last_account.cfg unprotected?

[Aurora 46]

Hello everybody

 

I am wondering is there a way to encrypted the password in last_account.cfg because now its unprotected you see the password in the files.

 

Now you see this https://metin2.download/picture/O65xwV04oo7L1JXjm8iDDSge14GQG9Z4/.png

 

Is there a way to make it impossible to open but client can read it or make the password encrypted.

 

I hope somebody can help me with this!

 

Thanks in advance

 

-Aurora

Edited August 30, 2022 by Metin2 Dev
Core X - External 2 Internal

[Sanchez 2468]

Use MD5:

import hashlib

def Something(self, plainText):
	return hashlib.md5(plainText).hexdigest()

Or if you want to decrypt it too, just use base64. It's basic, but probably enough.

[Koray 2002]

PyCrypto is very nice libary(for encrpyt data);

https://pypi.python.org/pypi/pycrypto

Example:

from Crypto.Cipher import AES
import base64
import os

#@http://www.codekoala.com:4000/posts/aes-encryption-python-using-pycrypto/
BLOCK_SIZE = 32
PADDING = '{'

pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

secret = os.urandom(BLOCK_SIZE)
cipher = AES.new(secret)

encoded = EncodeAES(cipher, 'password')
print 'Encrypted string:', encoded

decoded = DecodeAES(cipher, encoded)
print 'Decrypted string:', decoded

and

 

_winreg is nice trick(for register data in registry);

https://docs.python.org/2/library/_winreg.html

Example:

import _winreg

REG_PATH = r"SOFTWAREMetin2Settings"
#@http://stackoverflow.com/questions/15128225/python-script-to-read-and-write-a-path-to-registry
def set_reg(name, value):
    try:
        _winreg.CreateKey(_winreg.HKEY_CURRENT_USER, REG_PATH)
        registry_key = _winreg.OpenKey(_winreg.HKEY_CURRENT_USER, REG_PATH, 0,
                                       _winreg.KEY_WRITE)
        _winreg.SetValueEx(registry_key, name, 0, _winreg.REG_SZ, value)
        _winreg.CloseKey(registry_key)
        return True
    except WindowsError:
        return False

def get_reg(name):
    try:
        registry_key = _winreg.OpenKey(_winreg.HKEY_CURRENT_USER, REG_PATH, 0,
                                       _winreg.KEY_READ)
        value, regtype = _winreg.QueryValueEx(registry_key, name)
        _winreg.CloseKey(registry_key)
        return value
    except WindowsError:
        return None

set_reg("ID", "koray")
set_reg("PASS", "123")

print "ID: " + get_reg("ID") + " Pass: " + get_reg("PASS")

##Output;
#>>ID: koray Pass: 123

 

[Aurora 46]

This not for login in but when you click on save account the information will go to last_account.cfg

[Sanchez 2468]

So, what's your question?

[Aurora 46]

When people click on save account the information goes to last_account.cfg but how can i encrypted the password that goes to last_account.cfg and that the client can read it.

[Denis 1474]

Upload your intrologin.py

[Shisui 491]

Or, remove that login page putting the offical one for example.

[Aurora 46]

Upload your intrologin.py

Here is the link

 

https://mega.co.nz/#!YhkS1AbT!MCzLz-E_NdyevAis1qCke3JUhVgAGtGnMagUZircOCw