Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

crypt key generate

Posted on 2004-10-20
9
Medium Priority
?
259 Views
Last Modified: 2010-04-05
I have a problem, I have soft in my work, where cant users change password, ther can only when make new user set password only ADMIN and I want make smal app where users can change passwod , but  in DB (INTERBASE) these passwodrds saves crypted

example:
HMXV] is ADMIN
S^ON is LUDA
KRL[P]hY is DIANALUD
RJ]YXd is KARLIS
=>=CCJH is 6526495


are there have chance???


0
Comment
Question by:KarlisB
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 3

Expert Comment

by:alzv
ID: 12359305
If that is not a secret, what soft do you use?

Regards, Alexey.
0
 
LVL 17

Expert Comment

by:Wim ten Brink
ID: 12359914
Consider using a hash instead. A hash can be calculated in only one direction. What you do is this:
A password is stored -> Calculate hash over password, store hash in database.
A password is compared -> Calculate hash over password and compare hash with the value stored in the database.

The SHA hash and the MD5 hash methods are quite strong, thus it would take a while before the hacker guesses the right password.

Encryption is only useful when you want to do something with the values, but in general you don't want to do anything with passwords stored in the database. But your application could remember the password entered by the current user, since it is validated with the database. But no user should be able to see passwords of other users anyway. I personally would feel very uncomfortable if the system administrator at work knew my password. He can change it if he wants but this will be noticed by me since my password becomes invalid afterwards.
0
 
LVL 3

Author Comment

by:KarlisB
ID: 12366592
maybe you not understand the problem, is there chanse to make app in delphi who make crypting identical like soft in bookkeeping ??? For full solution I give the 1000 points
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Expert Comment

by:Ivanov_G
ID: 12366889
Well, you have to know how the software read the crypted passwords. It seems to me that this is simple XOR algorythm, because the number of chars in crypted password is the same as the number of chars in the password itself. In XOR method, there are 2 integer numbers you have to "guess". After that you can make crypted passwords...
0
 
LVL 14

Accepted Solution

by:
DragonSlayer earned 1000 total points
ID: 12367011
You mean to crack the above encryption? seems pretty easy for me...

function GetEncryptedValue(const S: string): string;
var
  i: Integer;
begin
  Result := '';
  for i := 1 to Length(S) do
    Result := Result + Char(Byte(S[i]) + 5 + (i * 2));
end;

Try it:

ShowMessage(GetEncryptedValue('ADMIN'));
0
 
LVL 17

Expert Comment

by:Wim ten Brink
ID: 12367799
First of all, you cannot give 1000 points at EE without asking two different, valid questions.
Second, I'm not sure what you are trying to do. But if I have to guess, you're trying to guess how InterBase encrypts the passwords so you can encrypt new passwords yourself? Well, DragonSlayer gave the answer for you for your example but it depends on the software that you're using. If above example comes from your database then DragonSlayer has it cracked. If not, then the encryption might be quite difficult to crack. It could well be that they're even using hashes in which case you can never get the original password back.

But if above example of yours is from the database then the security of that software product sucks big time...
0
 
LVL 3

Author Comment

by:KarlisB
ID: 12368164
Thanks  DragonSlayer its work
0
 
LVL 14

Expert Comment

by:DragonSlayer
ID: 12368206
Yea, the encryption is lame ;-)
0
 
LVL 14

Expert Comment

by:DragonSlayer
ID: 12368211
Now, where is my 1000 points? LoL... heheheheh
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to create forms/units independent of other forms/units object names in a delphi project. Have you ever created a form for user input in a Delphi project and then had the need to have that same form in a other Delphi proj…
Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question