Sign in to follow this  
Followers 0
eHrgo

_StringEncrypt [Someone hacked it]

16 posts in this topic

#1 ·  Posted (edited)

Hi all,

Few hours ago, I fucked up, I have a little software (http://rsgetpoints.pureweb.fr) which as a functionality to remind password/username of a website [rapidshare]. Ok, I fucked up, I uploaded the Ini file which contain those 2 informations, those are encrypted with:

_StringEncrypt(1, $pass, 'WhateverKey')

So my ini only contains encrypted password.

Furthermore, those are displayed in an input, the password is hidden with dots.

Few hours after i uploaded it, someone deleted my account, I figured out I uploaded my INi.

How did he do that? Is there any way to read under dots/star in input fields? Is there any way to decrypt the password without the Encrypt key?

Thanks a lot.

Edited by eHrgo

Sorry for my Bad English.

Share this post


Link to post
Share on other sites



Hi all,

Few hours ago, I fucked up, I have a little software (http://rsgetpoints.pureweb.fr) which as a functionality to remind password/username of a website [rapidshare]. Ok, I fucked up, I uploaded the Ini file which contain those 2 informations, those are encrypted with:

_FileEncrypt(1, $pass, 'WhateverKey')

So my ini only contains encrypted password.

Furthermore, those are displayed in an input, the password is hidden with dots.

Few hours after i uploaded it, someone deleted my account, I figured out I uploaded my INi.

How did he do that? Is there any way to read under dots/star in input fields? Is there any way to decrypt the password without the Encrypt key?

Thanks a lot.

There is no '_FileEncrypt' in the standard library's of AutoIt.. :shocked:

Share this post


Link to post
Share on other sites

Hi,

did you upload your exe, too?

So long,

Mega


Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

_stringEncrypt My bad.


Sorry for my Bad English.

Share this post


Link to post
Share on other sites

Yes, He had my exe, but not the source.

He had too the GuiCtrlCreateInput with $ES_PASSWORD [*]. He saw that :

Posted Image

And he had the encrypted password.

I think there is a way to see behind asterisk


Sorry for my Bad English.

Share this post


Link to post
Share on other sites

What if he hacked the exe? :shocked:

So long,

Mega


Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

Can he get the source by hacking an exe?


Sorry for my Bad English.

Share this post


Link to post
Share on other sites

Can he get the source by hacking an exe?

Hi,

yes that what is meant by hacking.

So long,

Mega


Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

Is this guy a pro or is it easy to find a way to do this? Because 4 person downloaded it, and it has been down in 3 hours.


Sorry for my Bad English.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Hi,

it is very easy. Only 2 min work.

Edit: Try it yourself with google...

So long,

Mega

Edited by th.meger

Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

Found... thats sucks, I've been owned.

Edit This shit is working great... And so easy.

Thanks for your help

Edited by eHrgo

Sorry for my Bad English.

Share this post


Link to post
Share on other sites

Found... thats sucks, I've been owned.

Edit This shit is working great... And so easy.

Thanks for your help

Try JdeB's new obfuscator.. He'll never figure it out again. :shocked:

Share this post


Link to post
Share on other sites

Try JdeB's new obfuscator.. He'll never figure it out again. :P

Hi,

next time :( he will be :shocked:

So long,

Mega


Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

Yeah, obfuscation does not make it unhackable.. :shocked:

This is soooo true ..... it only makes it difficult to read but the information is exactly the same....

:(


Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

Yeah, obfuscation does not make it unhackable.. :(

Hi,

my comment wasn't refering to your previous post. I only meant that next time he will be attentive and smart enough to not giving away the exe that easily with such information in it. :shocked:

So long,

Mega


Scripts & functions Organize Includes Let Scite organize the include files

Yahtzee The game "Yahtzee" (Kniffel, DiceLion)

LoginWrapper Secure scripts by adding a query (authentication)

_RunOnlyOnThis UDF Make sure that a script can only be executed on ... (Windows / HD / ...)

Internet-Café Server/Client Application Open CD, Start Browser, Lock remote client, etc.

MultipleFuncsWithOneHotkey Start different funcs by hitting one hotkey different times

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0