The Realm of Real

..rjproz's blog..

Dynamic Password – Logic

By rjprozOn
Authentication is very much important if you are programming Encryption or security tools. Generally we all apply a common logic to authenticate the user. Following are the very well known code :-

C code :-

char password[100];
printf("nntEnter your Password :: ");
gets(password);
if(strcpy(password,"secretpassword")==0)
{
      printf("nntWelcome..");
      /*------- Next applicatuon code ---------- */
}
else
{
    printf("nntIntruder suspected...");
    exit(0); // Application aborted

C# code :-

String password;
Console.Write("nntEnter Password :: ");
password=Console.Readline();
if(password=="secretpassword")
{
   Console.Write("nntWelcome..");
   /*------- Next applicatuon code ---------- */
}
else
{
    Console.Write("nntIntruder suspected..");   
    /* appliction abortion code or as specified.. */
Image source from internet

But it has a major disadvantage. This code won’t help you to change the password. Once you code the application there would be no way to modify by the assembly code in ordinary manner. You can imagine a scenario where one of your friend has seen the password of the application, thereafter there’s no way to change it. Either you have to write another program or you have to take that friend under your confidence 😛 (..this seems to be ridiculous 😀 :D..)

Storing Password in some file seems the solution but it also carries some problems. Here the application becomes dependent on that file and would be worthless if the file gets deleted.

But there’s way by which you can store the password in the application itself. This is like playing with the executable code, where we’ll store the password in the executable in such a way that it doesn’t crashes it.

The Logic is simple. It includes following steps :-

  • Scan the Password
  • Create a copy/dummy of self
  • Encrypt the password and append it in that copy. Try to append it somewhere at the beginning of the copy. Be sure about the place where you append, else it can crash the EXE
  • Rename self with other name.
  • Rename the dummy to the application name
  • Self-Destruct the self

Similary to scan the password. It includes following step :-

  • Create a copy/dummy of self
  • Read the password from the dummy
  • Delete the dummy
  • Decrypt the password to get the actual password

Following is the deployment of the code in C. It’s tested in Borland C++ 5.02

#include <stdio.h>
#include <conio.h>
#include <stdlib.h>


char content[100];
void encryptstr(char *str,int key)
{
      	
        /* Customize your own or built-in encryption code */

        long i=0;
         char c;
         while((c=str[i])!=NULL)
         {
         	content[i]=c+key;
            i++;
         }
         content[i]=NULL;
}

void decryptstr(char *str,int key)
{
      	   /* Customize your own or built-in decryption code */

long i=0;
         char c;
         while((c=str[i])!=NULL)
         {
            content[i]=c-key;
            i++;
         }
         content[i]=NULL;
}
void SelfDestruct(char *appname)
{
		
   /* Customize your self-destruction code */

	FILE *f;
   		f=fopen("Selfdestruct.bat","w");
   		fprintf(f,"@echo offnping -n 1 0 >NULnnnn");

   		fprintf(f,"del %snclsn",appname);



