simple text encrypt / decrypt

[eme...@netscape.net]

Hello all. Anyone have a simple VBScript that will take input and
encrypt it and/or decrypt it?

[McKirahan]

<eme...@netscape.net> wrote in message
news:1110902944....@o13g2000cwo.googlegroups.com...

> Hello all. Anyone have a simple VBScript that will take input and
> encrypt it and/or decrypt it?
>

Will this help? Watch for word-wrap.

Clicking "encrypt" changes "abc" to "bcd" then
clicking "decrypt" changes "bcd" back to "abc".

This includes a JavaScript version as well.

<html>
<head>
<title>endecrypt.htm</title>
<script type="text/javascript">
function endecrypt_js(bool) {
var char, code, diff=1, temp="";
var text = document.getElementById("text").value;
for (var i=0; i<text.length; i++) {
char = text.charCodeAt(i);
(bool) ? code=char+diff : code=char-diff;
temp += String.fromCharCode(code);
}
document.getElementById("text").value = temp;
}
</script>
<script type="text/vbscript">
Function endecrypt_vbs(bool)
Const diff = 1
Dim char, code, i, temp, text
temp = ""
text = document.getElementById("text").value
For i = 1 To Len(text)
char = Asc(Mid(text,i,1))
If bool Then
code = char + diff
Else
code = char - diff
End If
temp = temp & Chr(code)
Next
document.getElementById("text").value = temp
End Function
</script>
</head>
<body>
<form>
<input type="text" name="text" id="text">
<br><input type="button" value="encrypt JS" onclick="endecrypt_js(true)">
<br><input type="button" value="decrypt JS" onclick="endecrypt_js(false)">
<br><input type="button" value="encrypt VBS" onclick="endecrypt_vbs(true)">
<br><input type="button" value="decrypt VBS" onclick="endecrypt_vbs(false)">
</form>
</body>
</html>

[eme...@netscape.net]

Hi! Thats exactly the kind of thing I am looking for, but with a little
more "mix" to how the text gets rearranged. Any thoughts on how to
increase the complexity of the "mix"?

[McKirahan]

<eme...@netscape.net> wrote in message
news:1110918654.7...@g14g2000cwa.googlegroups.com...

> Hi! Thats exactly the kind of thing I am looking for, but with a little
> more "mix" to how the text gets rearranged. Any thoughts on how to
> increase the complexity of the "mix"?
>

Sure but then it wouldn't be "simple".

Google "VBScript encryption".

[eme...@netscape.net]

Actually, now that I have tried to run it, I cant get it to work. I
dont think word wrap is an issue, it works for you?

[eme...@netscape.net]

[McKirahan]

<eme...@netscape.net> wrote in message
news:1110919480....@g14g2000cwa.googlegroups.com...

> Actually, now that I have tried to run it, I cant get it to work. I
> dont think word wrap is an issue, it works for you?
>

Works fine for me. What happens for you?

What word/phrase are you using?

Insert Alert() statements to debug.

Try this VBS-only version.

<html>
<head>
<title>endecrypt.htm</title>

<script type="text/vbscript">
Function endecrypt(bool)

Const diff = 1
Dim char, code, i, temp, text
temp = ""
text = document.getElementById("text").value
For i = 1 To Len(text)
char = Asc(Mid(text,i,1))
If bool Then
code = char + diff
Else
code = char - diff
End If
temp = temp & Chr(code)
Next
document.getElementById("text").value = temp
End Function
</script>
</head>
<body>
<form>
<input type="text" name="text" id="text"><br>

<input type="button" value="encrypt" onclick="endecrypt(true)">
&nbsp; &nbsp;
<input type="button" value="decrypt" onclick="endecrypt(false)">
</form>
</body>
</html>

[Alek Davis]

I am not sure what you guys are trying to do here, but if you need real
encryption (not a pseudo-obfuscation which can be easily hacked), then you
need to use standard encryption algorithms (e.g. 3DES) via CAPI COM (COM
version of Crypto API), DPAPI (you would need to write a COM object to do
this), or similar methodology. And unless you used DPAPI or ACL-protected
key (like public key), you must protect the encryption key. This is not
easy, but if by encryption you want to achieve any level of security, you
should not be writing your own "encryption" algorithms.

Alek

<eme...@netscape.net> wrote in message
news:1110902944....@o13g2000cwo.googlegroups.com...

[eme...@netscape.net]

Gee Alek, I think I indicated that McKirahan is trying to help me do
is exactly what I needed...so thanks for the unsolicited criticism.

<!> McKirahan <!>
I get a invalid character error on line [temp = ""] and then I get a
type mismatch error on like [<input type="text" name="text"
id="text"><br>]

This 'obfuscation' really is all I need to accomplish and I appreciate
your constructive help!

[Alek Davis]

Didn't mean to offend anyone.

Alek

<eme...@netscape.net> wrote in message
news:1111070593.9...@l41g2000cwc.googlegroups.com...

