kemo1987 Posted August 10, 2023 Share Posted August 10, 2023 Hello i try to do some kind of security for my script so i test this code bellow and it works fine to get pc mac address and search it in my website if exit then continue running. but for now it all show in plain text with some search i encrypt mac address on php page but i tried to decrypt it on my script but no luck i want to decrypt the website content before searching for mac and i was planning to use code obfuscator is there any free or open source version ? Thanks in advance expandcollapse popup#include <Array.au3> #include <String.au3> #include <Inet.au3> #include <MsgBoxConstants.au3> #include <Constants.au3> $IP_Address = @IPAddress1 $MAC_Address = GET_MAC($IP_Address) Func GET_MAC($_MACsIP) Local $_MAC,$_MACSize Local $_MACi,$_MACs,$_MACr,$_MACiIP $_MAC = DllStructCreate("byte[6]") $_MACSize = DllStructCreate("int") DllStructSetData($_MACSize,1,6) $_MACr = DllCall ("Ws2_32.dll", "int", "inet_addr", "str", $_MACsIP) $_MACiIP = $_MACr[0] $_MACr = DllCall ("iphlpapi.dll", "int", "SendARP", "int", $_MACiIP, "int", 0, "ptr", DllStructGetPtr($_MAC), "ptr", DllStructGetPtr($_MACSize)) $_MACs = "" For $_MACi = 0 To 5 If $_MACi Then $_MACs = $_MACs & ":" $_MACs = $_MACs & Hex(DllStructGetData($_MAC,1,$_MACi+1),2) Next DllClose($_MAC) DllClose($_MACSize) Return $_MACs EndFunc ; The URL of the web page Local $sUrl = "http://www.Test.com/mac.php" ; Get the source code of the web page Local $sSource = _INetGetSource($sUrl) If StringInStr($sSource, $MAC_Address) Then MsgBox(0, $MAC_Address, "Found "&$MAC_Address) ; ;Do some tasks Else MsgBox(0, $MAC_Address, "Not Found "&$MAC_Address) EndIf <?php function encrypt($data, $key) { $method = 'aes-256-cbc'; $ivSize = openssl_cipher_iv_length($method); $iv = openssl_random_pseudo_bytes($ivSize); $encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv); $encryptedData = base64_encode($iv . $encrypted); return $encryptedData; } // Content to be encrypted $content = "00:5F:99:41:C3:00"; // Encryption key $encryptionKey = "test12345678"; $encryptedContent = encrypt($content, $encryptionKey); echo $encryptedContent; ?> Link to comment Share on other sites More sharing options...
Andreik Posted August 10, 2023 Share Posted August 10, 2023 Have a look here. kemo1987 1 When the words fail... music speaks. Link to comment Share on other sites More sharing options...
TheXman Posted August 10, 2023 Share Posted August 10, 2023 1 hour ago, kemo1987 said: but i tried to decrypt it on my script but no luck If you can you provide an encrypted message that was generated by the PHP routine that you posted, I will show you an example of how to decrypt it. kemo1987 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
kemo1987 Posted August 10, 2023 Author Share Posted August 10, 2023 1 hour ago, TheXman said: If you can you provide an encrypted message that was generated by the PHP routine that you posted, I will show you an example of how to decrypt it. here is the result Viah/Gz3hotsXtll2d1eSrXv3cT70QyuMizS5HBsxV9PgjgsLSA8UHL1AAkHtuJN php code <?php function encrypt($data, $key) { $method = 'aes-256-cbc'; $ivSize = openssl_cipher_iv_length($method); $iv = openssl_random_pseudo_bytes($ivSize); $encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv); $encryptedData = base64_encode($iv . $encrypted); return $encryptedData; } // Content to be encrypted $content = "00:5F:99:41:C3:00"; // Encryption key $encryptionKey = "Test12345678@A"; $encryptedContent = encrypt($content, $encryptionKey); echo $encryptedContent; ?> Link to comment Share on other sites More sharing options...
