Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • QTP Hackers - How To Decrypt Encrypted Password

    Загружено:

    api-19840982
    985 просмотров3 страницы
    How to decrypt encrypted (SetSecure'd) password in QTP. Using this approach, you can hack email accounts published on internet.

    Исходное описание:

    Оригинальное название

    QTP Hackers - How to decrypt encrypted password

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    DOC, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    How to decrypt encrypted (SetSecure'd) password in QTP. Using this approach, you can hack email accounts published on internet.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOC, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    985 просмотров3 страницы

    QTP Hackers - How To Decrypt Encrypted Password

    Загружено:

    api-19840982
    How to decrypt encrypted (SetSecure'd) password in QTP. Using this approach, you can hack email accounts published on internet.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOC, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 3

    QTP Hackers - How to decrypt encrypted (SetSecure'd)

    password

    I will explain you how to decode an encoded password in QTP.


    Using QuickTest Professional and this approach, you can hack email accounts
    published on Internet. Are you interested? :) So, continue reading this QTP
    tutorial for details.

    I've just recorded a simple script, which signs into Gmail. It:

    1. Fills 'Username' in
    2. Fills 'Password' in
    3. Clicks 'Sign in' button

    And the recorded QTP script is:


    Browser("Gmail").Page("Gmail").WebEdit("Email").Set
    "someaccount"
    Browser("Gmail").Page("Gmail").WebEdit("Passwd").SetSecure
    "493844a99bee0e3ab952f2e867fd08e3"
    Browser("Gmail").Page("Gmail").WebButton("Sign in").Click

    As you can see, QTP script is simple enough.


    I've set "someaccount" to 'Username' editbox. But what about 'Password'
    editbox? What value have I filled in?

    QTP encrypted the password using SetSecure method:


    WebEdit("Passwd").SetSecure
    "493844a99bee0e3ab952f2e867fd08e3"
    QTP Help:
    The SetSecure method is recorded when a password or other secure text is
    entered.
    The text is encrypted while recording and decrypted during the test run.

    How to know the initial text?

    There is one trick. Apply SetSecure method to non-secured edit box!


    Instead of this QTP code:
    Browser("Gmail").Page("Gmail").WebEdit("Email").Set
    "someaccount"
    Browser("Gmail").Page("Gmail").WebEdit("Passwd").SetSecure
    "493844a99bee0e3ab952f2e867fd08e3"
    I run this QTP script:
    Browser("Gmail").Page("Gmail").WebEdit("Email").SetSecure
    "493844a99bee0e3ab952f2e867fd08e3"
    And the result of this QTP script is:

    Yes, "mypwd" was encrypted to


    "493844a99bee0e3ab952f2e867fd08e3". So, "mypwd" is the password
    I filled!
    So, this is an easy way to decrypt an encrypted password in QTP.

    By the way, there are two ways how to decrypt a password in QuickTest
    Professional:

    1. Using Crypt.Encrypt

    str = "Some Text"


    encrStr = Crypt.Encrypt(str)

    'encrStr' will contain an encrypted text.


    2. Using Password Encoder from 'Start/Programs/QuickTest
    Professional/Tools'

    Summary:

    • I explained two ways how to crypt a text in QTP


    • I shown an approach how to decrypt an encrypted text

    Well, I promised to show how to hack email addresses... I remember!

    I searched several QTP sites and forums for "SetSecure" function and found
    that some QTP engineers published their code snippets with encrypted
    passwords (for example, entrance into email accounts) :)

    Now you know how to "read" (=steal) passwords in plain text.

    Вам также может понравиться