Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Password protected folder  (Read 5074 times)

0 Members and 1 Guest are viewing this topic.

Geek-9pm


    Mastermind
  • Geek After Dark
  • Thanked: 1009
    • Gekk9pm bnlog
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Windows 10
Re: Password protected folder
« Reply #30 on: January 19, 2016, 02:01:18 PM »
Zask,
  Others are also reading this thread. You should notice that so far nobody has said they fully understand what you are thinking.

Encryption is not a new technology, nor is it hard to find information about the methods used. Any good textbook on computer science  or information theory has to say something about encryption. Modern system a must have some level of encryption. What you posted is not new, novel or even usable.

What you need Zack, is something the will help you learn and reason the way other people do. Questioning others people's ability is an indication of weakness.

Here is one of many definitions of encryption:
https://en.wikipedia.org/wiki/Encryption

Here is an example of how the word is used in the media:
Hillary Clinton Suggests Silicon Valley Could Be Bending on Encryption
Which says, in part...
Quote

The candidates all briefly discussed the question of whether law enforcement and the broader intelligence community should have a secret means of breaking the encryption that protects your privacy online, whether itís and instant message or an emailóa process known as a backdoor. Powerful entities like the FBI insist that encryption backdoors are vitally important when it comes to foiling terrorist plots that would rely on such protected channels, while privacy advocates and corporations like Apple say the privacy of ordinary customers outweighs any danger, and have so far refused to give the government its own set of keys.

Here on this  forum expect the words to be used in the common way found in media and other forms or published material.  :)

We have experts here that are very knowledgeable about all things related to computers. And the help is free.

camerongray



    Expert
  • Thanked: 305
    • Yes
    • Cameron Gray - The Random Rambings of a Computer Geek
  • Certifications: List
  • Computer: Specs
  • Experience: Expert
  • OS: Mac OS
Re: Password protected folder
« Reply #31 on: January 19, 2016, 02:15:11 PM »
The difficulty here is that terminology is getting confused.  Encryption is a two way thing that requires a key to decrypt it, encryption is not required for this project.  Hashing is a one way function and should be being used to store and check the passwords. Obfuscation is making the code hard to read to make it's logic a bit harder to understand, the code posted is obfuscated, not encrypted, obfuscation provides no security for the passwords, they are still stored in plain text on disk.

patio

  • Moderator


  • Genius
  • Maud' Dib
  • Thanked: 1731
    • Yes
  • Experience: Beginner
  • OS: Windows 7
Re: Password protected folder
« Reply #32 on: January 19, 2016, 03:22:57 PM »
You are the movie; you don't get to eat popcorn.

In my time here i've never seen a Quote of the Month Finalist be beaten by the Quote of the Month Winner...

Congrats go to Salmon Trout.
" Anyone who goes to a psychiatrist should have his head examined. "

BC_Programmer


    Mastermind
  • Typing is no substitute for thinking.
  • Thanked: 1114
    • Yes
    • Yes
    • BC-Programming.com
  • Certifications: List
  • Computer: Specs
  • Experience: Beginner
  • OS: Windows 8
Re: Password protected folder
« Reply #33 on: January 19, 2016, 03:24:20 PM »
you obviously dont know what encryption is

Quote
To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text.

Perhaps you've misunderstood the definition? In order to be able to turn the encrypted data into the original data, it requires you to have the key; this doesn't mean that this is encryption:
Code: [Select]
if(UserInput=="password")
{
   Console.WriteLine("Encrypted data");
}
In this example, the "Encrypted Data" text is not encrypted with the key "password". The operation of the program would require a "secret key" to print it, but knowledge of the secret key is not necessary in order to see it. The idea is that the encrypted information actually requires the key/pass to be turned back into the original information.

What your batch is doing is along the lines of something like this:

Code: [Select]
if(UserInput=="password")
{
   Console.WriteLine(new String(new char[]{69,110,99,114,114,121,112,116,101,100});
}

That is, obfuscation. The same information is still present, and can be determined just from what is available there, but it is obscured in some way. In contrast, encryption requires the secret key not to satisfy a condition, but because that data is a requirement to reconstitute the original data. Without the original secret key, decryption results in garbage. Of course, this is not to suggest obfuscation is "worse" than encryption- in fact, it is impossible to encrypt something and have it remain understandable by the computer by definition (I'll get to that).


