Dr.Gopala krishnam raju AMBATI Posted February 1, 2019 Share Posted February 1, 2019 i could decrypt a filed plz help me where am i going wrong made text field with text and enc and dec fields but using function both fileds are not same ENC-DEC.fmp12 Link to comment Share on other sites More sharing options...
Ocean West Posted February 1, 2019 Share Posted February 1, 2019 Try this.. ENC-DEC.fmp12.zip 1 Link to comment Share on other sites More sharing options...
comment Posted February 1, 2019 Share Posted February 1, 2019 47 minutes ago, Dr.Gopala krishnam raju AMBATI said: where am i going wrong Can you explain what the purpose of this exercise is? There are several reasons why your attempt fails (order of operations, data types) but it would be better to understand WHAT is being attempted here, before getting to HOW. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 1, 2019 Author Share Posted February 1, 2019 (edited) 25 minutes ago, comment said: Can you explain what the purpose of this exercise is? There are several reasons why your attempt fails (order of operations, data types) but it would be better to understand WHAT is being attempted here, before getting to HOW. actually, my solution has perfect registration with serial but I am having the issue of a very big client request code in order to simplify it I am trying to use various hashes to encrypt and decrypt, encryption I got the desired result but when reverse engineering to create my own keygen I am getting stuck at decrypting the hashes hope I am clear having very tough times since 12 hrs 29 minutes ago, Ocean West said: Try this.. ENC-DEC.fmp12.zip 69.28 kB · 1 download tweaked version is it fine ? ENC-DEC-NOI-KEY.fmp12 Edited February 1, 2019 by Dr.Gopala krishnam raju AMBATI none Link to comment Share on other sites More sharing options...
Ocean West Posted February 1, 2019 Share Posted February 1, 2019 Your example your key was simply "md5" it would be better to use an actual random key "63386D57697A5942376E5170537242344158336675316E49536376744934753334634C" The key should not be stored in the calculation engine in plain text - at the very least it should be referenced as a custom function. Otherwise it's like putting a password on a sticky note to the safe - should someone hack the file or have access to the file. Ideally the key should not be stored in the file at all and in some cases a requirement for software validation and certifications. You could stop an encrypted file on the server and on startup of the solution it could go read that file off the server and store the that in memory or at runtime each time you need to encrypt or decrypt. Personally I would make encryption and decryption part of a scripted operation and not in the schema. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 1, 2019 Author Share Posted February 1, 2019 1 hour ago, Ocean West said: Your example your key was simply "md5" it would be better to use an actual random key "63386D57697A5942376E5170537242344158336675316E49536376744934753334634C" The key should not be stored in the calculation engine in plain text - at the very least it should be referenced as a custom function. Otherwise it's like putting a password on a sticky note to the safe - should someone hack the file or have access to the file. Ideally the key should not be stored in the file at all and in some cases a requirement for software validation and certifications. You could stop an encrypted file on the server and on startup of the solution it could go read that file off the server and store the that in memory or at runtime each time you need to encrypt or decrypt. Personally I would make encryption and decryption part of a scripted operation and not in the schema. yup got it tx bro but in the file, I uploaded first why encrypt decrypt functions not working as I thought Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 2, 2019 Author Share Posted February 2, 2019 (edited) decrypting digest fail plz help ENC-DEC-2.fmp12 Edited February 2, 2019 by Dr.Gopala krishnam raju AMBATI NONE Link to comment Share on other sites More sharing options...
