|
|
Author |
Thread |
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-15-2004 22:21
I started writing a program for myself a while back that would let me save text in a way that I could password protect it. I use this program for things such as my personal poems and song lyrics as well as sensitive information I would want to keep others from seeing (eg: passwords).
I've decided to put the program's source on www.planetsourcecode.com recently, as I have finally finished the project. This will be my first code submission to any site, and I was wanting some c&c on the program before I post the source.
I'm looking for comments such as: "I can crack that encryption, here's how...", "nice job", "your program sucks", "I'd use it", "I like it, but here's what I don't like about it..." or anything that you would consider constructive.
The program is called CrypticNotes and can be found at http://ixi.dacryonic.net/programs.html
Once downloaded, the initial file opened is an explanation of how to use the program.
Any and all help is, as always, greatly appreciated
Thank you in advance,
[edit] The program isn't fully finished, I forgot that I must still give the passwords a password character [/edit]
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
(Edited by I X I on 08-15-2004 22:25)
|
asptamer
Paranoid (IV) InmateFrom: The Lair Insane since: Apr 2003
|
posted 08-15-2004 22:44
looks cool. Dont know about cracking it cuz Im not an expert in that area, but out of curiousity, where does it store the text files?
found a bug: somehow the filename gets deleted, and before I enter the password nothing is displayed in the list of files, although I can still click it to get the password prompt.
(Edited by asptamer on 08-15-2004 22:47)
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-15-2004 22:49
asptamer said:
but out of curiousity, where does it store the text files?
I'll leave that up to speculation for a little while
can you reproduce the error, and if so, what did you do?
[edit] silly me, messing up such wonderful UBB code [/edit]
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
(Edited by I X I on 08-15-2004 22:50)
(Edited by I X I on 08-15-2004 22:52)
|
asptamer
Paranoid (IV) InmateFrom: The Lair Insane since: Apr 2003
|
posted 08-15-2004 23:26
nope... I think it was a one time thing, but I"ll let u know if I figure it out.
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-15-2004 23:49
thanks for being my beta-tester
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
|
jdauie
Bipolar (III) InmateFrom: Missoula, MT Insane since: Jan 2003
|
posted 08-16-2004 02:43
All you are using is a simple character offset:
Run this code in the same directory and it will print out all the notes
(it won't be formatted in a pretty way, but it works)
code:
#include "stdio.h"
char *data_file = (char*)"dllNotes.dll";
int offset = 27;
int main( int argc, char *argv[] ) {
FILE *inputFile;
inputFile = fopen(data_file, "r");
char c;
char t;
do {
c = fgetc (inputFile);
t = (char)( (int)c - offset );
printf("%c", t);
} while (c != EOF);
fclose(inputFile);
return 0;
}
(Edited by jdauie on 08-16-2004 02:44)
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-16-2004 04:40
why yes, very good jdauie
anybody else care to hunt for bugs?
[edit] although, I'm using Visual Basic... what would be a better way of encrypting the strings? [/edit]
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
(Edited by I X I on 08-16-2004 05:00)
|
wrayal
Bipolar (III) InmateFrom: Cranleigh, Surrey, England Insane since: May 2003
|
posted 08-16-2004 05:16
seriously, dont using offset. That can be broken by letter counting. Use vignere. MUCH more secure
Wrayal
Go to kimber-ja.demon.co.uk and click on the link to the raytracer!
|
jdauie
Bipolar (III) InmateFrom: Missoula, MT Insane since: Jan 2003
|
posted 08-16-2004 05:58
wrayal: vignere is still just a simple cipher. It can be broken, and if you have access to the program so that you can input a message and view the enciphered result, then it is very easy to get the key.
To be really secure, use tested high-encryption components. If you wan't to write your own encryption, try something simple like using matrix calculations involving large prime numbers.
|
wrayal
Bipolar (III) InmateFrom: Cranleigh, Surrey, England Insane since: May 2003
|
posted 08-16-2004 10:38
Its wasy to break in comparison to modern cyphers I agree, but it is far more secure to the average person than a simple shift. If you look at the histroy of vignere, for a long time it was hailed as unbreakable!
But hey, it all depends on how private the input is
wrayal
Go to kimber-ja.demon.co.uk and click on the link to the raytracer!
|
mas
Maniac (V) Mad LibrarianFrom: the space between us Insane since: Sep 2002
|
posted 08-16-2004 10:50
IXI: very nifty tool. if you can grant me that this one is really save then i will definitely use is for saving my passwords, account info etc,
B | T | E | P | L
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-16-2004 22:28
Well, the encryption I'll admit is simple at the moment, just a character shift as jdauie pointed out. But I'm working on it.