[McKirahan]

<eme...@netscape.net> wrote in message
news:1111070593.9...@l41g2000cwc.googlegroups.com...

I saw this in the middle of a post:

<!> McKirahan <!>
I get a invalid character error on line [temp = ""] and then I get a
type mismatch error on like [<input type="text" name="text"
id="text"><br>]

Was it meant for me? Is there a problem?

If so, could you post your code?

[Michael Harris (MVP)]

Alek Davis wrote:
> Didn't mean to offend anyone.

IMHO, your reply was neither offensive nor criticism ;-)...

In fact, I thought you quite justified in posting since the OP didn't
clarify that they wanted to obfuscate rather than encrypt/decrypt until he
replied to your post.

--
Michael Harris
Microsoft MVP Scripting
http://maps.google.com/maps?q=Sammamish%20WA%20US

[Alek Davis]

Thanks Michael. Feel a bit better. :-)

Alek

"Michael Harris (MVP)" <mikhar at mvps dot org> wrote in message
news:eDDwgk1K...@TK2MSFTNGP10.phx.gbl...

[Marios]

can anyone please decrypt this text?

"FμfΣ ¨ρ Cξ3®°ƒ*- 455645525354524 2θ kac
ΘIAζόΚ ΕL S\ ²ήέΈκhZΖΡ ›OtMJVά= -ΡθΤΓ© ¬µ`@ 2G; ') €ύ,Ϊ %µηŒhš©6SΛϊ
ΐΙ‰fΨ¤ΙΦΝΫ 3υ^ ’9ηœ=! ιY€Θγ+{OYŸΝ¥άBl#°Eάtθ PU+Ζ =ΊuκZ‘!ŽξΛΥ ΖZ¨( Φ rTfΩ8ό!,Ο7 }9Ž 9;Κ:ίIέΐ Jm/ °Vy¤ύιlδ jx©na2?qΣ*β_Νy–¥UΉςΨ·ϋkΚτηϊ:,Όc P]σlω…:ή, Š 4 ga‘E™Υ^ty&•“ n-)Υ!1\Ϋ@Α\ΰ·Χp®Ϊ’ύ³=
.`&Ο. or~|ΰΊš wΦµv ΊΫγ–Ÿ Θί —+
ΗΪ —Ž ζM*πuΧλώO~χ™ l(¨¨Ι τε}gT C¥œ Άg`Ÿ )T«Φ{’y9$®Ε 'fθP υϊσ ΒΥGu °[œhm…… Δ]as zμ|κ $ „/ΰΩ£ϊΨ{χδ°¨Tίΰ Μ]ύΗ"<πΙ Š ¬WΞΑ§bΕ[A© f[°¦¤Z œ µJςιΞ&ω Ab“ΧΩΥΓj:Q ,ΘΑiΓΌ†C,ΕΦρ ¶'ΏEQG¥A?(ΰuhΫ »Hw Ή‰¶ΒΞ ΗŸ0άxηΛΎs|7œ Κ% ― Ν©™ΫΌε Π·ŒL T—[οΎUNΖ eςσβ¦ ?ΌΝ4LμΉ –u•ƒn„ψΙ ±$žŠ]όΙ~j‰ϋΊ άΈι"Ώ. ·5S "C \3E¶Τύ>4P
ˆΤ ½ x ­>‘ -Λp2žΔp Ftθ's “ ¨Ω±oGυ³r_ ^,›ΣΫΑλί ˜hUIΏ;{υ‘ηωϋκΈ νΪΒ>Mσ:§5S•Ϊ • υ FΥ³ντ‡ωK²26νiKΙ Z #λΗ Ζά8z µ V rεόσ­+ι λBLH3JDq–HIv Ψ'ΒrΕΥΜ:‘ά¨&Ξ œgηψ , µ·Ί `εy΅ ·γ Έ~ uΩWτ $ «3Ό ΅dR ¨TτΆ )υ ι$χg(i~Ίfu0ΝΘρΝηΞu3Ž Χwš
peQήPj
Ά fC¬OY©Έmc²Ρ8 G+ΚΫΟ u·4ƒ6±€} ρNΌ>—θxŠ…7 2°Έv…\_Η?·Wθ/ύ d€E®e1=z•’E~‚s cnξ ¦ ΊΤΣO ’ΰέ1fZ l Κ'7cP!μ φ¨ΰ5λ-‚¥› =@‚„J8sΩj¦PΉΟγ¦Λ YΊδγL…BΧ ‰{ ŠˆΆDΖη ·Šπ[P΅β
X•)),Ι] £ωaΰΝO‡Ϊi)ΆUΗλϊµU0— cvo ‚6ί9

url:http://www.ureader.com/msg/1675127.aspx

[rahulji]

Hi,
I have a different requirement.
i wrote a script which will contain an username and password of an FTP
server to which it will upload the data.

i want to encrypt these username and password using DPAPIs so that no one
can read them.

can anyone help in this regard?

url:http://www.ureader.com/msg/1675127.aspx

[Al Dunbar]

"rahulji" <rahu...@gmail.com> wrote in message
news:064c21f4734641fa...@newspe.com...

