Jump to content
Sign in to follow this  
Cyber

equal encrypt function autoit and php

Recommended Posts

Cyber

Hi!

I must encrypt a string in autoit and in php :P

I try yo use rc4 encryption (_StringEncrypt), but I don't found corresponding function for php ;)

you know encrypt function for both language?

thanks!


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
SkinnyWhiteGuy

_StringEncrypt() is "based on" RC4, not the actual RC4 implementation. Here's one version of RC4 for you:

Func rc4($key, $value)
    Local $S[256], $i, $j, $c, $t, $x, $y, $output
    Local $keyLength = BinaryLen($key), $valLength = BinaryLen($value)
    For $i = 0 To 255
        $S[$i] = $i
    Next
    For $i = 0 To 255
        $j = Mod($j + $S[$i] + Dec(StringTrimLeft(BinaryMid($key, Mod($i, $keyLength)+1, 1),2)),256)
        $t = $S[$i]
        $S[$i] = $S[$j]
        $S[$j] = $t
    Next
    For $i = 1 To $valLength
        $x = Mod($x+1,256)
        $y = Mod($S[$x]+$y,256)
        $t = $S[$x]
        $S[$x] = $S[$y]
        $S[$y] = $t
        $j = Mod($S[$x]+$S[$y],256)
        $c = BitXOR(Dec(StringTrimLeft(BinaryMid($value, $i, 1),2)), $S[$j])
        $output = Binary($output) & Binary('0x' & Hex($c,2))
    Next
    Return $output
EndFunc

As for PHP, did some googling (just cause I was curious, normally don't do other people's work for them) and found this at sourceforge: RC4Crypt

Hope that helps, didn't try it yet, but I plan on playing with it.

Share this post


Link to post
Share on other sites
Cyber

FANTASTIC! :P

Thanks!

I try it!


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
Cyber

its ok!!!

THANKS!!

:P

and for encrypt? ;)


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
SkinnyWhiteGuy

It's the same function. RC4 is it's own encrypt/decrypt function, just rerun the results from an operation to see it go back the way it was to begin with. The function above does return a Binary, so to print it to the screen after decrypting, you'll need to send the output through BinaryToString(), but that's just to see the string as a string.

Share this post


Link to post
Share on other sites
SmOke_N

_StringEncrypt() is "based on" RC4, not the actual RC4 implementation. Here's one version of RC4 for you:

Func rc4($key, $value)
    Local $S[256], $i, $j, $c, $t, $x, $y, $output
    Local $keyLength = BinaryLen($key), $valLength = BinaryLen($value)
    For $i = 0 To 255
        $S[$i] = $i
    Next
    For $i = 0 To 255
        $j = Mod($j + $S[$i] + Dec(StringTrimLeft(BinaryMid($key, Mod($i, $keyLength)+1, 1),2)),256)
        $t = $S[$i]
        $S[$i] = $S[$j]
        $S[$j] = $t
    Next
    For $i = 1 To $valLength
        $x = Mod($x+1,256)
        $y = Mod($S[$x]+$y,256)
        $t = $S[$x]
        $S[$x] = $S[$y]
        $S[$y] = $t
        $j = Mod($S[$x]+$S[$y],256)
        $c = BitXOR(Dec(StringTrimLeft(BinaryMid($value, $i, 1),2)), $S[$j])
        $output = Binary($output) & Binary('0x' & Hex($c,2))
    Next
    Return $output
EndFunc

As for PHP, did some googling (just cause I was curious, normally don't do other people's work for them) and found this at sourceforge: RC4Crypt

Hope that helps, didn't try it yet, but I plan on playing with it.

