What I currently want to do is to read the .ini file for the password, and then after reading from the file, then the password will be encrypted and then the .ini file will show the encrypted password if it isn't already. The password will be used to access a certain item, so it will be decrypted first.
1) Read password from .ini file.
2) If password isn't encrypted already, encrypt it and then edit the .ini file to modify password (so that it's unreadable to others).
3) Macro will decrypt password before entering password in program.
The problem I am facing is, the Crypt function will encrypt a text that is not encrypted, and vice versa, so if I were to run the script again, the encrypted password will be decrypted.
What I am basically saying is I want the script to be able to detect whether the password in the .ini file is encrypted already or not. What is a way to allow the system to detect whether the password is encrypted in the .ini file or not?
Thanks for reading.
Detecting Encryption Status in .ini file
Moderators: JRL, Dorian (MJT support)
-
CyberCitizen
- Automation Wizard
- Posts: 724
- Joined: Sun Jun 20, 2004 7:06 am
- Location: Adelaide, South Australia
I can see the issue. I haven't had a need for it myself, however based on what you have mentioned I would suggest using another section for the encrypted password & then change the default password section to something like ENCRYPTED.
Then when you read the section & the value = ENCRYPTED you can read the other section (encrypted part). If the original line doesn't = ENCRYPTED & is not blank re-encrypt and write to the other section eg allowing the password to be changed.
Then when you read the section & the value = ENCRYPTED you can read the other section (encrypted part). If the original line doesn't = ENCRYPTED & is not blank re-encrypt and write to the other section eg allowing the password to be changed.
FIREFIGHTER
I apologise for not understanding what you meant. Especially the part where you mentioned changing the default password to something (like Encrypted) and the part where the system will recognise the value as encrypted.CyberCitizen wrote:I can see the issue. I haven't had a need for it myself, however based on what you have mentioned I would suggest using another section for the encrypted password & then change the default password section to something like ENCRYPTED.
Then when you read the section & the value = ENCRYPTED you can read the other section (encrypted part). If the original line doesn't = ENCRYPTED & is not blank re-encrypt and write to the other section eg allowing the password to be changed.
There are two ideas I experimented after starting the topic:
1) Use a certain Encryption Key in .ini file along with the password that is not encrypted. When the system runs, if that Encryption Key matches, then password is encrypted and the Encryption Key changes. If different, then no encryption occurs.
2) The password has to be a specific format, such as [[Password: (Insert Password Here)]], before it will be encrypted. Script will cull the required format from the actual password. This is the idea that I used, because the first one had a bit of problems.
Thanks for reading.
PPQ
-
Phil Pendlebury
- Automation Wizard
- Posts: 543
- Joined: Tue Jan 16, 2007 9:00 am
- Contact:
Yup simple solutions are usually best:
ini file:
ini file:
Code: Select all
[PASSWORD]
Password=fgsd*gf$8&94s6g
Encrypted=True
// Set Encrypted to "False" until it has been encrypted
Phil Pendlebury - Linktree
Is this what you are looking for?
Code: Select all
//Set ini location and name
Let>IniDirectory=DESKTOP_DIR
Let>IniName=My Settings
Dialog>Dialog1
object Dialog1: TForm
Left = 555
Top = 104
HelpContext = 5000
BorderIcons = [biSystemMenu]
Caption = 'CustomDialog'
ClientHeight = 108
ClientWidth = 283
Color = clBtnFace
Font.Charset = DEFAULT_CHARSET
Font.Color = clWindowText
Font.Height = -11
Font.Name = 'MS Sans Serif'
Font.Style = []
OldCreateOrder = True
ShowHint = True
OnTaskBar = False
PixelsPerInch = 96
TextHeight = 13
object Label1: TLabel
Left = 8
Top = 8
Width = 46
Height = 13
Caption = 'Password'
end
object MSButton1: tMSButton
Left = 136
Top = 24
Width = 75
Height = 25
Caption = 'Save'
TabOrder = 0
DoBrowse = False
BrowseStyle = fbOpen
end
object Edit1: TEdit
Left = 8
Top = 24
Width = 121
Height = 21
PasswordChar = '*'
TabOrder = 1
end
object Edit2: TEdit
Left = 8
Top = 72
Width = 121
Height = 21
TabOrder = 2
end
object MSButton2: tMSButton
Left = 136
Top = 72
Width = 113
Height = 25
Caption = 'Show Password'
TabOrder = 3
DoBrowse = False
BrowseStyle = fbOpen
end
end
EndDialog>Dialog1
//Check if ini Exists
IfFileExists>%IniDirectory%\%IniName%.ini
ReadIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,UserPassword
//Check if Password is encrypted. Encrypt if not True
ReadIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password Encrypted,CryptRes
IF>CryptRes<>True
Crypt>abc,%UserPassword%,PassCryptVal
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,%PassCryptVal%
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password Encrypted,True
ENDIF
//Decrypt Password
Crypt>abc,UserPassword,UserPassword
ELSE
//Create ini if it doesn't Exists
WriteLn>%IniDirectory%\%IniName%.ini,res,
Let>UserPassword=
ENDIF
SetDialogProperty>Dialog1,Edit1,Text,%UserPassword%
AddDialogHandler>Dialog1,MSButton1,OnClick,SavePassword
AddDialogHandler>Dialog1,MSButton2,OnClick,DecryptPassword
Show>Dialog1,
SRT>SavePassword
GetDialogProperty>Dialog1,Edit1,Text,PasswordInput
Crypt>abc,%PasswordInput%,PassCryptVal
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,%PassCryptVal%
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password Encrypted,True
END>SavePassword
SRT>DecryptPassword
ReadIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,UserPassword
Crypt>abc,UserPassword,UserPassword
SetDialogProperty>Dialog1,Edit2,Text,UserPassword
END>DecryptPassword
-
CyberCitizen
- Automation Wizard
- Posts: 724
- Joined: Sun Jun 20, 2004 7:06 am
- Location: Adelaide, South Australia
Hey Guys,
Thanks for finishing this for me, my original reply was posted via a mobile on the way home from work, was then called to a house fire, didn't get home until the early morning. Then sleep.
Here is some rough code I quickly wrote to show the process of what I was explaining. Depending on your needs you would change various parts etc.
Thanks for finishing this for me, my original reply was posted via a mobile on the way home from work, was then called to a house fire, didn't get home until the early morning. Then sleep.
Here is some rough code I quickly wrote to show the process of what I was explaining. Depending on your needs you would change various parts etc.
Code: Select all
IfFileExists>%TEMP_DIR%EncryptionTest.ini
Else
WriteLn>%TEMP_DIR%EncryptionTest.ini,,[AccountInfo]%CRLF%USERNAME=%USER_NAME%%CRLF%PASSWORD=%CRLF%ENCRYPTED=
EndIF
GoSub>ReadIniFile
If>%vPassword%=ENCRYPTED
Ask>Password Is Currently Encrypted!%CRLF%%CRLF%Would You Like To Change It Now?,vQuestionResult
If>%vQuestionResult%=YES
Goto>ChangePassword
EndIf
EndIf
If>%vPassword%=
Label>ChangePassword
Let>INPUT_PASSWORD=1
Let>INPUT_BROWSE=0
Input>vEnteredPassword,Please Enter Password,
If>vEnteredPassword=
MDL>No Password Entered, Script Will Now Exit
Exit>0
EndIF
Crypt>SECUREPASSWORD,%vEnteredPassword%,vEncryptedString
EditIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,PASSWORD,ENCRYPTED
EditIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,ENCRYPTED,%vEncryptedString%
EndIf
SRT>ReadIniFile
ReadIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,USERNAME,vUsername
ReadIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,PASSWORD,vPassword
ReadIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,ENCRYPTED,vEncrypted
END>ReadIniFileFIREFIGHTER
Thank you, everybody who responded.
From the responses, I see that you need to have another variable in the .ini file to determine whether the password is encrypted or not. It's something I experimented on too, so if that's the only way to go around this problem, I guess I will have to accept it.
Thanks for responding.
From the responses, I see that you need to have another variable in the .ini file to determine whether the password is encrypted or not. It's something I experimented on too, so if that's the only way to go around this problem, I guess I will have to accept it.
Thanks for responding.
PPQ
-
CyberCitizen
- Automation Wizard
- Posts: 724
- Joined: Sun Jun 20, 2004 7:06 am
- Location: Adelaide, South Australia
I thought about this a little later on today after I got some sleep.
You don't have to have a separate line in the INI file. You could append CRYPT at the front of the text in the variable so then when the password is encrypted you could have the encrypted text = CRYPT-hdajfhsdfhjkdahfsdflkj.
Just means when you want to decrypt it you need to remove the CRYPT- part at the first. Shouldn't be that hard to do.
Let me know if you need more assistance with what I have described.
Quick Modification Below To Show The Ability To Have An INI File With Just The 2x Entries. You May Need To Delete The EncryptionTest.ini In Your Temp Directory Though. Step Though It So You Can See How It Works. This Only Shows The Encryption, But Hopefully You Can Get The Idea On A Way To Decrypt It As Well.
You don't have to have a separate line in the INI file. You could append CRYPT at the front of the text in the variable so then when the password is encrypted you could have the encrypted text = CRYPT-hdajfhsdfhjkdahfsdflkj.
Just means when you want to decrypt it you need to remove the CRYPT- part at the first. Shouldn't be that hard to do.
Let me know if you need more assistance with what I have described.
Quick Modification Below To Show The Ability To Have An INI File With Just The 2x Entries. You May Need To Delete The EncryptionTest.ini In Your Temp Directory Though. Step Though It So You Can See How It Works. This Only Shows The Encryption, But Hopefully You Can Get The Idea On A Way To Decrypt It As Well.
Code: Select all
IfFileExists>%TEMP_DIR%EncryptionTest.ini
Else
WriteLn>%TEMP_DIR%EncryptionTest.ini,,[AccountInfo]%CRLF%USERNAME=%USER_NAME%%CRLF%PASSWORD=
EndIF
GoSub>ReadIniFile
If>%vPassword%=
Else
MidStr>%vPassword%,0,6,vCryptCheck
EndIF
If>%vCryptCheck%=CRYPT-
Ask>Password Is Currently Encrypted!%CRLF%%CRLF%Would You Like To Change It Now?,vQuestionResult
If>%vQuestionResult%=YES
Goto>ChangePassword
EndIf
EndIf
If>%vPassword%=
Label>ChangePassword
Let>INPUT_PASSWORD=1
Let>INPUT_BROWSE=0
Input>vEnteredPassword,Please Enter Password,
If>vEnteredPassword=
MDL>No Password Entered, Script Will Now Exit
Exit>0
EndIF
Crypt>SECUREPASSWORD,%vEnteredPassword%,vEncryptedString
EditIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,PASSWORD,CRYPT-%vEncryptedString%
EndIf
SRT>ReadIniFile
ReadIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,USERNAME,vUsername
ReadIniFile>%TEMP_DIR%EncryptionTest.ini,AccountInfo,PASSWORD,vPassword
END>ReadIniFileFIREFIGHTER
Different Coding but same result as Cyber's example.
Code: Select all
//Set ini location and name
Let>IniDirectory=DESKTOP_DIR
Let>IniName=My Settings
Dialog>Dialog1
object Dialog1: TForm
Left = 575
Top = 104
HelpContext = 5000
BorderIcons = [biSystemMenu]
Caption = 'CustomDialog'
ClientHeight = 87
ClientWidth = 226
Color = clBtnFace
Font.Charset = DEFAULT_CHARSET
Font.Color = clWindowText
Font.Height = -11
Font.Name = 'MS Sans Serif'
Font.Style = []
OldCreateOrder = True
ShowHint = True
OnTaskBar = False
PixelsPerInch = 96
TextHeight = 13
object Label1: TLabel
Left = 8
Top = 8
Width = 46
Height = 13
Caption = 'Password'
end
object MSButton1: tMSButton
Left = 136
Top = 24
Width = 75
Height = 25
Caption = 'Save'
TabOrder = 0
DoBrowse = False
BrowseStyle = fbOpen
end
object Edit1: TEdit
Left = 8
Top = 24
Width = 121
Height = 21
TabOrder = 1
end
object MSButton2: tMSButton
Left = 8
Top = 48
Width = 121
Height = 25
Caption = 'Open ini file'
TabOrder = 2
DoBrowse = False
BrowseStyle = fbOpen
end
end
EndDialog>Dialog1
//Check if ini Exists
IfFileExists>%IniDirectory%\%IniName%.ini
ReadIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,UserPassword
//Check if Password is encrypted by getting the position of "[EP]"
//at the beginning of the password. 0 means Not encrypted
Position>[EP],%UserPassword%,1,PositionRes
IF>PositionRes=0
Crypt>abc,%UserPassword%,PassCryptVal
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,[EP]%PassCryptVal%
ENDIF
//Decrypt Password
ReadIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,UserPassword
StringReplace>%UserPassword%,[EP],,UserPasswordRes
Crypt>abc,%UserPasswordRes%,DisplayPassword
ELSE
//Create ini if it doesn't Exists
WriteLn>%IniDirectory%\%IniName%.ini,res,
Let>DisplayPassword=
ENDIF
SetDialogProperty>Dialog1,Edit1,Text,DisplayPassword
AddDialogHandler>Dialog1,MSButton1,OnClick,SavePassword
AddDialogHandler>Dialog1,MSButton2,OnClick,OpenIni
Show>Dialog1,
SRT>SavePassword
GetDialogProperty>Dialog1,Edit1,Text,PasswordInput
Crypt>abc,%PasswordInput%,PassVal
EditIniFile>%IniDirectory%\%IniName%.ini,User Settings,Password,[EP]%PassVal%
END>SavePassword
SRT>OpenIni
Exe>%IniDirectory%\%IniName%.ini
END>OpenIni
Though I agree that there doesn't seem to be a foolproof method of detecting an encrypted password and that adding something to the ini file to inform the program that the password is encrypted or not encrypted is a good method. You could have an existing ini file with existing passwords some of which are encrypted and some of which are not.
Most likely if I had this issue I would write a program to force users to change their passwords and rewrite the ini to be as I wanted it.
That said:
If this were my issue I might do something like this to fix most if not all of the couple hundred passwords I might have to deal with. Any password that failed I would get a phone call from the user and then I'd go fix it manually.
Though this method will not be absolutely perfect, It should catch most encrypted passwords and decrypt them and leave most unencrypted passwords alone.
It uses an encryption key of "abc"
I've commented the code so be sure to read the comments.
Most likely if I had this issue I would write a program to force users to change their passwords and rewrite the ini to be as I wanted it.
That said:
If this were my issue I might do something like this to fix most if not all of the couple hundred passwords I might have to deal with. Any password that failed I would get a phone call from the user and then I'd go fix it manually.
Though this method will not be absolutely perfect, It should catch most encrypted passwords and decrypt them and leave most unencrypted passwords alone.
It uses an encryption key of "abc"
I've commented the code so be sure to read the comments.
Code: Select all
VBSTART
VBEND
//Rather than reading from an ini file the password possibilities are hard coded into this sample. Unremark the "Let>encdata=" line you'd like to test.
//As I see it, there are three positive possibilities
//The password is encrypted and converted to Base64 as recommended
Let>encdata=5fVSJPd=
//The password is encrypted
//Let>encdata=åõR$÷
//The password is unencrypted
//Let>encdata=apple
//And three negative unlikely possibilities.
//One is that the password is a viable Base64 encoding
//Let>encdata=5uRMKfzw
//The other unlikely possibility is that the encrypted password
//contains no characters with ansi values above 127 so will fail
//the "Test for encryption" code
//The third unlikely possibility is that the unencrypted password
//contains characters with ansi values above 127 so will pass
//the "Test for encryption" code
//If the passwords are definitely not in base64, the
// "Test for base64" block could be removed.
////////// Test for base64 //////////
Base64>encdata,DECODE,B64data
If>B64Data=DECODE ERROR: SOURCE NOT BASE64
mdl>Password entry is not base64
Else
Let>encdata=B64data
EndIf
////////// End test for base64 //////////
////////// Test for encryption //////////
Length>encdata,datalen
Let>kk=0
Repeat>kk
add>kk,1
MidStr>encdata,%kk%,1,testchar
VBEval>asc("%testchar%"),TestRes
If>TestRes>127
MDL>Password is encrypted
Goto>DecryptPassword
EndIf
Until>kk=datalen
MDL>Password is probably not encrypted
Goto>TheRestOfTheScript
////////// End test for encryption //////////
////////// Decrypt (if needed) //////////
Label>DecryptPassword
Crypt>abc,encdata,encdata
////////// End decrypt //////////
Label>TheRestOfTheScript
