_stingencrypt not working right?

[Mintz]

I'm having a problem with the string encrypt function.

In the following code, the string encrypt is working fine for $adminpass but for some reason its not working for the users.

$superpass = "Superpass"
$adminpassDE = _StringEncrypt(0,$adminpass,$Superpass, 2)

    $Nameread = GUICtrlRead($uname)
    $passread = GUICtrlRead($Pass)
    Case $msg = $ok and $Nameread = $admin and $passread =  $adminpassDE
        Case $msg = $ok and $Nameread = $name1 and $passread = _StringEncrypt(0,$pssw1,$adminpassDE,2)

Here is the full code. I know there are many flaws, but this is the one i cant solve at the moment. Thanks in advance!

expandcollapse popup

#cs ----------------------------------------------------------------------------

 AutoIt Version: 3.2.10.0
 Author:         myName

 Script Function:
    Template AutoIt script.

#ce ----------------------------------------------------------------------------

; Script Start - Add your code below here
$checkfiles = FileExists("C:\Program Files\Mintz\User1.ini")
if $checkfiles = 0 Then
    $installbegin = MsgBox(1, "Install","Installing Nessesary Files", 5)
    if $installbegin = 2 Then
        Exit    
    EndIf
DirCreate("C:\Program Files\Mintz")
FileInstall("C:\Program Files\Mintz\user1.ini", "C:\Program Files\Mintz\user1.ini")
FileInstall("C:\Program Files\Mintz\user2.ini", "C:\Program Files\Mintz\user2.ini")
FileInstall("C:\Program Files\Mintz\user3.ini", "C:\Program Files\Mintz\user3.ini")
FileInstall("C:\Program Files\Mintz\user4.ini", "C:\Program Files\Mintz\user4.ini")
FileInstall("C:\Program Files\Mintz\admin.ini", "C:\Program Files\Mintz\admin.ini")
EndIf

#include<GUIConstants.au3>
#include<File.au3>
#include<string.au3>
#include"C:\Program Files\Mintz\user1.ini"
#include"C:\Program Files\Mintz\user2.ini"
#include"C:\Program Files\Mintz\user3.ini"
#include"C:\Program Files\Mintz\user4.ini"
#include"C:\Program Files\Mintz\admin.ini"
;------------------------------------------------------
$login = GUICreate("Login", 200, 200)
$Ok = GUICtrlCreateButton("OK", 0, 150, 60)
$New = GUICtrlCreateButton("Sign up",140 ,150, 60)
$cancel = GUICtrlCreateButton("Cancel", 70, 150, 60)
$Uname = GUICtrlCreateEdit("", 20, 30, 150, 20, $ES_NOHIDESEL)
$Pass = GUICtrlCreateInput("", 20, 60, 150, 20, $ES_PASSWORD)
;------------------------------------------------------
$singup = GUICreate("Sign Up", 200, 200)
$S_Ok = GUICtrlCreateButton("OK", 10, 150, 60)
$S_cancel = GUICtrlCreateButton("Cancel", 80, 150, 60)
$S_Uname = GUICtrlCreateEdit("", 20, 30, 150, 20, $ES_NOHIDESEL)
$S_Pass = GUICtrlCreateInput("", 20, 60, 150, 20, $ES_PASSWORD)
$S_Pass2 = GUICtrlCreateInput("", 20, 90, 150, 20, $ES_PASSWORD)
;-------------------------------------------------------
$superpass = "superpass"
$adminpassDE = _StringEncrypt(0,$adminpass,$Superpass, 2)
GUISetState(@SW_SHOW, $login)
While 1
    $msg = GUIGetMsg()
    $Nameread = GUICtrlRead($uname)
    $passread = GUICtrlRead($Pass)
    Select
    Case $msg = $ok and $Nameread = $admin and $passread =  $adminpassDE
        MsgBox(0, "Admin", "Logged on as Admin")
        $log = 0
    case $msg = $ok and $Nameread = $name1 and $passread = _StringEncrypt(0,$pssw1,$adminpassDE,2)
        MsgBox(0, "Loged on", "Loged on as " & $name1)
        $log = 1
    case $msg = $ok and $Nameread = $name2 and $passread = _StringEncrypt(0,$pssw2,$adminpassDE,2)
        MsgBox(0, "Loged on", "Loged on as " & $name2)
        $log = 2
    case $msg = $ok and $Nameread = $name3 and $passread = _StringEncrypt(0,$pssw3,$adminpassDE,2)
        MsgBox(0, "Loged on", "Loged on as " & $name3)
        $log = 3
    case $msg = $ok and $Nameread = $name4 and $passread = _StringEncrypt(0,$pssw4,$adminpassDE,2)
        MsgBox(0, "Loged on", "Loged on as " & $name4)
        $log = 4
        