Interesting... http://www.autoitscript.com/forum/index.ph...st&p=316133

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites
PsaltyDS

_StringEncrypt() is "based on" RC4, not the actual RC4 implementation. Here's one version of RC4 for you:

Func rc4($key, $value)
    Local $S[256], $i, $j, $c, $t, $x, $y, $output
    Local $keyLength = BinaryLen($key), $valLength = BinaryLen($value)
    For $i = 0 To 255
        $S[$i] = $i
    Next
    For $i = 0 To 255
        $j = Mod($j + $S[$i] + Dec(StringTrimLeft(BinaryMid($key, Mod($i, $keyLength)+1, 1),2)),256)
        $t = $S[$i]
        $S[$i] = $S[$j]
        $S[$j] = $t
    Next
    For $i = 1 To $valLength
        $x = Mod($x+1,256)
        $y = Mod($S[$x]+$y,256)
        $t = $S[$x]
        $S[$x] = $S[$y]
        $S[$y] = $t
        $j = Mod($S[$x]+$S[$y],256)
        $c = BitXOR(Dec(StringTrimLeft(BinaryMid($value, $i, 1),2)), $S[$j])
        $output = Binary($output) & Binary('0x' & Hex($c,2))
    Next
    Return $output
EndFunc

Thanks again for the nice, clean function!

:P


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
PsaltyDS

@SmOke_N: I don't think that version works, as far as compatible functionality with other standard implementations. It does not reproduce benchmark results. This was my test script:

$sString = "Now is the time for all good men to come to the aid of their country."
$sKeyPhrase = "This is my key phrase."
$sCrypt = _RC4EncDec($sString, $sKeyPhrase)
ConsoleWrite("Debug: $sCrypt = " & $sCrypt & @LF)
$sString = _RC4EncDec($sCrypt, $sKeyPhrase)
ConsoleWrite("Debug: $sString = " & BinaryToString($sString) & @LF)

#cs
    Test code vectors from Wikipedia:  http://en.wikipedia.org/wiki/_RC4EncDec
    _RC4EncDec( "Key", "Plaintext" ) == BBF316E8D940AF0AD3
    _RC4EncDec( "Wiki", "pedia" ) == 1021BF0420
    _RC4EncDec( "Secret", "Attack at dawn" ) == 45A01F645FC35B383552544B9BF5
#ce

ConsoleWrite('Debug: "Key"/"Plaintext" = ' & _RC4EncDec("Plaintext", "Key") & @LF)
ConsoleWrite('Debug: "Wiki"/"pedia" = ' & _RC4EncDec("pedia", "Wiki") & @LF)
ConsoleWrite('Debug: "Secret"/"Attack at dawn" = ' & _RC4EncDec("Attack at dawn", "Secret") & @LF)

; -------------------------------------------------------
; Function:  _RC4EncDec
; Purpose:  An encryption/decryption _RC4EncDec implementation in AutoIt
; Syntax:  _RC4EncDec($sData, $sKey)
;   Where:  $sData = value to be encrypted/decrypted
;           $sKey = encrypt/decrypt key
; On success returns encrypted/decrypted version of $sData
; Author:  SmOke_N on the AutoIt forums at www.autoitscript.com/forum
; Notes:  The same function encrypts and decrypts $value.
; -------------------------------------------------------
Func _RC4EncDec($sData, $sKey)
    If $sData = '' Or $sKey = '' Then Return ''
    Local $aState[256], $nKeyLength = StringLen($sKey), $nDataLength = StringLen($sData)
    Local $sMid, $iIndex, $xCC = 0, $yCC = 0, $sResult = '', $sSwap
    For $iCC = 0 To 255
        $aState[$iCC] = $iCC
    Next
    For $iCC = 0 To 255
        $sMid = StringMid($sKey, Mod($iCC, $nKeyLength) + 1, 1)
        $iIndex = Mod(Asc($sMid) + $aState[$iCC] + $iIndex, 256)
        $sSwap = $aState[$iCC]
        $aState[$iCC] = $aState[$iIndex]
        $aState[$iIndex] = $sSwap
    Next
    For $iCC = 1 To $nDataLength
        $xCC = Mod($xCC + 1, 256)
        $yCC = Mod($aState[$xCC] + $yCC, 256)
        $sSwap = $aState[$xCC]
        $aState[$xCC] = $aState[$yCC]
        $aState[$yCC] = $sSwap
        $iIndex = Mod($aState[$xCC] + $aState[$yCC], 256)
        $sMid = BitXOR(Asc(StringMid($sData, $iCC, 1)), $aState[$iIndex])
        $sResult &= Chr($sMid)
    Next
    Return SetError(@error, @extended, $sResult)
EndFunc

