I hope that explains things more clearly. P+FWD8eepKXhiorycOodxiw2c0zCjnb5B7t1vo88h+F17ZXqpZTIZMgI2GWxgnxXDHOwf6T.etc I'd like to see something more along the lines of: ![]() I don't know what level of encryption that corresponds to, but I'm guessing it's not very high. For example, the macro encrypts a value into something like this: 5140B181F322A2. We have it working now using an encryption macro I found on the Web, but it doesn't seem especially heavy-duty. Then Excel, before it calls the Web service, will read the encrypted data, decrypt it, and pass it to the Web service. Our solution was to move the username and password to an external location but store them as encrypted data. We can't store the passwords in plain text in a hidden worksheet nor can we hard-code them into the Web service class. What we're doing is passing login credentials to a Web service so Excel can communicate with an internal database. Knowing the crypto APIs will hopefully be enough to figure out how to access the public key in the PFX file.The reason we need to use VBA is because the encryption needs to happen in Excel. Step into that handler and see what crypto APIs it calls. Therefore it should exit the comparison loop and go to a handler for that verb. It should be in the middle of comparing the verb in question. It will probably be in a loop comparing the verb specified on the command line with each verb within the program. My cryptext password is Print I thought it was a fitting password for. If you dont have access to a cad package you can download my. This is determined by the 3D Printer you are planning to use. When the read breakpoint triggers, start stepping through the code that read the string. Use your preferred cad package to design a cryptext that fits together with the desired clearance between parts. Put a read breakpoint within the DLL's memory on the first byte/word of the string containing that verb. Set the command line in the debugger to use the verb you found as well as your test PFX file. Then load rundll32.exe into a debugger (ie Windbg). Hopefully you'll figure out which is the right verb. ![]() Try running rundll32.exe using the verb(s) you pick with a PFX as input. Determine which verb(s) is most likely to support opening PFX files. You should see the various verbs indicated above. Dump the ASCII/UNICODE strings in the file. Here are a couple of suggestions on reverse engineering cryptext.dll to see how it works. The fact that it is a COM component means it is (almost surely) using unmanaged crypto APIs. So there's no obvious way to programmatically access it from. ![]() Based on OLEVIEW, it only implements the IUnknown interface. Although it contains an embedded typelib, using TLBIMP to create an interop assembly doesn't provide access to any interesting methods or properties. From the registry you can see which verb is associated with each file type.Ĭryptext.dll is a COM component. It is invoked using rundll32.exe along with a "verb". If you search the registry for cryptext.dll you'll see that it handles a lot of different file types (CERs, CRLs, crypto store, etc.). What I found is that cryptext.dll is the "Crypto Shell Extensions" and handles PFX files. ![]() I looked into this a while to see if I could determine how the Cert Manager is able to open a PFX file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |