FiveTech Support Forums

FiveWin / Harbour / xBase community
Board indexAll discussionsLogin (GitHub)
Board index FiveWin for Harbour/xHarbour EXE passwords are visible in plain
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
EXE passwords are visible in plain
Posted: Wed Nov 07, 2018 10:32 PM
Hello
I post this only for information.
I was not aware that the username and password are visible in plain text in the EXE.
Best regards,
Otto




My very simple obfuscator:

Code (fw): Select all Collapse
function pw()
    local cPassword1    := "m"
    local cPassword3    := "P"
    local cPassword2    := "y"
    local cFiller       := "xyz"
    
    local cPassword5    := "0"
    local cPassword6    := "0"
    local cPassword7    := "7"
   local cPassword4     := "W"
   *----------------------------------------------------------

return ( cPassword1 + cPassword2 +  cPassword3 + cPassword4 + cPassword5 +  cPassword6 +  cPassword7 )



Armando
Posts: 3358
Joined: Fri Oct 07, 2005 08:20 PM
Re: EXE passwords are visible in plain
Posted: Thu Nov 08, 2018 01:00 AM
Hello Otto:

Is not enough for you the ENCRYPT() and DECRYPT() Classes?

Here is a sample:

Code (fw): Select all Collapse
Encrypted :=  ENCRYPT("Armando","1234aeb")
MsgInfo(Encrypted)

Decrypted := DECRYPT(Encrypted,"1234aeb")
MsgInfo(Decrypted)


Regards
SOI, s.a. de c.v.
estbucarm@gmail.com
http://www.soisa.mex.tl/
http://sqlcmd.blogspot.com/
Tel. (722) 174 44 45
Carpe diem quam minimum credula postero
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
Re: EXE passwords are visible in plain
Posted: Thu Nov 08, 2018 06:06 AM
Hello Armando,
thank you. But this is no solution.

Please look in the exe file:


Best regards,
Otto
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
Re: EXE passwords are visible in plain
Posted: Thu Nov 08, 2018 10:56 AM
Thank you Cristobal your solution is working fine.
Best regards
Otto

Code (fw): Select all Collapse
Put al init of your code
 
#pragma TEXTHIDDEN( 1 )
 
#include "FiveWin.ch"
 
.../...
 
and at end of your code
 
#pragma TEXTHIDDEN( 0 )
Rick Lipkin
Posts: 2706
Joined: Fri Oct 07, 2005 01:50 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 05:39 PM

Otto

You need a good .exe shrinker\compression utility .. I use ASpack which is a commercial product .. never had any problems with the product .. prox 90 USD

http://www.aspack.com/aspack.html

Completely removes all text from the hex ..

Rick Lipkin

Silvio.Falconi
Posts: 7317
Joined: Thu Oct 18, 2012 07:17 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 06:38 PM
Otto,
why you insert password on exe ?
for a sample I insert aes cript strings on a ini file sample : ( this is part of my license class)

Code (fw): Select all Collapse
[License]
A1=dCfTZfLWOUdZPeAQ8TfcdVI=
B1=aB2bpXPVP0tU
C1=fyv7XdI2OsdDD9woMFbbcFAitQ==
D1=DJu+zxbevEtbD4zA0fTbek0IycPQk+psSk3Kwrei
F1=bC2bpYd3uUFPJw==
G1=VB3nbTY8L2wVk7WyNT1IXQOU8LE0WnlLBNHzsFNrb0xB0vLXYn1oCULTleZ0ei0KQ7Sk8HM/LgskhbL3NjwvbBWTtbI1PUhdA5TwsTRaeUs=
E1=GYu6N0YcvHgal4G6Nd3bek0IycPQk+psSk3Kwrei
H1=GYu6N0YcP2gal4G6Nd3D2QCK7KEw+znKSk3Kwrei
I1=Fsl2fg==


I challenge everyone to find the exact translation
Since from 1991/1992 ( fw for clipper Rel. 14.4 - Momos)

I use : FiveWin for Harbour March-April 2024 - Harbour 3.2.0dev (harbour_bcc770_32_20240309) - Bcc7.70 - xMate ver. 1.15.3 - PellesC - mail: silvio[dot]falconi[at]gmail[dot]com
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 08:23 PM

Silvio,
please post how you evaluate the passwords in your exe.

BTW the solution Cristobal posted works perfectly.
Best regards
Otto

Iris Gesser
Posts: 38
Joined: Fri Apr 22, 2016 10:19 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 08:58 PM

Good evening,
unfortunately I can not see the answer/post of Cristobal.
Kind regards
Iris

Silvio.Falconi
Posts: 7317
Joined: Thu Oct 18, 2012 07:17 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 09:01 PM

oLicense:TLicense():New("test.lic")
oLicense:ReadLicense()

this give me an array with many variables

for a sample 

             LOCAL cFtp  :=oLicense:cFtp
             LOCAL cUser := oLicense:cUser
             LOCAL cPW   := oLicense:cPw
             LOCAL cFtpDir   :=oLicense:cFtpDir
             LOCAL cUpdFile  := "test.exe"
             LOCAL cLocalDir :="c:\test\"

the I use tUpdate class of Haupt

on exe there is not password or words

the class read the file test.lic directly
Otto, try to converte the code I post into word correct !!