    case $msg = $new 
        GUISetState(@SW_DISABLE,$login)
        GUISetState(@SW_Show,$singup)
    case $msg = $S_OK
        $tname = GUICtrlRead($S_Uname)
        $tpass1 = GUICtrlRead($S_pass)
        $tpass2 = GUICtrlRead($S_pass2)
        if $tpass1 = $tpass2 Then
            $sure = MsgBox(4, "Sign up", "Are you sure?" & @lf _
            & $tname)
            if $sure = 7 then
                Exit
            else
                if $name4 <> "name4" Then
                    MsgBox(0, "Error", "there is no more room for any more users")
                EndIf
                Select
                case $name1 = "Name1"
                    $Userfile1 = FileOpen("C:\Program files\Mintz\User1.ini", 2)
                    $encrpt1 = _StringEncrypt(1, $tpass1, $adminpass, 2)
                    FileWrite($Userfile1,'$name1 = "' & $tname & '"' & @CRLF)
                    FileWriteLine($Userfile1,'$pssw1 = "'&$encrpt1&'"')
                case $name2 = "Name2"
                    $Userfile2 = FileOpen("C:\Program files\Mintz\User1.ini", 2)
                    $encrpt2 = _StringEncrypt(1, $tpass1, $adminpass, 2)
                    FileWrite($Userfile2,'$name1 = "' & $tname & '"' & @CRLF)
                    FileWriteLine($Userfile2,'$pssw1 = "'&$encrpt2&'"')
                Case $name3 = "Name3"
                    $Userfile3 = FileOpen("C:\Program files\Mintz\User1.ini", 2)
                    $encrpt3 = _StringEncrypt(1, $tpass1, $adminpass, 2)
                    FileWrite($Userfile3,'$name1 = "' & $tname & '"' & @CRLF)
                    FileWriteLine($Userfile2,'$pssw1 = "'&$encrpt3&'"')
                case $name4 = "Name4"
                    $Userfile4 = FileOpen("C:\Program files\Mintz\User1.ini", 2)
                    $encrpt4 = _StringEncrypt(1, $tpass1, $adminpass, 2)
                    FileWrite($Userfile3,'$name1 = "' & $tname & '"' & @CRLF)
                    FileWriteLine($Userfile3,'$pssw1 = "'&$encrpt4&'"')
                EndSelect
            EndIf
        EndIf
    Case $msg = $cancel 
        MsgBox(0, "log", $log)
        Exit
    case $msg = $S_Cancel
        GUISetState(@SW_hide, $singup)
        GUISetState(@SW_ENABLE, $login) 
    case $msg = $GUI_EVENT_CLOSE
        MsgBox(0, "log", $log)
        Exit
    EndSelect
WEnd

[GaryFrost]

where are $admin, $name1, $name2, $name3, $name4 assigned a value?

[ame1011]

would also help if you explained your problem a little better than 'it's not working'

[Mintz]

Sorry, the four .ini files that are installed and included specify $name1 $name2... and $admin.