		fprintf(f,"echo rjprozrjprozrjprozrjproz ");
		fprintf(f,"       rjprozrjprozrjprozrjpro");
		fprintf(f,"zrjproznecho rjprozrjprozrjpro");
		fprintf(f,"zrjproz        rjprozrjprozrjp");
		fprintf(f,"rozrjprozrjproznecho rjproz   ");
		fprintf(f,"         rjproz               ");
		fprintf(f,"    rjproznecho rjproz        ");
		fprintf(f,"    rjproz                   r");
		fprintf(f,"jproz    necho rjproz         ");
		fprintf(f,"   rjproz                   rj");
		fprintf(f,"proznecho rjproz            rj");
		fprintf(f,"proz                   rjprozn");
		fprintf(f,"echo rjproz            rjproz ");
fprintf(f,"                  rjproznecho ");
fprintf(f,"rjproz            rjproz      ");
fprintf(f,"             rjproznecho rjpro");
fprintf(f,"z            rjproz           ");
fprintf(f,"        rjproznecho rjprozrjpr");
fprintf(f,"ozrjprozrjproz                ");
fprintf(f,"   rjproznecho rjprozrjprozrjp");
fprintf(f,"rozrjproz                   rj");
fprintf(f,"proznecho rjprozrjproz        ");
fprintf(f,"                       rjprozn");
fprintf(f,"echo rjproz  rjproz           ");
fprintf(f,"                  rjproznecho ");
fprintf(f,"rjproz   rjproz               ");
fprintf(f,"             rjproznecho rjpro");
fprintf(f,"z    rjproz                   ");
fprintf(f,"        rjproznecho rjproz    ");
fprintf(f," rjproz                       ");
fprintf(f,"   rjproznecho rjproz      rjp");
fprintf(f,"roz                         rj");
fprintf(f,"proznecho rjproz       rjproz ");
fprintf(f,"                       rjprozn");
fprintf(f,"echo rjproz        rjproz     ");
fprintf(f,"                  rjproznecho ");
fprintf(f,"rjproz         rjproz         ");
fprintf(f,"             rjproznecho rjpro");
fprintf(f,"z          rjproz         rjpr");
fprintf(f,"oz      rjproznecho rjproz    ");
fprintf(f,"       rjproz        rjproz   ");
fprintf(f,"   rjproznecho rjproz         ");
fprintf(f,"   rjproz       rjprozrjprozrj");
fprintf(f,"proznecho rjproz             r");
fprintf(f,"jproz      rjprozrjprozrjproz ");
fprintf(f,"             nnnnnping -n 3 0 ");
fprintf(f,">NULnnnnnnnnnnnnnnnnnnnnnnnnnn");
fprintf(f,"nnnnecho .necho .necho .necho .necho .necho .necho .necho ");
fprintf(f,".necho .necho .necho .nnecho S");
fprintf(f,"elf destructed successfully...");
fprintf(f,"......necho .necho .necho .nec");
fprintf(f,"ho .necho .necho .necho .necho .necho ");


	fprintf(f,"Now terminate this program.......");

	fprintf(f,"necho .necho .necho .necho .ne");
	fprintf(f,"cho .necho .nping -n 2 0 >NULn");
   fprintf(f,"del selfdestruct.bat");



fclose(f);

system("start "SElf Destruction" selfdestruct.bat");
exit(0);
}
void main(int arc,char *argv[])
{


	printf("nntEnter 1 to change passwordnntElse press any other key to view passwordnntEnter your choice ::");
   char pass[100],ck[100];
   int i=0;
   FILE *f;
   char c=getch();
   clrscr();
   if(c=='1')
   {
   	// Change pass

      printf("nntEnter new password:: ");
      gets(pass);
      encryptstr(pass,9);
      rename(argv[0],"todie.rj_proz_trans");       // argv[0] stores the full path of self
      system("copy todie.rj_proz_trans newapp.rj_proz_trans");
      f=fopen("newapp.rj_proz_trans","rb+") ;
      fseek(f,25L,0);                    // This step is very important.. choosing right place to append the password

      fprintf(f,"%s ",content);
      fclose(f);
      rename("newapp.rj_proz_trans",argv[0]);
      SelfDestruct("todie.rj_proz_trans");
   }
   else
	{
            rename(argv[0],"doscomp.rj_proz_trans");
      		system("copy doscomp.rj_proz_trans dupli.rj_proz_ref");
            rename("doscomp.rj_proz_trans",argv[0]);
            clrscr();
      		f=fopen("dupli.rj_proz_ref","rb+") ;
            fseek(f,25L,0);
            while((c=getc(f))!=' ')
            {
            	ck[i]=c;
               i++;
            }
            ck[i]=NULL;
             decryptstr(ck,9);
            printf("nnttPassword is :: %s .",content);
            getch();
            fclose(f);
            remove("dupli.rj_proz_ref");

   }



Download this to see a demo application..

It is recommended to use one-way encryption like MD5 before storing the password.
If you are using dos commands to copy files in the code then don’t use spaces in the application name, i.e. you can name it as “dynamic_pass.exe” but not “dynamic pass.exe“.

Depending upon the compiler the right place to append the password may differ. You have to spent little time to study that with your own compiler. Keep that in mind that long password can crash the EXE as it can overwrite the EXE code 😛

Leave a Reply

Your email address will not be published. Required fields are marked *