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
|
Petskull
Maniac (V) Mad ScientistFrom: 127 Halcyon Road, Marenia, Atlantis Insane since: Aug 2000
|
posted 08-17-2004 14:22
isn't there a library for PGP?
(Edited by Petskull on 08-17-2004 14:23)
|
CPrompt
Maniac (V) InmateFrom: there...no..there..... Insane since: May 2001
|
posted 08-17-2004 14:23
I X I....i'm gonna download it when I get back home from work....
what Language did you write this in? C, C++....just curious
Look forward to checking it out.
Later,
C:\
~Binary is best~
|
Skaarjj
Maniac (V) Mad ScientistFrom: :morF Insane since: May 2000
|
posted 08-17-2004 18:07
that's C or C++ alright...the
gives it away.
|
Veneficuz
Paranoid (IV) InmateFrom: A graveyard of dreams Insane since: Mar 2001
|
posted 08-17-2004 18:29
But that was jdauie's code.. I X I used Visual Basic, he mentioned it in an earlier post.
Found this tutorial that might be of interest, RSA encryption in VB.NET. RSA is the same encryption algorithm that PGP uses.
_________________________
"There are 10 kinds of people; those who know binary, those who don't and those who start counting at zero"
- the Golden Ratio - Vim Tutorial -
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-19-2004 03:00
it's actually done in vb6.
even though it's not my code you're talking about, skaarjj, why would that particular line of code give it away as c/c++? I would have thought the "#include" would give the crack code away as c/c++. although I'm not sure if c/c++ is the only language to use "#include" for header files, so maybe not...
anyway, thanks all for checking out my program and for all the c&c. I'm working on a version of 128-bit encryption of my own, should make cracking it harder to do. with any luck I should have it done by the end of the night.
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
|
CPrompt
Maniac (V) InmateFrom: there...no..there..... Insane since: May 2001
|
posted 08-19-2004 19:14
quote: I X I said:
I'm working on a version of 128-bit encryption of my own, should make
cracking it harder to do. with any luck I should have it done by the
end of the night.
I have a nice little app that does 64 and 128-bit encryption if you need it.
Later,
C:\
~Binary is best~
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-20-2004 05:57
quote: CPrompt said:
I have a nice little app that does 64 and 128-bit encryption if you need it.
is it one you downloaded or one you wrote yourself, and if you wrote it, what language did you write it in?
at the moment I'm working on creating 128-bit keys for each individual file, but I get the feeling that even that would be easily reverse-engineered. I'm having trouble finding any well commented code/tutorials for encryption in visual basic. I'd really rather not use someone else's module or code, and especially not without giving credit to the author. when this program is completed I will have to make a thank you section/about box giving credit where credit is due.
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
|
jdauie
Bipolar (III) InmateFrom: Missoula, MT Insane since: Jan 2003
|
posted 08-20-2004 07:06
If you don't want to use someone else's code, then I recommend that you look at the mathematical definitions of either a stream cipher like RC4, which is easy to understand and imlement, or look at some good block ciphers like Square or Rijndael.
In addition, I would recommend that you use "one-way" encryption on the passwords you use for your seperate "files", to make it even more secure. For example, writing MD5 from the RFC definition (RFC1321) is a good learning experience.
|
CPrompt
Maniac (V) InmateFrom: there...no..there..... Insane since: May 2001
|
posted 08-20-2004 19:31
It's not my code but it is for VB6. it's good code.
I can zip up for ya if ya wanna take a look at it
might want to email me to remind me
Later,
C:\
~Binary is best~
|
I X I
Paranoid (IV) InmateFrom: beyond the gray sky Insane since: Apr 2004
|
posted 08-23-2004 06:39
C:\ - I'm sorry, I might have missed it earlier... what was your email again?
pls do mail that code to ixi(a)dacryonic.net
...Of all the things I've lost, I miss my mind the most (ozzy osbourne)
|
CPrompt
Maniac (V) InmateFrom: there...no..there..... Insane since: May 2001
|
posted 08-23-2004 19:22
Hey...with that handy dandy script TP put together
you can email me from here
Not a probelm though...I am shooting myself an email to do it.
Later,
C:\
~Binary is best~
|