Solution TheXman Posted August 10, 2023 Solution Share Posted August 10, 2023 (edited) expandcollapse popup#AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include "CryptoNG\CryptoNG.au3" #include <String.au3> aes_256_cbc_decrypt_example() Func aes_256_cbc_decrypt_example() Const $ENC_BASE64_MESSAGE = "Viah/Gz3hotsXtll2d1eSrXv3cT70QyuMizS5HBsxV9PgjgsLSA8UHL1AAkHtuJN", _ $PASSPHRASE = "Test12345678@A" Local $sDecryptedMessage = "" Local $vEncryptKey = "" Local $xFullEncryptedMessage = Binary(""), _ $xEncryptedMessage = Binary(""), _ $xIV = Binary("") ;Pad/Truncate 32 byte (256 bit) key to be compatible with PHP's openssl_encrypt() function. ;- https://www.php.net/manual/en/function.openssl-encrypt.php Select Case BinaryLen($PASSPHRASE) < 32 $vEncryptKey = Binary($PASSPHRASE & _StringRepeat(Chr(0), 32 - BinaryLen($PASSPHRASE))) Case BinaryLen($PASSPHRASE) > 32 $vEncryptKey = BinaryMid($PASSPHRASE, 1, 32) Case Else $vEncryptKey = Binary($PASSPHRASE) EndSelect ;Convert encrypted message from base64 to binary $xFullEncryptedMessage = _CryptoNG_CryptStringToBinary($ENC_BASE64_MESSAGE, $CNG_CRYPT_STRING_BASE64) If @error Then Exit MsgBox($MB_ICONERROR, "_CryptoNG_CryptStringToBinary() Error", _CryptoNG_LastErrorMessage()) ;Parse out IV and encrypted message from full encrypted message $xIV = BinaryMid($xFullEncryptedMessage, 1, 16) $xEncryptedMessage = BinaryMid($xFullEncryptedMessage, 17) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $vEncryptKey, $xIV) If @error Then Exit MsgBox($MB_ICONERROR, "_CryptoNG_AES_CBC_DecryptData() Error", _CryptoNG_LastErrorMessage()) ;Display results ConsoleWrite(@CRLF) ConsoleWrite("CryptoNG UDF v" & _CryptoNG_Version() & @CRLF & @CRLF) ConsoleWrite("Full encrypted message (Base64) = " & $ENC_BASE64_MESSAGE & @CRLF) ConsoleWrite("Full encrypted message (Binary) = " & $xFullEncryptedMessage & @CRLF & @CRLF) ConsoleWrite("Initialization Vector (Binary) = " & $xIV & @CRLF) ConsoleWrite("Encrypted message (Binary) = " & $xEncryptedMessage & @CRLF & @CRLF) ConsoleWrite("Passphrase = " & $PASSPHRASE & @CRLF) ConsoleWrite("Encryption Key (Binary) = " & $vEncryptKey & @CRLF & @CRLF) ConsoleWrite("Decrypted Message = " & $sDecryptedMessage & @CRLF) EndFunc Console output: CryptoNG UDF v2.1.0 Full encrypted message (Base64) = Viah/Gz3hotsXtll2d1eSrXv3cT70QyuMizS5HBsxV9PgjgsLSA8UHL1AAkHtuJN Full encrypted message (Binary) = 0x5626A1FC6CF7868B6C5ED965D9DD5E4AB5EFDDC4FBD10CAE322CD2E4706CC55F4F82382C2D203C5072F5000907B6E24D Initialization Vector (Binary) = 0x5626A1FC6CF7868B6C5ED965D9DD5E4A Encrypted message (Binary) = 0xB5EFDDC4FBD10CAE322CD2E4706CC55F4F82382C2D203C5072F5000907B6E24D Passphrase = Test12345678@A Encryption Key (Binary) = 0x5465737431323334353637384041000000000000000000000000000000000000 Decrypted Message = 00:5F:99:41:C3:00 If you have any questions about the example script, feel free to ask. Edited August 12, 2023 by TheXman Replaced the hard-coded padding of the key with dynamic padding/truncation logic that matches the openssl_encrypt() functionality. kemo1987 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
kemo1987 Posted August 10, 2023 Author Share Posted August 10, 2023 1 hour ago, TheXman said: expandcollapse popup#AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include <Constants.au3> #include "CryptoNG\CryptoNG.au3" #include <String.au3> aes_cbc_decrypt_example() ;========================================================================== ; ;========================================================================== Func aes_cbc_decrypt_example() Const $ENC_BASE64_MESSAGE = "Viah/Gz3hotsXtll2d1eSrXv3cT70QyuMizS5HBsxV9PgjgsLSA8UHL1AAkHtuJN", _ $SECRET = "Test12345678@A" Local $sDecryptedMessage = "" Local $vEncryptKey = "" Local $xFullEncryptedMessage = Binary(""), _ $xEncryptedMessage = Binary(""), _ $xIV = Binary("") ;Pad short key with null characters to be compatible with PHP's openssl_encrypt() function $vEncryptKey = Binary($SECRET & _StringRepeat(Chr(0), 18)) ;Convert encrypted message from base64 to binary $xFullEncryptedMessage = _CryptoNG_CryptStringToBinary($ENC_BASE64_MESSAGE, $CNG_CRYPT_STRING_BASE64) If @error Then ConsoleWrite("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Return False EndIf ;Parse out IV and encrypted message from full encrypted message $xIV = BinaryMid($xFullEncryptedMessage, 1, 16) $xEncryptedMessage = BinaryMid($xFullEncryptedMessage, 17) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $vEncryptKey, $xIV) If @error Then