Josh Ormond Posted February 3, 2019 Share Posted February 3, 2019 I'm with @comment on this. What are you trying to do? You can HexDecode the 'ENCRYPTED DIGEST' field, but not put another CryptDigest on it. So I'm not sure what you are trying to do. Reverse engineering an MD5 hash typically requires a hash table. Which you aren't creating. By their nature, it's not intended to be able to reverse engineer a hash. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 4, 2019 Author Share Posted February 4, 2019 (edited) This is the final code for a client which is developed for the serial request Quote Quote Final code field is called - "ALL 64" UjA5UVFVeEJJRXRTU1ZOSVRrRk5JRkpCU2xVPQ0KDQpRVTFDUVZSSg0KDQpOemN3TWprMk5URXdNZz09DQoNCk1URXZNalV2TVRrNE1nPT0NCg0KWVM1bmEzSXVjbXRuUUdsamJHOTFaQzVqYjIwPQ0KDQpRMFF3UWpJeVF6SXdNRVF3UXpCRU1VSTRPVGhFTmtVeE4wTTNOelZCTWpZPQ0KDQpVMGxOUWxVeVEwOU4NCg== I am trying to make it simpler with a new field called all64-digest-encrypted = HexEncode ( CryptDigest ( ALL 64 ; "MD5") ) i am getting this code ACAADCCFF00E20ED976E9D370773423A which i am happy with encrypted code i am stuck at decrytping HexEncode ( CryptDigest ( ALL 64 ; "MD5") ) someone plz tell how to hexdecode above code all64-digest-decrypted = ???????? Edited February 4, 2019 by Dr.Gopala krishnam raju AMBATI none Link to comment Share on other sites More sharing options...
Josh Ormond Posted February 4, 2019 Share Posted February 4, 2019 I don't believe you can decode the CryptDigest part. It's how hashes work. They are typically a one-way process. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 4, 2019 Author Share Posted February 4, 2019 58 minutes ago, Josh Ormond said: I don't believe you can decode the CryptDigest part. It's how hashes work. They are typically a one-way process. Then what's the purpose of crypt digest function??? When it can't be decoded??? Link to comment Share on other sites More sharing options...
Josh Ormond Posted February 4, 2019 Share Posted February 4, 2019 Security. One common use, store a password as a hash ( not MD5 anymore, its not secure enough ). When someone signs into a site, or file, or whatever, you hash what they typed in the same way as the stored password value. If they match, you let them in. If not, they didn't type the right password. There are ways to reverse engineer an MD5 hash, but is isn't typically done, especially in FileMaker. It's typically not worth the effort. It would be good for you to look at the difference between encryption and hashing and encryption. Here are some brief explanations ( others may clarify as needed ) encoding - transforming data into another format, typically publicly available so it's easy to reverse engineer or decode it. encryption - transforming data into another format, so only authorized parties can view and decode the data. hashing - a one-way transformation that can't be reverse engineered, ideally. Newer hashing algorithms are much better for this. Don't rely on MD5 for secure storage of data. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 4, 2019 Author Share Posted February 4, 2019 (edited) 30 minutes ago, Josh Ormond said: It would be good for you to look at the difference between encryption and hashing and encryption. I was just trying to make my client code smaller with crypt digest, sad I couldn't decode it can I get any suggestion to make client code small by any other way below is the client code UjA5UVFVeEJJRXRTU1ZOSVRrRk5JRkpCU2xVPQ0KDQpRVTFDUVZSSg0KDQpOemN3TWprMk5URXdNZz09DQoNCk1URXZNalV2TVRrNE1nPT0NCg0KWVM1bmEzSXVjbXRuUUdsamJHOTFaQzVqYjIwPQ0KDQpRMFF3UWpJeVF6SXdNRVF3UXpCRU1VSTRPVGhFTmtVeE4wTTNOelZCTWpZPQ0KDQpVMGxOUWxVeVEwOU4NCg== plz Edited February 4, 2019 by Dr.Gopala krishnam raju AMBATI Link to comment Share on other sites More sharing options...
comment Posted February 4, 2019 Share Posted February 4, 2019 The way to make a string smaller is to compress it. Filemaker has no compressing functions, and I doubt applying a compressing algorithm to your "client code" would make it any shorter. Compressing algorithms work by removing redundancy - and there will not be much redundancy in such a short message that does not contain any character runs. Take for example: Original text: GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM Length: 107 characters. Original text compressed using gzip and encoded to base64 (otherwise the result would be a file): H4sIAK/kV1wAAwXBUQqDMAwA0P+dwhPUJNCm/Vuajlld59B5gOFAhhNB2P333rV/yE2qbshjc5dSDdJOUqI8MzNQcBaBEGuyNQZPL7OshznW5fyZv/vvbeZ90wSRSAkggULC6INP7oKszFbIjbnEibQvpz/OdpUjbAAAAA== Length: 168 characters. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 4, 2019 Author Share Posted February 4, 2019 (edited) 51 minutes ago, comment said: GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM OH MY GOD tx for decoding I am more alert now @comment @cheers Edited February 4, 2019 by Dr.Gopala krishnam raju AMBATI Link to comment Share on other sites More sharing options...