Output:

Debug: $sCrypt = jÒÚ¸Nqâ¢I×aïºS#bT H
Debug: $sString = Now is the time for all good men to come to the aid of their country.
Debug: "Key"/"Plaintext" = »óèÙ@¯Ó
Debug: "Wiki"/"pedia" = !¿ 
Debug: "Secret"/"Attack at dawn" = E d_Ã[85RTKõ

:P


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
SmOke_N

@SmOke_N: I don't think that version works, as far as compatible functionality with other standard implementations. It does not reproduce benchmark results. This was my test script:

$sString = "Now is the time for all good men to come to the aid of their country."
$sKeyPhrase = "This is my key phrase."
$sCrypt = _RC4EncDec($sString, $sKeyPhrase)
ConsoleWrite("Debug: $sCrypt = " & $sCrypt & @LF)
$sString = _RC4EncDec($sCrypt, $sKeyPhrase)
ConsoleWrite("Debug: $sString = " & BinaryToString($sString) & @LF)

#cs
    Test code vectors from Wikipedia:  http://en.wikipedia.org/wiki/_RC4EncDec
    _RC4EncDec( "Key", "Plaintext" ) == BBF316E8D940AF0AD3
    _RC4EncDec( "Wiki", "pedia" ) == 1021BF0420
    _RC4EncDec( "Secret", "Attack at dawn" ) == 45A01F645FC35B383552544B9BF5
#ce

ConsoleWrite('Debug: "Key"/"Plaintext" = ' & _RC4EncDec("Plaintext", "Key") & @LF)
ConsoleWrite('Debug: "Wiki"/"pedia" = ' & _RC4EncDec("pedia", "Wiki") & @LF)
ConsoleWrite('Debug: "Secret"/"Attack at dawn" = ' & _RC4EncDec("Attack at dawn", "Secret") & @LF)

; -------------------------------------------------------
; Function:  _RC4EncDec
; Purpose:  An encryption/decryption _RC4EncDec implementation in AutoIt
; Syntax:  _RC4EncDec($sData, $sKey)
;   Where:  $sData = value to be encrypted/decrypted
;           $sKey = encrypt/decrypt key
; On success returns encrypted/decrypted version of $sData
; Author:  SmOke_N on the AutoIt forums at www.autoitscript.com/forum
; Notes:  The same function encrypts and decrypts $value.
; -------------------------------------------------------
Func _RC4EncDec($sData, $sKey)
    If $sData = '' Or $sKey = '' Then Return ''
    Local $aState[256], $nKeyLength = StringLen($sKey), $nDataLength = StringLen($sData)
    Local $sMid, $iIndex, $xCC = 0, $yCC = 0, $sResult = '', $sSwap
    For $iCC = 0 To 255
        $aState[$iCC] = $iCC
    Next
    For $iCC = 0 To 255
        $sMid = StringMid($sKey, Mod($iCC, $nKeyLength) + 1, 1)
        $iIndex = Mod(Asc($sMid) + $aState[$iCC] + $iIndex, 256)
        $sSwap = $aState[$iCC]
        $aState[$iCC] = $aState[$iIndex]
        $aState[$iIndex] = $sSwap
    Next
    For $iCC = 1 To $nDataLength
        $xCC = Mod($xCC + 1, 256)
        $yCC = Mod($aState[$xCC] + $yCC, 256)
        $sSwap = $aState[$xCC]
        $aState[$xCC] = $aState[$yCC]
        $aState[$yCC] = $sSwap
        $iIndex = Mod($aState[$xCC] + $aState[$yCC], 256)
        $sMid = BitXOR(Asc(StringMid($sData, $iCC, 1)), $aState[$iIndex])
        $sResult &= Chr($sMid)
    Next
    Return SetError(@error, @extended, $sResult)
EndFuncoÝ÷ Øë­¦ë¡×y» çÍ7êÀ«Ê

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites
PsaltyDS

Ummm... mine doesn't return a binary or hex... it returns the actual string... maybe take a look at the comparison if you change it to fit the test you gave it:

Very true, and it's nicely done, but that makes it a string-only function (without external conversion), which makes it inherently incompatible with other "standard" implementations of RC4. All the examples you find for PHP, Perl, etc. are binary streams. The implementation posted by SkinnyWhiteGuy deals in binaries (BinLen(), BinMid(), etc.).

