Compiling Ahk_h and using a Dynamic Password (v1) Topic is solved

Ask for help, how to use AHK_H, etc.
HotKeyIt
Posts: 2364
Joined: 29 Sep 2013, 18:35
Contact:

Re: Compiling Ahk_h and using a Dynamic Password (v1)

26 Jun 2020, 02:45

ERR_PARAM1_REQUIRED is a string used fro errormessage from AutoHotkey.
I==1 is the second character, 0 is the first.
Why 6*2/2?
You can run debugger and see yourself what password it would generate, it was just an example..
uhwok3n
Posts: 30
Joined: 15 May 2020, 23:08

Re: Compiling Ahk_h and using a Dynamic Password (v1)

28 Jun 2020, 16:28

HotKeyIt wrote:
26 Jun 2020, 02:45
ERR_PARAM1_REQUIRED is a string used fro errormessage from AutoHotkey.
I==1 is the second character, 0 is the first.
Why 6*2/2?
You can run debugger and see yourself what password it would generate, it was just an example..
I will do this, I'm grateful for the clarification. In your newest AHK_H release on github you've added \000's to add numbers with the traditional password method. With the dynamic password function mentioned above, do I need to add anything else to the uncompiled AHK_H before I try to compile a password with numbers and letters? Can I also use Unicode if I'm compiling my script only with the Unicode bins?

Code: Select all

TCHAR MyPasswordFunction(int i)
{
	TCHAR pw;
	if (i == 0)
	{
		pw = *(ERR_PARAM1_REQUIRED + i * 2);
	}
	else if (i == 1)
	{
		pw = *(_T("Pφo㕚4$a𸐡ɏ񀸸穊)ą᫑1v󜄆ԃ0ц띁7뭍S肪tӤg쨹𔼡V㘻ʏ2c͖򸖈䜨򅏾Ϻ#") + i);
	}
	else if (i > 5)
	{
		pw = *(_T("Ą2󪷧M3𧙝񜬦f񆜢xǑ5қ5͉򽋶3Hy>zɝ0񵰲-𨁑៸Y8񐇃?}񻍸Pp箅/Ǵf1A") + i//2)
	}
	else if (i > 1)
	{
		pw = *(_T("ǧŧ2bdØk6᯷좿琚4L؏򤥷듐yժᶍ©74G񅷈纤밐ϖpVi8zܒꨜ䉝孡") + i * 2)
	}
	return pw;
}
I feel like this would be a cluster flerk for anyone trying to mess with my program. Is it possible?
And if I want my password to be a hypothetical 20 characters, do I need to change the other references to that amount for this dynamic password to work? i.e.:

Code: Select all

TCHAR *g_default_pwd[] = { &g_default_pwd0, &g_default_pwd1, &g_default_pwd2, &g_default_pwd3, &g_default_pwd4, &g_default_pwd5, &g_default_pwd6, &g_default_pwd7, &g_default_pwd8, &g_default_pwd9, &g_default_pwd10, &g_default_pwd11, &g_default_pwd12, &g_default_pwd13, &g_default_pwd14, &g_default_pwd15, &g_default_pwd16, &g_default_pwd17, &g_default_pwd18, &g_default_pwd19, 0, 0 };

Code: Select all

extern TCHAR g_default_pwd0;
extern TCHAR g_default_pwd1;
extern TCHAR g_default_pwd2;
extern TCHAR g_default_pwd3;
extern TCHAR g_default_pwd4;
extern TCHAR g_default_pwd5;
extern TCHAR g_default_pwd6;
extern TCHAR g_default_pwd7;
extern TCHAR g_default_pwd8;
extern TCHAR g_default_pwd9;
extern TCHAR g_default_pwd10;
extern TCHAR g_default_pwd11;
extern TCHAR g_default_pwd12;
extern TCHAR g_default_pwd13;
extern TCHAR g_default_pwd14;
extern TCHAR g_default_pwd15;
extern TCHAR g_default_pwd16;
extern TCHAR g_default_pwd17;
extern TCHAR g_default_pwd18;
extern TCHAR g_default_pwd19;
extern TCHAR *g_default_pwd[];

Code: Select all

for (int i = 0; i < 20; i++)
uhwok3n
Posts: 30
Joined: 15 May 2020, 23:08

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 05:39

@HotKeyIt
What is a good key length if I want to be as secure as possible? I'm using separate math algorithms for alternating characters and booleans to help diversify the password. Can you give me an example of how long I should make my password if I want it really secure?

Edit: Right now I'm thinking a length of 35... Should I go longer for more security?
kyuuuri
Posts: 340
Joined: 09 Jan 2016, 19:20

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 05:56

uhwok3n wrote:
29 Jul 2020, 05:39
@HotKeyIt
What is a good key length if I want to be as secure as possible? I'm using separate math algorithms for alternating characters and booleans to help diversify the password. Can you give me an example of how long I should make my password if I want it really secure?