comment Posted February 4, 2019 Share Posted February 4, 2019 I don't understand the purpose of this file. Earlier you were asked what your goal is. Eventually you said it was "to make client code smaller". This has nothing to do with security. If you now have a different goal, please state it. What your file does makes no sense to me. As I said, we need to know what you are trying to accomplish before we can advise you how to do it. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 4, 2019 Author Share Posted February 4, 2019 (edited) 25 minutes ago, comment said: I don't understand the purpose of this file. Earlier you were asked what your goal is. Eventually you said it was "to make client code smaller". This has nothing to do with security. If you now have a different goal, please state it. What your file does makes no sense to me. As I said, we need to know what you are trying to accomplish before we can advise you how to do it. NO PURPOSE JUST A REFERENCE for me and others Edited February 4, 2019 by Dr.Gopala krishnam raju AMBATI Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 8, 2019 Author Share Posted February 8, 2019 (edited) On 2/4/2019 at 12:57 PM, comment said: The way to make a string smaller is to compress it. Filemaker has no compressing functions, and I doubt applying a compressing algorithm to your "client code" would make it any shorter. Compressing algorithms work by removing redundancy - and there will not be much redundancy in such a short message that does not contain any character runs. Take for example: Original text: GOPALA KRISHNAM RAJUAMBATI770296510211/25/1982a.gkr.rkg@icloud.comCD0B22C200D0C0D1B898D6E17C775A26SIMBU2COM Length: 107 characters. Original text compressed using gzip and encoded to base64 (otherwise the result would be a file): H4sIAK/kV1wAAwXBUQqDMAwA0P+dwhPUJNCm/Vuajlld59B5gOFAhhNB2P333rV/yE2qbshjc5dSDdJOUqI8MzNQcBaBEGuyNQZPL7OshznW5fyZv/vvbeZ90wSRSAkggULC6INP7oKszFbIjbnEibQvpz/OdpUjbAAAAA== Length: 168 characters. FA4FF51313D39E41D41BE0E28CE032F2 finally coded to 32 characters plz help me how to decode this step HexEncode ( CryptAuthCode ( $$RAW DATA; "sha512"; $$KEY ) ) Edited February 8, 2019 by Dr.Gopala krishnam raju AMBATI Link to comment Share on other sites More sharing options...
comment Posted February 8, 2019 Share Posted February 8, 2019 (edited) I think you're doing something wrong. The CryptAuthCode() computes a message authentication code. The length of the resulting code is constant, and does not depend on the length of the message. When using the SHA512 algorithm, the length of the code after encoding to Base64 should be 128. If you're getting 32, then your algorithm is probably MD5 or MDC2, not SHA512. Or perhaps your $$KEY variable is empty? Needless to say, a message authentication code is not the message, does not contain the message, and cannot be converted back to the message. https://en.wikipedia.org/wiki/HMAC Edited February 8, 2019 by comment 1 Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 8, 2019 Author Share Posted February 8, 2019 $$key has value so HexEncode ( CryptAuthCode ( $$RAW DATA; "sha512"; $$KEY ) ) cant be decoded right Link to comment Share on other sites More sharing options...
comment Posted February 8, 2019 Share Posted February 8, 2019 Right. Link to comment Share on other sites More sharing options...
Dr.Gopala krishnam raju AMBATI Posted February 8, 2019 Author Share Posted February 8, 2019 30 minutes ago, comment said: Right. thanks mam for clarification Link to comment Share on other sites More sharing options...
comment Posted February 8, 2019 Share Posted February 8, 2019 I hope you know I'm not the Queen ... 2 Link to comment Share on other sites More sharing options...
Recommended Posts
This topic is 1898 days old. Please don't post here. Open a new topic instead.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now