Making yours string-based makes it like the existing _StringEncrypt() UDF, but not "standard" RC4.

Since the OP was about a standard implementation in AutoIt that would match data with a PHP implementation, SkinnyWhiteGuy's version meets the specs.

:P

Edited by PsaltyDS

Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
SmOke_N

Since the OP was about a standard implementation in AutoIt that would match data with a PHP implementation, SkinnyWhiteGuy's version meets the specs.

:P

If you note, I wasn't talking to the OP... I was showing how interesting it was that he took an approach I made (that I hadn't seen until I made it) before.

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites
Cyber

FANTASTIC!

THANKS!!!

:P


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
Cyber

why not? :P

$sString = "Now is the time for all good men to come to the aid of their country."

$sKey = "This is my key phrase."

$sCrypt = rc4($sKey, $sString)

$sString = rc4($sKey, $sCrypt)

STRING: BinaryToString($sString)

$bh = StringToBinary($sString)

$reString = rc4($sKey, $bh)

Why $reString <> $sString? ;)


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
PsaltyDS

why not? ;)

$sString = "Now is the time for all good men to come to the aid of their country."

$sKey = "This is my key phrase."

$sCrypt = rc4($sKey, $sString)

$sString = rc4($sKey, $sCrypt)

STRING: BinaryToString($sString)

$bh = StringToBinary($sString)

$reString = rc4($sKey, $bh)

Why $reString <> $sString? :)

Did you really put "STRING: " in your code?

If not, where exactly is the problem? This seems to work fine:

$sString = "Now is the time for all good men to come to the aid of their country." ; plain string
$sKey = "This is my key phrase."
$sCrypt = rc4($sKey, $sString) ; encrypted binary
ConsoleWrite("Debug: $sCrypt = " & $sCrypt & @LF)
$sString = rc4($sKey, $sCrypt) ; decrypted binary
ConsoleWrite("Debug: $sString = " & $sString & @LF)
$sString = BinaryToString($sString) ; plain string
ConsoleWrite("Debug: $sString = " & $sString & @LF)
$bh = StringToBinary($sString) ; plain binary
ConsoleWrite("Debug: $bh = " & $bh & @LF)
$reString = rc4($sKey, $bh) ; encrypted binary
ConsoleWrite("Debug: $reString = " & $reString & @LF)
$reString = rc4($sKey, $reString) ; decrypted binary
ConsoleWrite("Debug: $reString = " & $reString & @LF)
$reString = BinaryToString($reString) ; plain string
ConsoleWrite("Debug: $reString = " & $reString & @LF)


; -------------------------------------------------------
; Function:  rc4
; Purpose:  An encryption/decryption RC4 implementation in AutoIt
; Syntax:  rc4($key, $value)
;   Where:  $key = encrypt/decrypt key
;       $value = value to be encrypted/decrypted
; On success returns encrypted/decrypted version of $value
; Author:  SkinnyWhiteGuy on the AutoIt forums at www.autoitscript.com/forum
; Notes:  The same function encrypts and decrypts $value.
; -------------------------------------------------------
Func rc4($key, $value)
    Local $S[256], $i, $j, $c, $t, $x, $y, $output
    Local $keyLength = BinaryLen($key), $valLength = BinaryLen($value)
    For $i = 0 To 255
        $S[$i] = $i
    Next
    For $i = 0 To 255
        $j = Mod($j + $S[$i] + Dec(StringTrimLeft(BinaryMid($key, Mod($i, $keyLength) + 1, 1), 2)), 256)
        $t = $S[$i]
        $S[$i] = $S[$j]
        $S[$j] = $t
    Next
    For $i = 1 To $valLength
        $x = Mod($x + 1, 256)
        $y = Mod($S[$x] + $y, 256)
        $t = $S[$x]
        $S[$x] = $S[$y]
        $S[$y] = $t
        $j = Mod($S[$x] + $S[$y], 256)
        $c = BitXOR(Dec(StringTrimLeft(BinaryMid($value, $i, 1), 2)), $S[$j])
        $output = Binary($output) & Binary('0x' & Hex($c, 2))
    Next
    Return $output
EndFunc   ;==>rc4