The current Admin pass is an ecrypted forum of "pass" using the password "superpass"

$name1 = "name1"

$name2 = "name2"

$name3 = "name3"

$name4 = "name4"

$admin = "admin"

$adminpass = "FF0F110F8BAD67B675A37D527799B29B" (lvl 2, Password: "superpass", comes out to "pass")

If i make the following changes with the script

$name1 = "Mintz"

$pssw1 = "C3DD6ED83050AF42E5E2C287072FB3CCD2EEBFB9"

After decrypting $pssw1 manually it comes out to "Ï^8H³" Where as the password i entered was "12341"

After a second try i come up with

$name1 = "mintz"

$pssw1 = "C3DA6ED83727AF42E5E7C287072AB3CCD2EBBFB9"

where as the decryption is strikingly similar.... "Ï^8H³" but the real password is abcda.

Theo only thing thats really throwing me off is that the admin password (FF0F110F8BAD67B675A37D527799B29B or "pass") is working exactly how it should in terms of decrypting within the script, and manually.

Now that i think i've been more clear, anyone wanna point out whats going on?

Edited December 22, 2007 by Mintz

[2o2]

im confuzed??

[BrettF]

Well the encrypted strings contain exactly that. Look at this example:

expandcollapse popup

#include <guiconstants.au3>
#include <string.au3>
; GUI and String stuff
$WinMain = GuiCreate('Encryption tool', 400, 400)
; Creates window
$EditText = GuiCtrlCreateEdit('',5,5,380,350)
; Creates main edit
$InputPass = GuiCtrlCreateInput('',5,360,100,20, 0x21)
; Creates the password box with blured/centered input
$InputLevel = GuiCtrlCreateInput(1, 110, 360, 50, 20, 0x2001)
$UpDownLevel = GUICtrlSetLimit(GuiCtrlCreateUpDown($inputlevel),10,1)
; These two make the level input with the Up|Down ability
$EncryptButton = GuiCtrlCreateButton('Encrypt', 170, 360, 10    5, 35)
; Encryption button
$DecryptButton = GuiCtrlCreateButton('Decrypt', 285, 360, 105, 35)
; Decryption button
GUICtrlCreateLabel('Password', 5, 385)
GuiCtrlCreateLabel('Level',110,385)
; Simple text labels so you know what is what
GuiSetState()
; Shows window

Do
   $Msg = GuiGetMsg()
   If $msg = $EncryptButton Then
      GuiSetState(@SW_DISABLE,$WinMain); Stops you from changing anything
      $string = GuiCtrlRead($EditText); Saves the editbox for later
      GUICtrlSetData($EditText,'Please wait while the text is Encrypted/Decrypted.'); Friendly message
      GuiCtrlSetData($EditText,_StringEncrypt(1,$string,GuiCtrlRead($InputPass),GuiCtrlRead($InputLevel)))
     ; Calls the encryption. Sets the data of editbox with the encrypted string
     ; The encryption starts with 1/0 to tell it to encrypt/decrypt
     ; The encryption then has the string that we saved for later from edit box
     ; It then reads the password box & Reads the level box
      GuiSetState(@SW_ENABLE,$WinMain); This turns the window back on
   EndIf
   If $msg = $DecryptButton Then
      GuiSetState(@SW_DISABLE,$WinMain); Stops you from changing anything
      $string = GuiCtrlRead($EditText); Saves the editbox for later
      GUICtrlSetData($EditText,'Please wait while the text is Encrypted/Decrypted.'); Friendly message
      GuiCtrlSetData($EditText,_StringEncrypt(0,$string,GuiCtrlRead($InputPass),GuiCtrlRead($InputLevel)))
     ; Calls the encryption. Sets the data of editbox with the encrypted string
     ; The encryption starts with 1/0 to tell it to encrypt/decrypt
     ; The encryption then has the string that we saved for later from edit box
     ; It then reads the password box & Reads the level box
      GuiSetState(@SW_ENABLE,$WinMain); This turns the window back on
   EndIf
Until $msg = $GUI_EVENT_CLOSE; Continue loop untill window is closed

insert abcda into the string box. Enter superpass into the password. Make the level 2. Click encrypt. What do you get compared to your string?

Now, if you keep the encrypted text, but change the password from superpass, to pass, what do you get? I think you have your answer now.