXT representation of its value in hex. That is NOT the same thing. When you try to decrypt the password, as it says in the CryptoNG help file, the data to be decrypted should be a BINARY string (the same value that was returned when you executed CryptoNG_EncryptData()). But in your case, since you stored the BINARY string as its TEXT representation in hex, the password that is read for decryption is not BINARY data. You could probably fix the issue in one of multiple ways. The easiest way if you are going to store the BINARY string as its TEXT representation in hex, would be to convert that TEXT back to binary before decrypting it. You could use the BINARY() function to do that. Another way, would be to save the BINARY data as encoded Base64 text and decode the Base64 TEXT back into BINARY when you retrieve it for decryption. You could use the CryptoNG helper functions CryptoNG_CryptBinaryToString() and CryptoNG_CryptStringToBinary() to do the Base64 encoding and decoding. If you had been doing any sort of decent @error checking, CryptoNG_DecryptData() would have told you that the data to be decrypted was invalid (not BINARY). 😉 I hope that you understand what I'm trying to say. If not, let me know which parts you don't quite understand and I'll try to explain it differently or provide an example that shows what I mean. Edit: @Golbez In general, the above information is correct. However, in this particular case and given the way that I wrote the decryption functions in CryptoNG, if you pass the TEXT representation of the binary data (i.e. "0x010203") to CryptoNG_DecryptData(), it does convert it to BINARY before trying to decrypt it. It wasn't written that way so one could supply the TEXT representation of the BINARY string, but it just so happens that it will work. So looking a little closer at the way you are storing & retrieving the password, your encryption/decryption should work. I say "should" because I obviously can't run your script and I'm not going to extract & execute the relevant code from it. I guess that's what I get for taking a cursory look at the code. it was working to decrypt and encrypt i think, i tested on other pcs. if you had the correct information aka the correct hardware id it would display the information. if it was the wrong hardware id it would simple just blankout the password box. i wasnt sure if this was ment to be how the encrypt/decrypt worked so i tried to add the binary functions you suggested but it doesnt seem to work lol. expandcollapse popup#Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=Helper.ico #AutoIt3Wrapper_UseX64=y #AutoIt3Wrapper_Res_Fileversion=0.2.3.3 #AutoIt3Wrapper_Res_Fileversion_AutoIncrement=y #AutoIt3Wrapper_Add_Constants=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ---------------------------------------------------------------------------- AutoIt Version: 3.3.16.0 Author: Ray smith Script Function: To log into csi! #ce ---------------------------------------------------------------------------- #include <Sound.au3> #Include "CryptoNG.au3" #include <WinAPIDiag.au3> #include <Constants.au3> #include <WindowsConstants.au3> #include <APIDiagConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> Opt("SendKeyDelay", 6) ;5 milliseconds Opt("WinTitleMatchMode", 1) ;1=start, 2=subStr, 3=exact, 4=advanced, -1 to -4=Nocase Opt("MouseCoordMode", 2) ;1=absolute, 0=relative, 2=client If FileExists(@ScriptDir & "\settings.ini") = 0 Then IniWrite(@ScriptDir & "\settings.ini", "Account", "User", "") IniWrite(@ScriptDir & "\settings.ini", "Account", "Pass", "") IniWrite(@ScriptDir & "\settings.ini", "Account", "Attempts", 0) IniWrite(@ScriptDir & "\settings.ini", "Settings", "Prog", "") IniWrite(@ScriptDir & "\settings.ini", "Settings", "NextLogin", 2000) IniWrite(@ScriptDir & "\settings.ini", "Settings", "MouseSpeed", 0) EndIf Const $SECRET = _WinAPI_UniqueHardwareID($UHID_All) ; The password used to derive the key. Const $SECRET_SALT = _WinAPI_UniqueHardwareID($UHID_All) ; The cryptographic salt to use for key derivation. Const $ITERATIONS = 100 ; Number of hashing iterations. Const $KEY_BIT_LENGTH = $CNG_KEY_BIT_LENGTH_AES_192 ; The key length (in bits) of the derived key. Must be a multiple of 8. Const $ALGORITHM = $CNG_BCRYPT_SHA1_ALGORITHM ; A string specifying the desired algorithm provider. Default is "Microsoft Primitive Provider". Global $iStringFormat = $CNG_CRYPT_STRING_BINARY Global $title = "Sign In", $title2 = "Mongoose", $firstrun = 0, $attempts = 0 , $prog, $sAlgId = $CNG_BCRYPT_AES_ALGORITHM Global $timebeforenextlogin = IniRead(@ScriptDir & "\settings.ini", "Settings", "NextLogin", "2000") Global $mousemovespeed = IniRead(@ScriptDir & "\settings.ini", "Settings", "MouseSpeed", "0") Global $aSound = _SoundOpen(@WindowsDir & "\media\tada.wav"), $delay = 100 Global $vEncryptKey = _CryptoNG_PBKDF2($SECRET, $SECRET_SALT, $ITERATIONS, $KEY_BIT_LENGTH, $ALGORITHM) HotKeySet("{esc}", "terminate") HotKeySet("^+!