Since from 1991/1992 ( fw for clipper Rel. 14.4 - Momos)

I use : FiveWin for Harbour March-April 2024 - Harbour 3.2.0dev (harbour_bcc770_32_20240309) - Bcc7.70 - xMate ver. 1.15.3 - PellesC - mail: silvio[dot]falconi[at]gmail[dot]com
cnavarro
Posts: 6755
Joined: Wed Feb 15, 2012 08:25 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 10:10 PM
Iris Gesser wrote:Good evening,
unfortunately I can not see the answer/post of Cristobal.
Kind regards
Iris


Iris
My answer was by mail, I did not publish it in the forum
Otto offered to publish it for me



https://github.com/harbour/core/blob/ma ... pragma.txt

#pragma TEXTHIDDEN(1) / ( 0 )

This scrambles any text between TEXTHIDDEN( 1 ) and TEXTHIDDEN( 0 ) in your exe
This makes the text strings defined in their source impossible to see in their EXEs
You can put it at the beginning and end of your source programs or just in a piece of code

Cristobal Navarro

Hay dos tipos de personas: las que te hacen perder el tiempo y las que te hacen perder la noción del tiempo

El secreto de la felicidad no está en hacer lo que te gusta, sino en que te guste lo que haces
Silvio.Falconi
Posts: 7317
Joined: Thu Oct 18, 2012 07:17 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 11:15 PM

Cristobal,
maybe the father Otto does not talk to his daughter Iris or they have a fight.....:)
I wanted to go and greet our friends in Sillian at Christmas but I saw that they have their hotel all busy
Greetings to Renate!!!

Since from 1991/1992 ( fw for clipper Rel. 14.4 - Momos)

I use : FiveWin for Harbour March-April 2024 - Harbour 3.2.0dev (harbour_bcc770_32_20240309) - Bcc7.70 - xMate ver. 1.15.3 - PellesC - mail: silvio[dot]falconi[at]gmail[dot]com
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
Re: EXE passwords are visible in plain
Posted: Fri Nov 09, 2018 11:39 PM

Hello Silvio
can you please show
some lines how TLicense decrypt.

Do you have something like:
::cPw := DECRYPT(Encrypted,"1234aeb")
in your class.
Thank you
and best regards
Otto

Silvio.Falconi
Posts: 7317
Joined: Thu Oct 18, 2012 07:17 PM
Re: EXE passwords are visible in plain
Posted: Sat Nov 10, 2018 08:22 AM

For decript I not use decript/encript of fivewin
On oldest class I used decript and encript
on new class I use Aes cifrature ADVANCED ENCRYPTION STANDARD 128 bit

Since from 1991/1992 ( fw for clipper Rel. 14.4 - Momos)

I use : FiveWin for Harbour March-April 2024 - Harbour 3.2.0dev (harbour_bcc770_32_20240309) - Bcc7.70 - xMate ver. 1.15.3 - PellesC - mail: silvio[dot]falconi[at]gmail[dot]com
Otto
Posts: 6983
Joined: Fri Oct 07, 2005 07:07 PM
Re: EXE passwords are visible in plain
Posted: Sat Nov 10, 2018 07:10 PM

>on new class I use Aes cifrature ADVANCED ENCRYPTION STANDARD 128 bit
Hello Silvio
how do you store the key.
c := aes256_Decrypt( c, @cKey )
Thank you and best regards
Otto

Silvio.Falconi
Posts: 7317
Joined: Thu Oct 18, 2012 07:17 PM
Re: EXE passwords are visible in plain
Posted: Sat Nov 10, 2018 08:09 PM

wich function is aes256_Decrypt ?
where you found it ?

I Have

Un / protectstring for a string
Un /protectFile for a file

and these use a aes protocol 128/192/256
it'is build from this document

https://csrc.nist.gov/csrc/media/public ... ps-197.pdf
type:
InitAes(128) //192/256 Load tables

string_text := "Antonio Linare from Fivetechsoft.com!" //ascii
Keychipher:= "2b 7e 15 16 28 ae d2 a6 ab f7 15 88 09 cf 4f 3c" //hexadecimal

cCifrated:= ProtectStringComplete(string_text,KeyChipher)
?cCifrated

cDecifrated:=UnProtectStringComplete(cCifrated,KeyChipher)
?cDecifrated

Since from 1991/1992 ( fw for clipper Rel. 14.4 - Momos)

I use : FiveWin for Harbour March-April 2024 - Harbour 3.2.0dev (harbour_bcc770_32_20240309) - Bcc7.70 - xMate ver. 1.15.3 - PellesC - mail: silvio[dot]falconi[at]gmail[dot]com
Static archive · New replies & topics via GitHub Discussions