Encryption blunder!!

1. Junior Member
Join Date
Dec 1969
Posts
11

## Encryption blunder!!

I have a forum running for some time now with a password encryption routine I got from this site.<BR><BR>However I have just decided to migrate to another forum when I discover I have implemented the routine wrong!!<BR><BR>Can any tell me how to decrypt this routine? :(<BR><BR> Sub RC4Initialize(strPwd)<BR> &#039;:::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::<BR> &#039;::: This routine called by EnDeCrypt function. Initializes the<BR> &#039;::: sbox and the key array)<BR> &#039;:::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::<BR> <BR> dim tempSwap<BR> dim a<BR> dim b, intLength<BR> <BR> intLength = len(strPwd)<BR> For a = 0 To 255<BR> key(a) = asc(mid(strpwd, (a mod intLength)+1, 1))<BR> sbox(a) = a<BR> next<BR> <BR> b = 0<BR> For a = 0 To 255<BR> b = (b + sbox(a) + key(a)) Mod 256<BR> tempSwap = sbox(a)<BR> sbox(a) = sbox(b)<BR> sbox(b) = tempSwap<BR> Next<BR> End Sub<BR> <BR>&#039;- ENCRYTPTION ROUTINES -----------------------------------------<BR> <BR> Function EnDeCrypt(psw)<BR> <BR> dim temp<BR> dim a<BR> dim i<BR> dim j<BR> dim k<BR> dim cipherby<BR> dim cipher<BR> dim plaintxt<BR> plaintxt ="you_must_be_very_sad_to_have_cracked_this!"<B R> <BR> i = 0<BR> j = 0<BR> <BR> if len(psw)&#062;0 then<BR> <BR> RC4Initialize psw<BR> <BR> For a = 1 To Len(plaintxt)<BR> i = (i + 1) Mod 256<BR> j = (j + sbox(i)) Mod 256<BR> temp = sbox(i)<BR> sbox(i) = sbox(j)<BR> sbox(j) = temp<BR> <BR> k = sbox((sbox(i) + sbox(j)) Mod 256)<BR> <BR> cipherby = Asc(Mid(plaintxt, a, 1)) Xor k<BR> if cipherby = 0 then<BR> cipher = "?"<BR> else<BR> cipher = cipher & Chr(cipherby)<BR> end if<BR> Next<BR> <BR> EnDeCrypt = Replace(cipher,"&#039;","~") &#060; mod<BR> else<BR> EnDeCrypt =""<BR> end if<BR> <BR> End Function<BR><BR><BR>many thanks...<BR><BR>JR<BR>;)

2. Senior Member
Join Date
Dec 1969
Posts
6,476

## RE: Encryption blunder!!

Is this the "Exact code"<BR><BR>Close to the end of the function <BR><BR>EnDeCrypt = Replace(cipher,"&#039;","~") &#060; mod &#039;&#060;&#060;&#060;doesnt look like a legal statement<BR><BR>Can you double check it to make sure

3. Senior Member
Join Date
Dec 1969
Posts
6,476

## RE: Encryption blunder!!

I see you added it there, but what were you really using?

4. Junior Member
Join Date
Dec 1969
Posts
11

## RE: Encryption blunder!!

Sorry, the &#039;&#060; mod&#039; is a note to let you know that I have modified it to remove aprostraphies. :)<BR><BR>The line actually looks like this...<BR><BR>EnDeCrypt = Replace(cipher,"&#039;","~") <BR><BR>Little more info for you, sorry if you already know this...<BR><BR>The routine basically takes a text string and encrypts it using a password. If you pass the encrypted text back to the routine with correct password the string is returned.<BR><BR>However, I have got confused and passed the text string along with the users password to encrypt. When I should have passed the password as text and encrypted using fixed string!<BR><BR>There, clear as mud!<BR><BR>Thanks for your input.<BR><BR>JR

5. Senior Member
Join Date
Dec 1969
Posts
6,476

## ok heres the tricky part...

text = russell<BR>password = russell<BR><BR>So you passed russellrussell to be incripted...<BR>Was it encripted with the right password russell as well?<BR><BR>Did it happen for all the users, or just a few?<BR>If it happened for everyone, then you should be able to reverse it... just will be tedius to do...<BR><BR>Basically, take the encrytion, decript it with the right password, then remove the password from the decripted string should leave you with what you need....<BR><BR>Then just a matter of updating the field again...<BR><BR>A Bit more detail would help.

