EXE passwords are visible in plain

User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: EXE passwords are visible in plain

Post by Otto »

Hello Silvio
please look into your exe file:

Image

This is what I mean.
Best regards
Otto
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Otto
Posts: 4470
Joined: Fri Oct 07, 2005 7:07 pm
Contact:

Re: EXE passwords are visible in plain

Post by Otto »

Silvio
with the solution from Cristobal the Exe looks like this.
Best regards
Otto

Image
********************************************************************
mod harbour - Vamos a la conquista de la Web
modharbour.org

********************************************************************
User avatar
Silvio.Falconi
Posts: 4956
Joined: Thu Oct 18, 2012 7:17 pm

Re: EXE passwords are visible in plain

Post by Silvio.Falconi »

1) I not use decript/cript function of Fivewin
2) I not insert any password type encript(strin,youpw)
3) the string cifrated is on file ascii ( or file INI)

I not understood where you found "Antonio Linares from fivetechsoft!" if the text is cripted with aes and insert on inifile


Image

then each string cifrated is insert on inifile

the tlicense class have 9 line cifrated

sample :
[License]
A1=fCnznWM2uspAO9DYIHdc9A==
B1=aRuXjXPV/cld
C1=cS/3ZdI2u0VOD9gwYFfbdlkgpQ==
D1=GfFepkQYvEtbD4zA0fTbek0IycPQk+psSk3Kwrei
F1=by2bpYd3uUFPJw==
G1=VB3nbTY8L2wVk7WyNT1IXQOU8LE0WnlLBNHzsFNrb0xB0vLXYn1oCULTleZ0ei0KQ7Sk8HM/LgskhbL3NjwvbBWTtbI1PUhdA5TwsTRaeUs=
E1=GYu6N0YcvHgal4G6Nd3bek0IycPQk+psSk3Kwrei
H1=GYu6N0YcP2gal4G6Nd3D2QCK7KEw+znKSk3Kwrei
I1=Fsl2fg==


how do you go back to the original data without having the hexadecimal key, where would you see the information?

I not Put the string or the password or the hexadecimal key on exe file !!!!!

the exe read the extern file ( txt or Ini)



for a sample : ( I insert this on my exe)

Code: Select all

lDemo:=.f.
oLicense:=Tlicense():New(Lic.ini")
oLicense:Readlicense()

If !olicense:lNoFileLicenseFile
       If oLicense:lValidLicenseFile

       // date or days expiration limit 
            If oLicense:LicenseFileExpiredOn
                  cSay:=oLicense:DateExpiredOn
             endif

       // runcount limit 
....
       //one year free license
.....
      //no expiration - free mode
.....
   endif
endif
I use : FiveWin for Harbour August 2020 (Revision) - Harbour 3.2.0dev (r1712141320) - Bcc7.30 - xMate ver. 1.15.3 - PellesC
User avatar
Silvio.Falconi
Posts: 4956
Joined: Thu Oct 18, 2012 7:17 pm

Re: EXE passwords are visible in plain

Post by Silvio.Falconi »

Otto,
I sent U a test.exe with User.lic file

see if you can see the data info on exe or on User.lic

When I made the first version of the program for the beaches I had problems because my program liked and was copied in several bathing establishments,
so I had to protect myself by checking the hard drive, the motherboard, the Bios this for each license.

Naturally, like you, I thought of inserting passwords in the application, but as you know, it's wrong.

With my system I could give for example 12 licenses per year, one for each month, the check if the license is in time is not done on the system date but that taken on the Internet. With my system it is difficult but very difficult to crack the application.

Who wants to crack my applications should know the hexadecimal key to unprotect the strings created with aes, know the reference number that is different for each computer and I'm not talking about nHserial, and then know the algorithm with which the exe checks every string, I know there are around people able to do this but it's really difficult ....
I use : FiveWin for Harbour August 2020 (Revision) - Harbour 3.2.0dev (r1712141320) - Bcc7.30 - xMate ver. 1.15.3 - PellesC
User avatar
Giovany Vecchi
Posts: 129
Joined: Mon Jun 05, 2006 9:39 pm
Location: Brasil

Re: EXE passwords are visible in plain

Post by Giovany Vecchi »

To encrypt and be able to save in files, tables fields or inside the executable I use these functions.
Try this:

cTextEnc: = TXT_ENCRYPT_CHR ("MyText", "TxtOptionSave.txt")

Example: 29,45,81,2,112,131

Code: Select all

FUNCTION TXT_ENCRYPT_CHR(f_cTxtEncrypt, f_cFileNameTxtSalva, f_lQuebraLinha)
  LOCAL cEncry := ""
  LOCAL nFor := 0, cCode := "", nQuebraLinha := 0
  
  Default f_lQuebraLinha := .F.
  
  cEnCry := ENCRYPT(f_cTxtEncrypt,"#Pwh@!")
  
