PLEASE HELP
How to make a menu that can encrypt and decrypt a message from notepad. Please respond as soon as possible.
I have tried on a number of different sites and I'm getting very frustrated with this problem.
Related
I'm currently working on a project for which I need to decode a Certificate Signing Request (CSR) -- basically mimic a site something like this. So, by pasting the CSR in a text area, the value will be passed in the backend and then decode the information and display it in the page.
The problem is that I need to run this using Perl, and I'm having a hard time looking for a good resource to start. I had already looked into OpenCA::OpenSSL but it seems like there's no available function that would fit when extracting the information in the details.
Have you tried searching the CPAN? Crypt::PKCS10 should be a good start
I can't find the solution for my problem. So, in my send-mailmessage html body is field that should be redirected to file which is included as attachment in message. How can I create hyperlink to that file in mail, when client opens it?
I don't know if you get my idea. In other words, in message I have attached file, and then there is field which should be a hyperlink to attached file. When client receives message he/she should press the link and then attached file opens.
I searched almost everything in everwhere but can't find a appropriate solution how to solve this.
This isn't really a PowerShell question, since this issue has nothing to do with the functionality of the Send-MailMessage cmdlet.
In any case, the reason you can't find a solution anywhere is that what you're trying to do is impossible. There is no way that a hyperlink in an e-mail message can point to a file attached to that message. Different mail clients on different operating systems store attachments in different locations. Even if you want to assume that all your recipients are running Outlook on Windows, there are different versions of both. Even if you know for a fact that all recipients are running a specific version of Outlook on a specific version of Windows, you're still out of luck. Outlook stores attachments in a subfolder in the Temporary Internet Files in the user's profile that has a randomly generated name. There's no way to inject code into a hyperlink in an email message, so without knowing the exact local file location, you can't link to it.
I suppose if you're really determined you could have the hyperlink point to a web page that runs some complex javascript code that tries to figure out where the attachment is stored, but that's a major undertaking, and would break if the recipient's default browser has javascript disabled.
Which begs the question, why exactly are you trying to do this? So that recipients can click once instead of having to double-click to open the attachment?
I have found that you can make a hyperlink point to a file share that you know the recipients have access to.
To do so:
Simply make each hyperlink point to the specific file and there you have it.
They have to have permissions to access that file share, or there is a much better way now that I haven't thought of.
Oh well, this works for me, for now.
I have an iOS application, which stores all downloaded *.pdf files in its cache. Is there a way to prevent this data from extracting? Encryption or something else? Thanks in advance.
There are quite a few ways to encrypt files, and I'm sure everyone will have an opinion on the best way to do so.
In a project I've recently been working on, we've been using CommonCrypto (https://github.com/AlanQuatermain/aqtoolkit). Just take any NSData, encrypt it, and save it to a file, and vice versa. You can even write an easy Transformer by subclassing NSValueTransformer, which abstracts all of the encryption to one spot and you will never have to worry about it again.
You can protect PDF files with a password. I assume you create the PDF files not within the application but externally. For example you can use Preview.app in Mac OS X to secure existing PDF files with a password (Hit Cmd-P, then select PDF in the print menu and there you can set security options. Or even more simple: in the menu choose Export...).
In iOS you can then open the PDF files like this:
CGPDFDocumentRef documentRef = CGPDFDocumentCreateWithURL((__bridge CFURLRef)[NSURL fileURLWithPath:filePath]);
if (!CGPDFDocumentIsUnlocked(documentRef))
CGPDFDocumentUnlockWithPassword(documentRef, password);
...
There are actually 2 Documents folders in which your app can store content. One can be extracted, and one is private. Check the accepted answer in this ticket.
Access files in "private Documents" folder transferred with iTunes
Assuming you want the PDF files from getting extracted on jailbroken devices, the most straight forward approach would be along the following lines:
generate a random string during the first launch of the app
save the random string either in NSUserDefaults in state file inside your own app's sandbox
using this random string create a secret key using a deterministic but hard to figure out algorithm
use this secret key, which you don't store anywhere but always generate on demand, symmetrically encrypt your buffer with AES or something similar
You would probably find the source code here very helpful.
I need to code in authentication information for specific parts of my website into my app. Is it at all possible for the app to be "decompiled" and the username and password exposed?
NSURL *url = [NSURL URLWithString:#"https://predefinedUsername:predefinedPassword#www.website.com"];
Yes, it is possible. Assume that if you have anything compiled into your app, it can [and will] be discovered by someone somewhere. Even if it isn't possible today, you are creating a frozen record of such information that will be vulnerable to any future attacks, known or unknown.
You really need the user to perform some task that authenticates them. There are a million and one ways to do that, and for every one of those, a million and two ways to do it wrong. :)
Without knowing more about your specific requirements, it is impossible to really say much more outside of "keep it simple and don't store or send anything in clear-text".
As #Hyperbole said, If you store the username and password in plain text it will be visible in the executable. It is extremely trivial to examine the executable for strings, and it's usually the first thing someone with malicious intent will try.
Right click on any app you've downloaded in iTunes and select show in finder. Make a copy of the app on your desktop and rename the app from AppName.ipa to AppName.zip. Double-click to unzip it, and look inside the folder. Navigate to the folder Payload and then right click on the (probably only) file in there called AppName that looks like an application but has a big circle with a cross through it for the icon. Select show package contents. Scroll through until you find a file called AppName with no extension and a blackish rectangle with the green word "exec" as an icon. Open that file in text edit or another text editor. You'll find that most of this ends up being random symbols and other crap, but you should occasionally see some plain text. The compiler takes string constants and embeds them directly in the app when you compile it in most cases.
You asked about what magazine apps and others do to access content - There are a ton of different ways to do it but off the top of my head, after the server verifies your in-app purchase receipt, the server would record an identifier specific to your iTunes account, saying that you've purchased a specific issue of the magazine. Then your app can request that file from the server, adding the identifier to the request in the process. The server would respond with the file once it looks through the database and determines that you've purchased the content.
Other solutions include signing/hashing a unique key.
Your example would expose the username and password without the need to decompile as you send it via plain text in a URL request. Anyone with a sniffer or MITM service yould snatch it out of the air. A better approach would be to make use of SSL via the http*s* protocol. You could go a step further and either prompt at runtime for the credentials and/or store an encrypted version within the app.
This is very bad because it is trivially easy to recover these credentials just by running 'strings' against the app binary without needing to decompile it.
Can't you pop up a dialogue box asking the user to enter the credentials when they first start the app ? Alternatively you could store them encrypted in a file and then ask the user for an alternative credential e.g. Passcode that derives the key but even this will not survive a determined attack unless the Passcode is long.
I need to send the project files to my client for running it on thier xcode to see the work in progress. Is there any way to encrypt the source files ?
I have one option by sending .app file from simulator debug location and ask them to put it on the same path . But i need to send the code with encryption , is that possible ?
Thanks in Advance.
Raj
You can encrypt the files via any number of mechanisms, but if you want the client to be able to build and run the code, that's not going to be practical, as they'd have to decrypt it.
If you want to do this without exposing the source code to the client, build a static library, distribute that static library which links along with a template main.m into your final executable, set it up as a framework to link into the sample app you send them. This way, they don't get the sources to the app, but they can still build it and see what's going on.
On a side note, if you don't trust your client, why did you take the job in the first place?