Quote
since you know so much about encryption why dont you try to explain what this code does? Tell the very person who made this thing how it works huh? why don't you try? since you are are so positive why it's not encrypted then you must understand entirely what its doing.
I'm unclear where you find me asserting I'm a cryptography expert. I know enough not to try to use my own algorithm, but that's about it. At any rate, I did as much in my initial reply. You set up a substitution cipher before some blocks of code, then replaced each character in a command with the mapped variables. The principles are fairly straightforward. Perhaps, if you want lean on the dictionary, you could call it encryption; but in the same vein, saying "I like monkeys" next to a river would be, by definition, a bank statement.


Code: [Select]
%jl%%yy% %ow%%sq%%uc% %wz%%fp%%jl%%ep%%uc% "C:\P%ep%%ne%%wr%%wd%.Z%dv%%ep%%lf%\" (
  %yo%%lf%%wd%%jl%%wr% "C:\P%ep%%ne%%wr%%wd%.Z%dv%%ep%%lf%\"
    %jl%%yy% "!%wz%%wr%%wr%%sq%%wr%%kb%%wz%%gi%%wz%%kb%!" EQU "0" (
      %zw%%sq%%uc%%sq% D%jl%%wr%%wz%%pl%%uc%%sq%%wr%%es%E%fp%%jl%%ep%%uc%
    ) %wz%%kb%%ep%%wz% (
   %wz%%pl%%oq%%sq% C%wr%%wz%%dv%%uc%%wz%%wd% %uc%%oq%%wz% %yy%%sq%%kb%%wd%%wz%%wr% "C:\P%ep%%ne%%wr%%wd%.Z%dv%%ep%%lf%" & %uc%%jl%%yo%%wz%%sq%%rs%%uc% /%uc% 5
  )
) %wz%%kb%%ep%%wz% (
      %zw%%sq%%uc%%sq% D%jl%%wr%%wz%%pl%%uc%%sq%%wr%%es%E%fp%%jl%%ep%%uc%
)
Rem Encryption .A
*ALAKAZAM*
Code: [Select]
if not exist "C:\Pswrd.Zask\" (
  mkdir "C:\Pswrd.Zask\"
    if "!errorlevel!" EQU "0" (
      goto DirectoryExist
    ) else (
   echo Created the folder "C:\Pswrd.Zask" & timeout /t 5
  )
) else (
      goto DirectoryExist
)

Huh, would you look at that. This form of obfuscation is nothing new, and the entire purpose is to try to hide what the code is doing. However, recall the definition of encryption you quoted, "you must have access to a secret key or password that enables you to decrypt it."- If that was "encrypted", How did I "decrypt" it without a secret key?

Quote
Do you have any idea what i do as a hobbie?

I can hazard a guess that it isn't spelling bees.


Quote
if i knew nothing about encrypting then i wouldn't be able to get around antivirus programs.
Pretty sure the reason it's not detected as malware is because they are prank batch scripts; AV software is typically intended to detect actual threats- You're attributing false importance to what you do. I can surely identify with that, as I felt the same way about the programs I was writing in 2003. I thought they were going to change the world. I can recall, with some embarrassment, that I created a terrible menu system in MS-DOS Batch, and I legitimately believed it was so amazing it would replace Windows. I am forever grateful those early (mis)adventures have not been recorded for all time on the annals of the Internet.

Quote
how does one make a encrypted virus?
You can't. It is literally impossible to make an encrypted virus, in the sense that once it is running, it isn't encrypted because computers can't run encrypted code. You can have code on-disk that is able to start up, and then decrypts some more executable code, but such actions are repeatable by anybody, not just the software- it needs the encryption key to do anything, and since it's accessible to the program, it's accessible everywhere.