  If !f_lQuebraLinha
    FOR nFor := 1 TO LEN(cEncry)
        cCode += alltrim(str(ASC(SUBSTR(cEncry,nFor,1)))) + ","
    NEXT
    
    cCode := Substr(cCode,1,Len(cCode)-1)
  Else
    FOR nFor := 1 TO LEN(cEncry)
      If nQuebraLinha == 0
        cCode += "cVariavel += |"
      EndIf
      nQuebraLinha ++
      cCode += alltrim(str(ASC(SUBSTR(cEncry,nFor,1)))) + ","
      If nQuebraLinha > 29
        cCode += "|"+CRLF
        nQuebraLinha := 0
      EndIf
    NEXT
    cCode := Substr(cCode,1,Len(cCode)-1)
    cCode += "|"+CRLF
    cCode := StrTran(cCode,"|",Chr(34))
  EndIf
    
  If !Hb_isNil(f_cFileNameTxtSalva)
    Hb_MEMOWRIT(f_cFileNameTxtSalva,cCode)
  EndIf  
  
RETURN AllTrim(cCode)
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
FUNCTION TXT_DECRYPT_CHR(f_cTxtEncrypt)
  LOCAL cEncry := "", aChrs := {}
  LOCAL nFor := 0, cCode := ""

  aChrs := Hb_aTokens(f_cTxtEncrypt,",")
  
  FOR nFor := 1 TO LEN(aChrs)
      cCode += Chr(Val(aChrs[nFor]))
  NEXT
  
  cCode := Alltrim(Decrypt(cCode,"#Pwh@!"))
  
RETURN cCode

 
User avatar
Silvio.Falconi
Posts: 4956
Joined: Thu Oct 18, 2012 7:17 pm

Re: EXE passwords are visible in plain

Post by Silvio.Falconi »

you must allways insert a password

cEnCry := ENCRYPT(f_cTxtEncrypt,"#Pwh@!")

if the user have these function and Know "#Pwh@!" can open the app easy

the problem of Otto is the password "#Pwh@!" is showed on exe ( with a Pe editor)
I use : FiveWin for Harbour August 2020 (Revision) - Harbour 3.2.0dev (r1712141320) - Bcc7.30 - xMate ver. 1.15.3 - PellesC
User avatar
Giovany Vecchi
Posts: 129
Joined: Mon Jun 05, 2006 9:39 pm
Location: Brasil

Re: EXE passwords are visible in plain

Post by Giovany Vecchi »

You can change to stay exclusively from your program

Example: ".% B>?" or "67! 9)"
User avatar
Silvio.Falconi
Posts: 4956
Joined: Thu Oct 18, 2012 7:17 pm

Re: EXE passwords are visible in plain

Post by Silvio.Falconi »

No
Perhaps I not explain good

Otto Problem is
Otto need to inser two data info to make an update of a application
Otto must insert on exe the user and the password to access to the web site to update the new version of application
Otto saw if compile a test with Password into, ( also make a encrypt) he can see with a Peditor the password he inserted
Also eachone purchase his application can see this password , Otto are searching a method to hide this password
I sad to Otto to hide the data info into a extern file and not on exe file
I use : FiveWin for Harbour August 2020 (Revision) - Harbour 3.2.0dev (r1712141320) - Bcc7.30 - xMate ver. 1.15.3 - PellesC
User avatar
goosfancito
Posts: 1392
Joined: Fri Oct 07, 2005 7:08 pm

Re: EXE passwords are visible in plain

Post by goosfancito »

Hola.

Podrian poner la solucion final de CRISTOBAL?
me interesó

Gracias.
Gustavo
Un aporte chico hace grandes cambios.
Apoyemos al proyecto "Hogar pimpinela"
Bajate la aplicación (gratuita) y encuentra en ella toda la info de como podes colaborar.
GRACIAS!
https://play.google.com/store/apps/deta ... .acomprar
User avatar
Baxajaun
Posts: 853
Joined: Wed Oct 19, 2005 2:17 pm
Location: Gatika. Bizkaia

Re: EXE passwords are visible in plain

Post by Baxajaun »

Gustavo,

lo que quieras ocultar ponlo entre #pragma TEXTHIDDEN(1) y #pragma TEXTHIDDEN(0)

Revisa https://github.com/harbour/core/blob/ma ... pragma.txt

Saludos
User avatar
goosfancito
Posts: 1392
Joined: Fri Oct 07, 2005 7:08 pm

Re: EXE passwords are visible in plain

Post by goosfancito »

gracias
Un aporte chico hace grandes cambios.
Apoyemos al proyecto "Hogar pimpinela"
Bajate la aplicación (gratuita) y encuentra en ella toda la info de como podes colaborar.
GRACIAS!
https://play.google.com/store/apps/deta ... .acomprar
User avatar
goosfancito
Posts: 1392
Joined: Fri Oct 07, 2005 7:08 pm

Re: EXE passwords are visible in plain

Post by goosfancito »

veo que utilizan un programa para ver el contenido de un .exe
podrian decirme cual es?

gracias.
Un aporte chico hace grandes cambios.
Apoyemos al proyecto "Hogar pimpinela"
Bajate la aplicación (gratuita) y encuentra en ella toda la info de como podes colaborar.
GRACIAS!
https://play.google.com/store/apps/deta ... .acomprar
User avatar
Baxajaun
Posts: 853
Joined: Wed Oct 19, 2005 2:17 pm
Location: Gatika. Bizkaia

Re: EXE passwords are visible in plain

Post by Baxajaun »

Gustavo,

imagino que cualquier editor hexadecimal te servirá.

Saludos,
Post Reply