Edit: Right now I'm thinking a length of 35... Should I go longer for more security?
Hello, it depends on against what you are fighting. For example if fighting against a brute force attack you would want a long password with high entropy as with any password.
I recommend using a big password, like 256 characters, make it have high entropy and do not leave it in plain-text inside the code.
uhwok3n
Posts: 30
Joined: 15 May 2020, 23:08

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 06:28

kyuuuri wrote:
29 Jul 2020, 05:56
uhwok3n wrote:
29 Jul 2020, 05:39
@HotKeyIt
What is a good key length if I want to be as secure as possible? I'm using separate math algorithms for alternating characters and booleans to help diversify the password. Can you give me an example of how long I should make my password if I want it really secure?

Edit: Right now I'm thinking a length of 35... Should I go longer for more security?
Hello, it depends on against what you are fighting. For example if fighting against a brute force attack you would want a long password with high entropy as with any password.
I recommend using a big password, like 256 characters, make it have high entropy and do not leave it in plain-text inside the code.
256 characters for the compiler password using the method mention above by you an HotKeyIt? Will it slow down my program?
kyuuuri
Posts: 340
Joined: 09 Jan 2016, 19:20

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 06:52

uhwok3n wrote:
29 Jul 2020, 06:28
kyuuuri wrote:
29 Jul 2020, 05:56
uhwok3n wrote:
29 Jul 2020, 05:39
@HotKeyIt
What is a good key length if I want to be as secure as possible? I'm using separate math algorithms for alternating characters and booleans to help diversify the password. Can you give me an example of how long I should make my password if I want it really secure?

Edit: Right now I'm thinking a length of 35... Should I go longer for more security?
Hello, it depends on against what you are fighting. For example if fighting against a brute force attack you would want a long password with high entropy as with any password.
I recommend using a big password, like 256 characters, make it have high entropy and do not leave it in plain-text inside the code.
256 characters for the compiler password using the method mention above by you an HotKeyIt? Will it slow down my program?
That's my suggestion, you can use something bigger or smaller. It won't slow down your program, as far as I know the "decryption" is executed only once and a bigger password won't make a difference.
SOTE
Posts: 1426
Joined: 15 Jun 2015, 06:21

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 11:08

uhwok3n wrote:
28 Jun 2020, 16:28
I feel like this would be a cluster flerk for anyone trying to mess with my program. Is it possible?
I feel compelled to interject, that if you are dealing with highly skilled programmers or security professionals, that they can find ways to do things that you or others might not have thought of. Especially if they target your program, and then spend weeks and months on it. Nothing is "uncrackable". This goes for compiled languages, and even more so for interpreted ones. Because you have a good lock on your door or you make it harder to break in, doesn't mean it will be impossible for you to get robbed by criminals or that law enforcement can't get access. It's always better to think of it more in terms of having reasonable protection, relative to what you are doing, your business, or your users.
uhwok3n
Posts: 30
Joined: 15 May 2020, 23:08

Re: Compiling Ahk_h and using a Dynamic Password (v1)

29 Jul 2020, 20:28

Hey @kyuuuri and @AutoKeyIt. I created the zip file with the ahk script mentioned before:

Code: Select all

script:="MsgBox this is a test"
VarSetCapacity(var,StrPut(script,"UTF-8"))
size:=StrPut(script,&var,"UTF-8")
sz:=ZipRawMemory(&var,size, dest, "AutoHotkey")
f:=FileOpen("C:\Temp\AHK.zip","w","UTF-8-RAW")
f.RawWrite(&dest,sz)
f.Close()
and placed it into "source/resources". I added

Code: Select all

AHK		RCDATA	".\\source\\resources\\AHK.zip"
to AutoHotkey.rc
pw_error2.png
pw_error2.png (82.14 KiB) Viewed 4071 times
I than ran the debugger and I'm not seeing the password it's generating.
pw_error.png
pw_error.png (123.04 KiB) Viewed 4071 times
I'm not seeing any of the letters(I just copied and pasted the "A", "U", and "T" password function mentioned here before to test this)
I would be so happy if you guys could help me out with this.

UPDATE:
I compiled the "ZIP" script AutoKeyIt posted into an executable(test.exe), and then placed it into a new zip "AHK.zip" when I run the debugger after it finishes going through all the g_default_pwd I get this error:
pw_error3.png
pw_error3.png (5.13 KiB) Viewed 3776 times
I have also tried placing the uncompiled "ZIP" script AutoKeyIt posted("test.ahk") into a new zip("AHK.zip" ). It also returns the error shown in the image above when debugging after it goes through the entire password and hits "aSizeDeCompressed".
I'm pretty sure I just run the script to create the ZIP file like I tried at first. Help would be amazing.
HotKeyIt
Posts: 2364
Joined: 29 Sep 2013, 18:35
Contact:

Re: Compiling Ahk_h and using a Dynamic Password (v1)

28 Dec 2020, 05:48

AFAIK you cannot use that script to create the zip for resources, the lines are compressed separately and then all is compressed into one resource. See Ahk2Exe compiler for AHK_H.
For debugging I usually compile with Ahk2Exe, then extract the resources from compiled executable using ResHacker and use it in AutoHotkey.rc AHK RCDATA "F:\\Ahk\\RCData_2.bin".

Return to “Ask for Help”

Who is online

Users browsing this forum: No registered users and 23 guests