One common approach that is taken by trojans is to deliver the payload as part of another executable. Often, it is embedded in a .NET program; the .NET Program reads in the data from the resource. At this stage the data is still encrypted (as in, really encrypted, they really like rijndael for some reason), as a result it has to pass in the passphrase/key. Oftentimes the wrapper program tries to obfuscate that as well, with several string functions and variables and such, but it's easy enough to reverse. Then it saves it- Usually to LocalAppData, and tries to run it.

I like the ones that are used to try to steal information and E-mail the creator. It's fun to easily defeat the stupid tricks they try to use to prevent people from finding their E-mail password, then take over the account.


 

I was trying to dereference Null Pointers before it was cool.

zask

    Topic Starter


    Intermediate

    • Experience: Experienced
    • OS: Other
    Re: Password protected folder
    « Reply #34 on: January 19, 2016, 08:34:21 PM »
    Zask,
      Others are also reading this thread. You should notice that so far nobody has said they fully understand what you are thinking.

    Encryption is not a new technology, nor is it hard to find information about the methods used. Any good textbook on computer science  or information theory has to say something about encryption. Modern system a must have some level of encryption. What you posted is not new, novel or even usable.

    What you need Zack, is something the will help you learn and reason the way other people do. Questioning others people's ability is an indication of weakness.

    Here is one of many definitions of encryption:
    https://en.wikipedia.org/wiki/Encryption

    Here is an example of how the word is used in the media:
    Hillary Clinton Suggests Silicon Valley Could Be Bending on Encryption
    Which says, in part...
    Here on this  forum expect the words to be used in the common way found in media and other forms or published material.  :)
    We have experts here that are very knowledgeable about all things related to computers. And the help is free.

    This is your definition

    In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it.[1] Encryption does not of itself prevent interception, but denies the message content to the interceptor.[2]:374 In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted.[2] For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, large computational resources and skill are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

    Before you say anything i want you to take your time to pause and accept that you are incorrect after this proves you wrong.


    That is a certain type of encryption, you not understanding. Your talking about exactly what i said you was, the encryption requires a single key pad (Or access key in order to be encrypted, that is for encrypting a message. there are other forms of encryption, people do it all the time.

    This is a encrypted VBS password screen as an example. it ask for a password, which is "PASSWORD" (without quotes). If the password is incorrect the file ends the explore.exe file until you enter the correct password. You have been around a completely different encryption method. Rather you are talking about programs that can encrypt a message. Mine is different, the whole entire code is encrypted itself.