There is some good advice in that link.

If your script needs to use the actual username/password, it will need to
contain code to decrypt the encrypted values. Anyone reading this script
could take a copy, and modify it to display the unencrypted credentials
instead of using them to access the FTP server.

The only way this can be done securely (imho) is to have the operator
provide the encryption key interactively. Of course, there is not much
difference between doing it that way and having the operator provide the
actual username and password.

/Al

[Heinz]

"rahulji" <rahu...@gmail.com> schrieb im Newsbeitrag
news:064c21f4734641fa...@newspe.com...

I think it depends on what you want to achieve:
if your concern is that somebody can snif username and password from your
LAN or on the internet then maybe you need something like VPN or SFTP
if you want to prevent that somebody reads the VBS sourccode then you can :
-try to protect the VBS code with NFTS permissions
-compile the VBS to an (encrypted) .exe file (there are tools availlabe
doing this)

heinz

[Al Dunbar]

"Heinz" <Spacewalker4711(noSpam)@hotmail.com> wrote in message
news:uaVlOON8...@TK2MSFTNGP03.phx.gbl...

> "rahulji" <rahu...@gmail.com> schrieb im Newsbeitrag
> news:064c21f4734641fa...@newspe.com...
>> Hi,
>> I have a different requirement.
>> i wrote a script which will contain an username and password of an FTP
>> server to which it will upload the data.
>>
>> i want to encrypt these username and password using DPAPIs so that no one
>> can read them.
>>
>> can anyone help in this regard?
>>
>> url:http://www.ureader.com/msg/1675127.aspx
>
> I think it depends on what you want to achieve:
> if your concern is that somebody can snif username and password from your
> LAN or on the internet then maybe you need something like VPN or SFTP
> if you want to prevent that somebody reads the VBS sourccode then you can
> :
> -try to protect the VBS code with NFTS permissions

"try" being the operative word here. I suspect that the OP wants people to
run this script that should not know the password, hence his post.

> -compile the VBS to an (encrypted) .exe file (there are tools availlabe
> doing this)

But, again, just how secure is that encrypted information? The executable
must contain the code required to de-crypt the encrypted portions of the
executable, so reverse engineering is possible.

/Al

[Heinz]

"Al Dunbar" <alan...@hotmail.com> schrieb im Newsbeitrag
news:ukFY0PO8...@TK2MSFTNGP03.phx.gbl...

>
> "Heinz" <Spacewalker4711(noSpam)@hotmail.com> wrote in message
> news:uaVlOON8...@TK2MSFTNGP03.phx.gbl...
>> "rahulji" <rahu...@gmail.com> schrieb im Newsbeitrag
>> news:064c21f4734641fa...@newspe.com...
>>> Hi,
>>> I have a different requirement.
>>> i wrote a script which will contain an username and password of an FTP
>>> server to which it will upload the data.
>>>
>>> i want to encrypt these username and password using DPAPIs so that no
>>> one
>>> can read them.
>>>
>>> can anyone help in this regard?
>>>
>>> url:http://www.ureader.com/msg/1675127.aspx
>>
>> I think it depends on what you want to achieve:
>> if your concern is that somebody can snif username and password from your
>> LAN or on the internet then maybe you need something like VPN or SFTP
>> if you want to prevent that somebody reads the VBS sourccode then you can
>> :

>> -compile the VBS to an (encrypted) .exe file (there are tools availlabe
>> doing this)
>
> But, again, just how secure is that encrypted information? The executable
> must contain the code required to de-crypt the encrypted portions of the
> executable, so reverse engineering is possible.

Well, tools like http://www.abyssmedia.com/scriptcryptor/index.shtml will
"compile" and encrypt VBS code to an .exe using Blowfish (an
industry-standard strong encryption algorithm).
The tool uses a strong random password for encrypting the .exe - and when
executed the exe decrypts itself "on the fly" (to memory, not to disk)
This should be sufficient for most users I think and it's a good option for
distributing confidential VBS sourcecode

Heinz

[Al Dunbar]

"Heinz" <Spacewalker4711(noSpam)@hotmail.com> wrote in message

news:#HFhzCQ8...@TK2MSFTNGP04.phx.gbl...

Even SCRENC.exe is enough to confound most users, and scriptcryptor
certainly looks as if it does a better job.

I would still be concerned about using this to obscure something really
sensitive like a domain admin password, however. If the executable contains
the strong random password, the encrypted data, and the logic to use these
to do the decryption, I think there is enough there that it would fall to a
determined reverse-engineering exploit. Definitely not something the average
user is capable of, at least not until someone publishes a program that
anyone could run to do this.

/Al