6. Junior Member
Join Date
Dec 1969
Posts
11

## RE: ok heres the tricky part...

Russell,<BR><BR>Thanks for your patience!<BR><BR>The encryption routine I have copied has 2 parameters, Text and Password. <BR><BR>Text - is the field to be encryted<BR>Password - is the locking field<BR><BR>You pass the 2 as parameters and the text field is encrypted using the password. To unlock the encrypted text you pass it back to the routine with correct password.<BR><BR>However I done the opposite...<BR><BR>Text - &#039;fixed text statement&#039;<BR>Password - &#060;user password&#062;<BR><BR>where as I should have done...<BR><BR>Text - &#060;user password&#062;<BR>Password - &#039;fixed text statement&#039;<BR><BR>All the passwords are encrypted this way, and I need to migrate them to a new forum with a new encryption routine. <BR><BR>Is that any clearer?<BR><BR>Many thanks...<BR><BR>JR<BR><BR>

7. Senior Member
Join Date
Dec 1969
Posts
6,476

## RE: ok heres the tricky part...

8. Junior Member
Join Date
Dec 1969
Posts
11

## Final attempt :(

OK, here&#039;s how it goes!<BR><BR>I have built a forum site that allows members to register. When they register their password is encrypted using the RC4 routine and stored in my database.<BR><BR>However I would now like to migrate all 900+ members into a new forum, without resetting their passwords.<BR><BR>To do this I need to run their passwords through RC4 routine to decrypt them in order to migrate them to the new forum.<BR><BR>However, when I came to do this I noticed that I had implemented the routine incorrectly and that I couldn&#039;t get it to return the correct passwords.<BR><BR>Attached is the exact code that was in my original forum. <BR><BR>Notice that I have removed one of the paramters from the routine &#039;plaintext&#039; and hard coded it as &#039;you_must_be_very_sad_to_have_cracked_this&#0 39; and the routine is passed the users password and return an encrypted version of the &#039;plaintext&#039; string.<BR><BR>However, what I should have done is passed the user password into the &#039;plaintext&#039; field and encrypted using a hardcoded password.<BR><BR>Thanks... JR<BR><BR>---<BR><BR> Function EnDeCrypt(psw) <BR> <BR> dim temp <BR> dim a <BR> dim i <BR> dim j <BR> dim k <BR> dim cipherby <BR> dim cipher <BR> dim plaintxt <BR> plaintxt ="you_must_be_very_sad_to_have_cracked_this!" <BR> <BR> i = 0 <BR> j = 0 <BR> <BR> if len(psw)&#062;0 then <BR> <BR> RC4Initialize psw <BR> <BR> For a = 1 To Len(plaintxt) <BR> i = (i + 1) Mod 256 <BR> j = (j + sbox(i)) Mod 256 <BR> temp = sbox(i) <BR> sbox(i) = sbox(j) <BR> sbox(j) = temp <BR> <BR> k = sbox((sbox(i) + sbox(j)) Mod 256) <BR> <BR> cipherby = Asc(Mid(plaintxt, a, 1)) Xor k <BR> if cipherby = 0 then <BR> cipher = "?" <BR> else <BR> cipher = cipher & Chr(cipherby) <BR> end if <BR> Next <BR> <BR> EnDeCrypt = Replace(cipher,"&#039;","~") <BR> else <BR> EnDeCrypt ="" <BR> end if <BR> <BR> End Function <BR>

#### Posting Permissions

• You may not post new threads
• You may not post replies
• You may not post attachments
• You may not edit your posts
•