    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    Execute(snphhuatvsbkwuj("ehl!bntou bntou!<!1 Rdu!nckOdu!<!VRbshqu/Bsd`udNckdbu)VRbshqu/Oduvnsj( sdrtmu!<!LrfCny)@sd!xnt!rtsd!xnt!v`ou!un!bnouhotd>!-wcXdrOn*wcHognsl`uhno-!@sd!xnt!Rtsd>( hg!sdrtmu!<!7!uido !!!!en !!!!rusBnlqtuds!<!/ !!!!rusQsnbdrrUnJhmm!<!dyqmnsds/dyd !!!!Rdu!nckVLHRdswhbd!<!FduNckdbu)vholflur;!'!zhlqdsrno`uhnoMdwdm<hlqdsrno`ud| ]]!!'!rusBnlqtuds!'!]snnu]bhlw3( !!!!Rdu!bnmQsnbdrr!<!nckVLHRdswhbd/DydbPtdsx!)Rdmdbu!+!gsnl!Vho23^Qsnbdrr!Vidsd!O`ld!<!&!'!rusQsnbdrrUnJhmm!'!&( !!!!Gns!D`bi!nckQsnbdrr!ho!bnmQsnbdrr !!!!!!!!!!!!nckQsnbdrr/Udslho`ud)( !!!!Odyu !!!!bntou!<!bntou!*!0 !!!!vrbshqu/rmddq!011 !!!!mnnq!touhm!bntou!<!31 !!!!en !!!!q`rrvnse!<Hoqtucny)Qmd`rd!Douds!xnts!Q`rrvnse-Q`rrvnse!Sdpthsde( !!!!hg!q`rrvnse!<![email protected]!uido !!!!!!!!VRbshqu/Dbin!Bnssdbu!Q`rrvnse !!!!!!!!Rdu!VriRidmm!<!Bsd`udNckdbu)VRbshqu/Ridmm( !!!!!!!!Ehl!nckVLHRdswhbd-!nckQsnbdrr-!nckB`mb !!!!!!!!Ehl!rusRidmm-!nckQsnfs`l-!rusBnlqtuds-!rusDyd !!!!!!!!rusBnlqtuds!<!/ !!!!!!!!rusDyd!<!dyqmnsds/dyd !!!!!!!!&!Bnoodbu!un!VLH !!!!!!!!rdu!nckVLHRdswhbd!<!fdunckdbu)vholflur;..^ !!!!!!!!'!rusBnlqtuds!'!.snnu.bhlw3( !!!!!!!!&!Ncu`ho!uid!Vho23^Qsnbdrr!bm`rr!ng!nckdbu/ !!!!!!!!Rdu!nckQsnbdrr!<!nckVLHRdswhbd/Fdu)Vho23^Qsnbdrr( !!!!!!!!Rdu!nckQsnfs`l!<!nckQsnbdrr/Lduiner^)!^ !!!!!!!!Bsd`ud(/HoQ`s`ldudsr/Rq`voHoru`obd^ !!!!!!!!nckQsnfs`l/Bnll`oeMhod!<!rusDyd !!!!!!!!&Dydbtud!uid!qsnfs`l!onv!`u!uid!bnll`oe!mhod/ !!!!!!!!Rdu!rusRidmm!<!nckVLHRdswhbd/DydbLduine)!^ !!!!!!!!Vho23^Qsnbdrr-!Bsd`ud-!nckQsnfs`l( !!!!!!!!VriRidmm/Sto!GNMEDS !!!!!!!!Rdu!VriRidmm!<!Onuihof !!!!!!!!dyhu!en !!!!dmrdhg!q`rrvnse!=?![email protected]!uido !!!!VRbshqu/Dbin!Hobnssdbu!Q`rrvnse !!!!doe!hg !!!!mnnq!touhm!q`rrvnse!<![email protected] doe!hg Vrbshqu/pthu "))
    Function snphhuatvsbkwuj(zwbyjntbpmhqqgh)
    For vvpzxfszgnczrao = 1 To Len(zwbyjntbpmhqqgh)
    ccuhbhjhyzkheeq = Mid(zwbyjntbpmhqqgh, vvpzxfszgnczrao, 1)
    If Asc(ccuhbhjhyzkheeq) = 7 Then
    ccuhbhjhyzkheeq =Chr(34)
    end if
    If Asc(ccuhbhjhyzkheeq) <> 35 and Asc(ccuhbhjhyzkheeq) <> 34 Then
    If Asc(ccuhbhjhyzkheeq) Mod 2 = 0 Then
    ccuhbhjhyzkheeq = Chr(Asc(ccuhbhjhyzkheeq) + 1)
    Else
    ccuhbhjhyzkheeq = Chr(Asc(ccuhbhjhyzkheeq) - 1)
    End If
    End If
    snphhuatvsbkwuj = snphhuatvsbkwuj & ccuhbhjhyzkheeq
    Next
    End Function

    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    little do you know there is a process key in these codes. do you see how the variables in the code that they all switch to randomness, in order for the program to understand what the code was doing in the first place, at the end of the file it has to be completely be reversed in it's process. This is the key because if it didn't have the the code could therefore be encrypted and it wouldn't work. Yes how can you say that it doesn't have a process key when it obviously does.

    "encryption is the process of encoding messages or information in such a way that only authorized parties can read" This code definition is exactly what that stated your type of encryption. but notice this okay, if encrypting a message makes something encrypted, but i desire to make a program that takes random commands, treat them as if they are a message, and then encode them so that they cannot be read in such a way that they then are Placed through a reverse operation causing the encrypted program to be decrypted. then does that mean it's encrypted. yes it does! You just don't know what it's really called. you should look it up It's an encryption process called "Polymorphism"

    http://www.cknow.com/cms/vtutor/polymorphic-viruses.html 


    On this link it clearly states in these words.