{HOME}", "getprogname") $Form1 = GUICreate("Form1", 196, 99, 314, 185) $user = GUICtrlCreateInput("", 88, 8, 105, 21) If IniRead(@ScriptDir & "\settings.ini", "account", "user", "") <> "" Then GUICtrlSetData($user, IniRead(@ScriptDir & "\settings.ini", "account","user", "")) EndIf $pass = GUICtrlCreateInput("", 88, 32, 105, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_PASSWORD)) If IniRead(@ScriptDir & "\settings.ini", "account", "pass", "") <> "" Then GUICtrlSetData($pass, _CryptoNG_CryptStringToBinary(_CryptoNG_DecryptData($sAlgId, IniRead(@ScriptDir & "\settings.ini", "account","pass", ""), $vEncryptKey), $iStringFormat)) If GUICtrlRead($pass) = "" Then GUICtrlSetData($user, "") EndIf $Button1 = GUICtrlCreateButton("Login", 16, 64, 75, 25) $Label1 = GUICtrlCreateLabel("User Name", 16, 8, 57, 17) $label2 = GUICtrlCreateLabel("Password", 16, 32, 50, 17) $Label3 = GUICtrlCreateLabel("Attempts:", 104, 64, 48, 17) $Attempt = GUICtrlCreateLabel("", 160, 64, 22, 17) $Label4 = GUICtrlCreateLabel("Previous:", 104, 80, 48, 17) $Previous = GUICtrlCreateLabel("", 160, 80, 22, 17) If IniRead(@ScriptDir & "\settings.ini", "account", "attempts", "") <> "" Then GUICtrlSetData($Previous, IniRead(@ScriptDir & "\settings.ini", "account","attempts", "")) EndIf GUISetState(@SW_SHOW) if @Compiled = 0 Then TraySetIcon(@ScriptDir & "\Helper.ico") GUISetIcon(@ScriptDir & "\Helper.ico") EndIf While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE terminate() Case $Button1 Sleep(1000) If $firstrun = 0 Then If IniRead(@ScriptDir & "\settings.ini", "settings", "prog", "") = "" Then $prog = FileOpenDialog("Program name: ", @ScriptDir, "Applications (*.exe)") Run($prog) Else Run(IniRead(@ScriptDir & "\settings.ini", "settings", "prog", "")) EndIf Sleep($delay) WinWaitActive($title) inputaccount() inputpass() $firstrun = 1 EndIf sleep(2000) entercsifun() EndSwitch WEnd func entercsifun() ; click okay to move to next attempt While WinExists($title) = 1 or WinExists($title2) = 1 If WinExists($title2) = 1 then If Not WinActive($title2) Then WinActivate($title2) Sleep($delay) ControlSend($title2, "", "", "{enter}") EndIf Sleep($delay) inputpass() Sleep($timebeforenextlogin) WEnd _SoundPlay($aSound, 1) MsgBox(0, "Success after " & $attempts & " attempts!!", "You have been logged into csi!", 2.5) terminate() EndFunc Func inputaccount() Sleep($delay) If GUICtrlRead($user) = "" Then Local $userI = InputBox("no user name found", "input user name: ") GUICtrlSetData($user,$userI) EndIf ControlSend($title, "", "", "{tab 6}") Sleep($delay) ControlSend($title, "", "", StringUpper(GUICtrlRead($user))) Sleep($delay) ControlSend($title, "", "", "{tab}") EndFunc Func inputpass() GUICtrlSetData($attempt, $attempts) ControlClick($title, "", "", 'left', 1, 237, 335) Sleep($delay) If GUICtrlRead($pass) = "" Then Local $passI = InputBox("no password found", "input password: ") GUICtrlSetData($pass,$passI) EndIf ControlSend($title, "", "", GUICtrlRead($pass)) Sleep($delay) $attempts += 1 ControlSend($title, "", "", "{enter}") EndFunc Func getprogname() $prog = FileOpenDialog("Program name: ", @ScriptDir, "Applications (*.exe)") MsgBox(0,"",$prog) ClipPut($prog) EndFunc Func terminate() _SoundClose($aSound) IniWrite(@ScriptDir & "\settings.ini", "account", "User", GUICtrlRead($user)) Sleep($delay) IniWrite(@ScriptDir & "\settings.ini", "account", "Pass", _CryptoNG_CryptBinaryToString(_CryptoNG_EncryptData($sAlgId, GUICtrlRead($pass), $vEncryptKey), $iStringFormat)) MsgBox(0,"",_CryptoNG_CryptBinaryToString(_CryptoNG_EncryptData($sAlgId, GUICtrlRead($pass), $vEncryptKey), $iStringFormat)) Sleep($delay) If $attempts = "" Then $attempts = 0 IniWrite(@ScriptDir & "\settings.ini", "account", "Attempts", $attempts) Sleep($delay) IniWrite(@ScriptDir & "\settings.ini", "settings", "Prog", $prog) Sleep($delay) MsgBox(0,"",_CryptoNG_LastErrorMessage()) Exit EndFunc edit: i added: Global $iStringFormat = $CNG_CRYPT_STRING_BINARY GUICtrlSetData($pass, _CryptoNG_CryptStringToBinary(_CryptoNG_DecryptData($sAlgId, IniRead(@ScriptDir & "\settings.ini", "account","pass", ""), $vEncryptKey), $iStringFormat)) IniWrite(@ScriptDir & "\settings.ini", "account", "Pass", _CryptoNG_CryptBinaryToString(_CryptoNG_EncryptData($sAlgId, GUICtrlRead($pass), $vEncryptKey), $iStringFormat)) MsgBox(0,"",_CryptoNG_CryptBinaryToString(_CryptoNG_EncryptData($sAlgId, GUICtrlRead($pass), $vEncryptKey), $iStringFormat)) MsgBox(0,"",_CryptoNG_LastErrorMessage()) Edited May 19, 2022 by Golbez
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now