ConsoleWrite("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Return False EndIf ;Display results ConsoleWrite(@CRLF) ConsoleWrite("CryptoNG UDF v" & _CryptoNG_Version() & @CRLF & @CRLF) ConsoleWrite("Full encrypted message (Base64) = " & $ENC_BASE64_MESSAGE & @CRLF) ConsoleWrite("Full encrypted message (Binary) = " & $xFullEncryptedMessage & @CRLF & @CRLF) ConsoleWrite("Initialization Vector = " & $xIV & @CRLF) ConsoleWrite("Encrypted message (Binary) = " & $xEncryptedMessage & @CRLF & @CRLF) ConsoleWrite("Secret = " & $SECRET & @CRLF) ConsoleWrite("Encryption Key = " & $vEncryptKey & @CRLF & @CRLF) ConsoleWrite("Decrypted Message = " & $sDecryptedMessage & @CRLF) EndFunc Console output: CryptoNG UDF v2.1.0 Full encrypted message (Base64) = Viah/Gz3hotsXtll2d1eSrXv3cT70QyuMizS5HBsxV9PgjgsLSA8UHL1AAkHtuJN Full encrypted message (Binary) = 0x5626A1FC6CF7868B6C5ED965D9DD5E4AB5EFDDC4FBD10CAE322CD2E4706CC55F4F82382C2D203C5072F5000907B6E24D Initialization Vector = 0x5626A1FC6CF7868B6C5ED965D9DD5E4A Encrypted message (Binary) = 0xB5EFDDC4FBD10CAE322CD2E4706CC55F4F82382C2D203C5072F5000907B6E24D Secret = Test12345678@A Encryption Key = 0x5465737431323334353637384041000000000000000000000000000000000000 Decrypted Message = 00:5F:99:41:C3:00 If you have any questions about the example script, feel free to ask. Thank you for all this work it works very nice Here is the full script expandcollapse popup;-------------------------------------------------------------------------------------- #AutoIt3Wrapper_AU3Check_Parameters=-w 3 -w 4 -w 5 -w 6 -d #include "encryption\AutoIt\CryptoNG.au3" #include <String.au3> #include <Array.au3> #include <String.au3> #include <Inet.au3> #include <MsgBoxConstants.au3> #include <Constants.au3> $IP_Address = @IPAddress1 $MAC_Address = GET_MAC($IP_Address) Func GET_MAC($_MACsIP) Local $_MAC,$_MACSize Local $_MACi,$_MACs,$_MACr,$_MACiIP $_MAC = DllStructCreate("byte[6]") $_MACSize = DllStructCreate("int") DllStructSetData($_MACSize,1,6) $_MACr = DllCall ("Ws2_32.dll", "int", "inet_addr", "str", $_MACsIP) $_MACiIP = $_MACr[0] $_MACr = DllCall ("iphlpapi.dll", "int", "SendARP", "int", $_MACiIP, "int", 0, "ptr", DllStructGetPtr($_MAC), "ptr", DllStructGetPtr($_MACSize)) $_MACs = "" For $_MACi = 0 To 5 If $_MACi Then $_MACs = $_MACs & ":" $_MACs = $_MACs & Hex(DllStructGetData($_MAC,1,$_MACi+1),2) Next DllClose($_MAC) DllClose($_MACSize) Return $_MACs EndFunc ; The URL of the web page Local $sUrl = "http://www.test.com/mac.php" ; Get the source code of the web page Local $sSource = _INetGetSource($sUrl) aes_cbc_decrypt_example() ;================================================= Func aes_cbc_decrypt_example() Const $ENC_BASE64_MESSAGE = $sSource, _ $SECRET = "Test12345678@A" Local $sDecryptedMessage = "" Local $vEncryptKey = "" Local $xFullEncryptedMessage = Binary(""), _ $xEncryptedMessage = Binary(""), _ $xIV = Binary("") ;Pad short key with null characters to be compatible with PHP's openssl_encrypt() function $vEncryptKey = Binary($SECRET & _StringRepeat(Chr(0), 18)) ;Convert encrypted message from base64 to binary $xFullEncryptedMessage = _CryptoNG_CryptStringToBinary($ENC_BASE64_MESSAGE, $CNG_CRYPT_STRING_BASE64) If @error Then ConsoleWrite("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Return False EndIf ;Parse out IV and encrypted message from full encrypted message $xIV = BinaryMid($xFullEncryptedMessage, 1, 16) $xEncryptedMessage = BinaryMid($xFullEncryptedMessage, 17) ;Decrypt encrypted message $sDecryptedMessage = _CryptoNG_AES_CBC_DecryptData($xEncryptedMessage, $vEncryptKey, $xIV) If @error Then ConsoleWrite("ERROR: " & _CryptoNG_LastErrorMessage() & @CRLF) Return False EndIf Global $pagecontent = $sDecryptedMessage EndFunc If StringInStr($pagecontent, $MAC_Address) Then MsgBox(0, $MAC_Address, "Found "&$MAC_Address) ; ;Do some tasks Else MsgBox(0, $MAC_Address, "Not Found "&$MAC_Address) EndIf TheXman 1 Link to comment Share on other sites More sharing options...
TheXman Posted August 10, 2023 Share Posted August 10, 2023 You're welcome! kemo1987 1 CryptoNG UDF: Cryptography API: Next Gen jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script About Me How To Ask Good Questions On Technical And Scientific Forums (Detailed) | How to Ask Good Technical Questions (Brief) "Any fool can know. The point is to understand." -Albert Einstein "If you think you're a big fish, it's probably because you only swim in small ponds." ~TheXman Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now