Sign in to follow this  
Followers 0
moocan

Encrypt a INI file

8 posts in this topic

Hi,

I have a question ...

Is it possible to encrypt a file with autoit and then use it whis another autoit script which can decrypt this file and use paramaters in this file.

I try to have a script which connect to a SQL database ... and my connection parameters are stored in a INI file. Could it be encrypted and decrypted when or before my script call fonction INIRead ?

If yes thanks for the how to !

Thanks by advance

MooCan

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

You have a few options, depending on how much work you are willing to do, and how important it is to keep the file under tough encryption. You could simply have the script manipulate the data entered with a simple exchange of characters or addition of a known number for the ASCII value (example: add 1 for all vaues except 255, where you set it to 0.) You could make this more complex if you need to. This is a low grade encryption.

If you wanted a more secure method of protecting your data, you could look at including a seperate file in your script (see the FileInstall function) and extract it to the script's directory. You could then use this external program to encrypt/ decrypt your ini file. Should you pick this method, be sure that the encrpytion program is fully functional with command line paramaters.

You could also have the script FileInstall a copy of the au3 source, the AutoIt required compiling files, and the ini. After it changes the values, it could re-encrypt itself with a 2nd script (also FileInstalled) and then delete all the temporary files. I'm not sure to what extent the passphrase encryption built in to AutoIt is, but you will probably have a more secure file using the 2nd method I described.

Edited to correct a couple minor typos

Edited by pekster

[font="Optima"]"Standing in the rain, twisted and insane, we are holding onto nothing.Feeling every breath, holding no regrets, we're still looking out for something."[/font]Note: my projects are off-line until I can spend more time to make them compatable with syntax changes.

Share this post


Link to post
Share on other sites

here's an example script i picked up somewhere that can encrypt /decrypt passwords .... maybe it gets you started:

; This example will:
; First part
;  1. prompt for a password
;  2. Encrypt it with a given passcode
;  3. convert each character to its hex notation to be able to save it to an INI file.
;
; Second part:
;  1. prompt for a password to be verified
;  2. Retrieve the saved encrypted Password
;  3. convert each 2 characters Hex value back to an Ascii Character
;  4. Decrypt the saved password
;  5. Match the saved password against the typed password
;  
;
; Define the KEY with which you want to encrypt the password.
$PASSKEY = "PASSWORD"
; prompt for the password which we want to save in the INI file
$PASSWORD=InputBox("Prompt","Type the password to save: ","","*")
; encrypt password and convert all character to Hex notation 
$TEMP = Str2Hex(Crypt($PASSKEY,$PASSWORD))
; Save the password in INI file
IniWrite("crypt.ini","program","password",$TEMP)
;
;
; Now type the password tha we will verify against the saved encrypted password
$PASSWORD=InputBox("Prompt","Type the password to verify with the saved version: ","","*")
; Retrieve saved password
$M_PASSWORD =IniRead("crypt.ini","program","password","")
; change the Hex notation bach to characters and decrypt 
$M_PASSWORD = Crypt($PASSKEY,Hex2Str($M_PASSWORD))
; Check if they have an exact match (==) 
If $M_PASSWORD == $PASSWORD Then
   MsgBox(0,'Ok', "Passwords match.")
Else
   MsgBox(16,'Wrong', "Passwords didn't match.")
EndIf
Exit

Func Crypt($PASS, $STRG)
   $A = 1
   $N_STRG = ""
   For $I = 1 To StringLen($STRG)
      $B = Asc(StringMid($PASS, $A, 1))
      $A = $A + 1
      If $A > StringLen($PASS) Then $A = 1
      $N_STRG = $N_STRG & Chr(BitXOR(Asc(StringMid($STRG, $I, 1)),$B))
   Next
   Return $N_STRG
EndFunc  ;==>Crypt

; convert each character to its HEX value
Func Str2Hex($STRG)
   $H = ""
   For $I = 1 To StringLen($STRG)
      $H = $H & String(Hex(Asc(StringMid($STRG, $I, 1)),2))
   Next
   Return $H
EndFunc  ;==>Str2Hex

; convert each 2 character Hex value back to an Ascii Character
Func Hex2Str($H)
   $STRG = ""
   For $I = 1 To StringLen($H) Step 2
      $STRG = $STRG & Chr(Dec(StringMid($H, $I, 2)))
   Next
   Return $STRG
EndFunc  ;==>Hex2Str

Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

Use Idea to crypt the file.

Use it to decryp... read the .ini... emcrypt again. The encrypt is made on the place so it is sure.

Just avoid NTFS encryption and compression that would force the PC copies the file.

http://www.cypherspace.org/adam/rsa/idea.html

Share this post


Link to post
Share on other sites

Hi,

And thanks to all for your replies.

I will try these this night.

I prefered a fonction that is included in my principal script with no external program because is just to prevent the malicious user to read my INI parameters file with all informations.

I think a simple encrypt fonction is good for me with no user or admin intervention.

I work on a project which all things are fully automated "ZeroTouch".

All I want that the user could not retrieve for example user acccount and password.

But the project operator must be able to change this informations and reencrypt the INI file and share it on a server where the autoit script could grab it, decrypt it and use it (I hope my english is clear for you :D )

Thanks for your help

MooCan

Share this post


Link to post
Share on other sites

If you do not want the end user to be able to get the data, you should not use the Send() function, since a simple keylogger could detect the typed text, thus giving the end user a way around all your encryption. Instead, you should ControlSend the data to the proper control where you want it typed. And even then, it's not foolproof. Someone could theoretically create their own simple GUI that looks like the entry fields for your application (same classname, etc), but then show the password in plaintext.


[font="Optima"]"Standing in the rain, twisted and insane, we are holding onto nothing.Feeling every breath, holding no regrets, we're still looking out for something."[/font]Note: my projects are off-line until I can spend more time to make them compatable with syntax changes.

Share this post


Link to post
Share on other sites

If somebody wanted the password bad enough, it would take them all of 5 minutes to write a hook to catch it going to the control, even with ControlSend.

Share this post


Link to post
Share on other sites

If you wanted a more secure method of protecting your data, you could look at including a seperate file in your script (see the FileInstall function) and extract it to the script's directory. You could then use this external program to encrypt/ decrypt your ini file. Should you pick this method, be sure that the encrpytion program is fully functional with command line paramaters.

<span style='font-size:7pt;line-height:100%'>Edited to correct a couple minor typos</span>

I really like this methiod but I'm seeing it's from 2004 so I'm wondering if theres an updated way to do this and if somene could give me a little more information on this method?

perhaps a good third party encryption file

and how excatly to include it within my script (do i just do #include <encryption.file> ?)

- Acid Corps

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0