:P


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
SkinnyWhiteGuy

That is very interesting, I just took what I found on Wikipedia, and put in in AutoIt code. I had never seen your version of it before SmOke_N. If I had, I'd have saved myself some trouble and just swapped the parts in it from String() to Binary() stuff. Main reason I do that is to avoid any troubles with the end result returning something that has a Chr(0) in the middle of it, which would throw off storing/retrieving all the resulting encryption. I had that problem before with AES, so I just avoid it from now on by dealing with Binaries as much as possible. Not to mention you can pass in either a string or a binary, and it will work on either one just fine.

Share this post


Link to post
Share on other sites
Cyber

AUTOIT PAGE:

ConsoleWrite("Debug: $sString = " & $sString & @LF)

$bh = StringToBinary($sString) ; plain binary

ConsoleWrite("Debug: $bh = " & $bh & @LF)

$reString = rc4($sKey, $bh) ; encrypted binary

ConsoleWrite("Debug: $reString = " & $reString & @LF)

SEND TO PHP PAGE

PHP PAGE:

$reString = rc4($sKey, $reString) ; decrypted binary

ConsoleWrite("Debug: $reString = " & $reString & @LF)

$reString = BinaryToString($reString) ; plain string

ConsoleWrite("Debug: $reString = " & $reString & @LF)

correct?

Why i can integrate binary in rc4 function? :P

Thanks bear with me ;)


Console Browse: Navigate on the WEB in a textual consoleMultiPing!: Show computer on the lan and/or show the local/remote task, ALL animated!KillaWin: Event executingCryptPage: Crypt your webpage and show only with key

Share this post


Link to post
Share on other sites
PsaltyDS

AUTOIT PAGE:

ConsoleWrite("Debug: $sString = " & $sString & @LF)

$bh = StringToBinary($sString) ; plain binary

ConsoleWrite("Debug: $bh = " & $bh & @LF)

$reString = rc4($sKey, $bh) ; encrypted binary

ConsoleWrite("Debug: $reString = " & $reString & @LF)

SEND TO PHP PAGE

PHP PAGE:

$reString = rc4($sKey, $reString) ; decrypted binary

ConsoleWrite("Debug: $reString = " & $reString & @LF)

$reString = BinaryToString($reString) ; plain string

ConsoleWrite("Debug: $reString = " & $reString & @LF)

correct?

Why i can integrate binary in rc4 function? ;)

Thanks bear with me :)

I'm not absolutely sure what you're asking here. But PHP probably does variable typing differently than AutoIt (where everything is a 'Variant'). When you take something in AutoIt, pass it to PHP, then get stuff from PHP back to AutoIt, there are some opportunities for variable types to get mixed.

Just a guess, as I have no PHP page to test with...

:P


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
PsaltyDS

If you have time for help me :P

http://www.colcyber.com/macro/rc4/rc4test.php?pwd=[password]&data=[string]

Thanks :)

I ran ?pwd=Test&data=Testing and got:

Original Data : Testing

Encrypted Data (using Hex Key) : edea724dc24c60

Decrypted Data (using Hex Key) : Testing

Encrypted Data (using Key as is) : 2e0b3e3c2b5569

Decrypted Data (using Key as is) : Testing

Now, being displayed on a web page means the encrypted binary data are being converted to strings, of course.

;)


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
LWC

Please let me ask a question with the same subject:

$secret=_StringEncrypt(1, $input, $pass))
$url="http://whatever/decrypt.php?code=" & $secret
$content=BinaryToString(InetRead($url))

What do I put in decrypt.php (assuming it too knows the $pass) to decrypt the code in PHP?

Yes, I can use

$url="http://whatever/decrypt.php?code=" & _StringEncrypt(0, $secret, $pass)

But that means transmitting the code in open space.

Thanks!

Edited by LWC

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×