Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

crypt key generate

Posted on 2004-10-20
9
Medium Priority
?
258 Views
Last Modified: 2010-04-05
I have a problem, I have soft in my work, where cant users change password, ther can only when make new user set password only ADMIN and I want make smal app where users can change passwod , but  in DB (INTERBASE) these passwodrds saves crypted

example:
HMXV] is ADMIN
S^ON is LUDA
KRL[P]hY is DIANALUD
RJ]YXd is KARLIS
=>=CCJH is 6526495


are there have chance???


0
Comment
Question by:KarlisB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 3

Expert Comment

by:alzv
ID: 12359305
If that is not a secret, what soft do you use?

Regards, Alexey.
0
 
LVL 17

Expert Comment

by:Wim ten Brink
ID: 12359914
Consider using a hash instead. A hash can be calculated in only one direction. What you do is this:
A password is stored -> Calculate hash over password, store hash in database.
A password is compared -> Calculate hash over password and compare hash with the value stored in the database.

The SHA hash and the MD5 hash methods are quite strong, thus it would take a while before the hacker guesses the right password.

Encryption is only useful when you want to do something with the values, but in general you don't want to do anything with passwords stored in the database. But your application could remember the password entered by the current user, since it is validated with the database. But no user should be able to see passwords of other users anyway. I personally would feel very uncomfortable if the system administrator at work knew my password. He can change it if he wants but this will be noticed by me since my password becomes invalid afterwards.
0
 
LVL 3

Author Comment

by:KarlisB
ID: 12366592
maybe you not understand the problem, is there chanse to make app in delphi who make crypting identical like soft in bookkeeping ??? For full solution I give the 1000 points
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:Ivanov_G
ID: 12366889
Well, you have to know how the software read the crypted passwords. It seems to me that this is simple XOR algorythm, because the number of chars in crypted password is the same as the number of chars in the password itself. In XOR method, there are 2 integer numbers you have to "guess". After that you can make crypted passwords...
0
 
LVL 14

Accepted Solution

by:
DragonSlayer earned 1000 total points
ID: 12367011
You mean to crack the above encryption? seems pretty easy for me...

function GetEncryptedValue(const S: string): string;
var
  i: Integer;
begin
  Result := '';
  for i := 1 to Length(S) do
    Result := Result + Char(Byte(S[i]) + 5 + (i * 2));
end;

Try it:

ShowMessage(GetEncryptedValue('ADMIN'));
0
 
LVL 17

Expert Comment

by:Wim ten Brink
ID: 12367799
First of all, you cannot give 1000 points at EE without asking two different, valid questions.
Second, I'm not sure what you are trying to do. But if I have to guess, you're trying to guess how InterBase encrypts the passwords so you can encrypt new passwords yourself? Well, DragonSlayer gave the answer for you for your example but it depends on the software that you're using. If above example comes from your database then DragonSlayer has it cracked. If not, then the encryption might be quite difficult to crack. It could well be that they're even using hashes in which case you can never get the original password back.

But if above example of yours is from the database then the security of that software product sucks big time...
0
 
LVL 3

Author Comment

by:KarlisB
ID: 12368164
Thanks  DragonSlayer its work
0
 
LVL 14

Expert Comment

by:DragonSlayer
ID: 12368206
Yea, the encryption is lame ;-)
0
 
LVL 14

Expert Comment

by:DragonSlayer
ID: 12368211
Now, where is my 1000 points? LoL... heheheheh
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Objective: - This article will help user in how to convert their numeric value become words. How to use 1. You can copy this code in your Unit as function 2. than you can perform your function by type this code The Code   (CODE) The Im…
Introduction Raise your hands if you were as upset with FireMonkey as I was when I discovered that there was no TListview.  I use TListView in almost all of my applications I've written, and I was not going to compromise by resorting to TStringGrid…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question