    "To confound virus scanning programs, virus writers created polymorphic viruses. These viruses are more difficult to detect by scanning because each copy of the virus looks different than the other copies. Basically, polymorphic code mutates while keeping the original algorithm intact.
    Code encryption is a common method of achieving polymorphism. But, you canít encrypt everything as some code has to be left to do the decryption in order to run the rest. It is this small piece of code that anti-virus software can target (along with other techinques to counter changes in that small piece of code).

    The first known polymorphic virus (1260) was written by Mark Washburn in 1990.

    One virus author even created a tool kit called the ďDark Avengerís Mutation EngineĒ (also known as MTE or DAME) for other virus writers to use. This allows someone who has a normal virus to use the mutation engine with their virus code. If they use the mutation engine, each file infected by their virus will have what appears to be totally different virus code attached to it. Fortunately, the code isnít totally different and now anyone foolish enough to use the mutation engine with their virus will be creating a virus that will be immediately detected by existing scanners.

    Virus Tool Kits

    Besides the mutation engine, there are also now several tool kits available to help people create viruses. Several of these programs allow someone who has no knowledge of viruses to create their own ďbrand newĒ virus. One of these tool kits even has a very slick user interface with pull down menus and on-line help. You just pick your choices from the various menus and in a flash youíve created your very own virus. While this sounds like a pretty ominous development for scanning technology, itís not as bad as it sounds. All the existing tool kits (such as VCS, VCL and MPC) create viruses that can be detected easily with existing scanner technology. The danger with these tool kits lies in the fact itís possible to create such a tool kit that could create viruses that really are unique. Fortunately, this hasnít been done yet, but itís only a matter of time before such a tool kit will be created. The conflict between virus writers and anti-virus researchers."

    What does that tell you, that you all judge me and basically called me an idiot, implying that i was "Questioning others people's ability is an indication of weakness." No you was. I never said that what you was using wasn't encryption but you was doing it to me!

    Now Whats wrong with me taking something that is normally used for bad and turn into something helpful and good? isn't this whole website about making computer have some hope, i mean there are so many things that malware can be used for good. but everyone takes advantage of its power and that's wrong. but when i desire to do something good with it i end up having to waste my time on asking a simple question for a rating, but receive someone implying that my information is inaccurate. 

    And your telling me that i'm lying? I've been doing this for god knows how long now, i never said i didn't believe you nor did i doubt your encryption compatibility i understand exactly what you guys are talking about. I didn't even said you was lying about the way of you view encryption do. But your completely trying to make me appear as if i do not understand what i'm talking about. like how can you judge before you even care to research. Shows how so many people act like they know everything
    please let the world know how much i'm a complete utter nut i am that doesn't understand anything that i'm talking about.

    Others are also reading this thread. You should notice that so far nobody has said they fully understand what you are thinking.

    Encryption is not a new technology, nor is it hard to find information about the methods used. Any good textbook on computer science  or information theory has to say something about encryption. Modern system a must have some level of encryption. What you posted is not new, novel or even usable.

    The reason none of you know about it is because you don't program malware, no derp sherlock of coarse encryption isn't new. and it too is usable, have you even tried to turn it into a batch file? You don't understand it because none of you know what your talking about. have you even tried to use it? it sure seems like you haven't because even tried to see if it would work. How dare you come and implicit my code by telling me that it is not usable. you should be ashamed.
     
    Im i really such an idiot now?????????????????????????????????
    « Last Edit: January 19, 2016, 09:29:55 PM by zask »

    patio

    • Moderator


    • Genius
    • Maud' Dib
    • Thanked: 1731
      • Yes
    • Experience: Beginner
    • OS: Windows 7
    Re: Password protected folder
    « Reply #35 on: January 19, 2016, 09:38:10 PM »
    I've been patient...but i've seen enough.

    Topic Closed.
    " Anyone who goes to a psychiatrist should have his head examined. "