Jump to content
UBot Underground

Recommended Posts

Hey Folks,

 

I did write a few Bots and allready made a few sales to my clients. While scanning the Wiki and the forum I noticed there is a lack on knowledge, regarding "handling passwords". 

 

I think handling passwords and logins is an important part of each bot.

 

So how do you encrypt a Login Password?

 

One Example:

I write a Bot for a client, the bot needs to log in one of my online-Tools with my Login Credentials, pull some Information, Logout, and use the information.
I don´t want the customer to read out my password and use my Tools without my bot. 
Hope you get the concept.

 

Link to post
Share on other sites

Hey pash,

 

I did read that post and all it does is hide a password that the end-User does type in. 
So when I ask for a password in a UI Box I can hide it with ****. 

But I want to work on a special case, 
my bot does a login (built in by me), the login information is in the ubot code. 

 

So the bot does login to my Semrush Account, pulls some Information and continues the other tasks. 
When I compile my bot and ship it to the enduser, I am afraid he might find out my password, which is somewhere in cleartext in the bot.

 

I hope this clears things up a bit.

Link to post
Share on other sites

For things like this I create a mini API system and have PHP code return values to my bots. This way the password is never sent. Only API commands. For example: -

http://api.mydomain.com/?apikey=AED65AFC777&cmd=GETDA

The PHP script does not need to be fancy. Just have the code check the API key and use a switch statement for the commands. The PHP script can then connect to the API of Semrush and return the output to your bot.

 

Hope that makes sense.

Link to post
Share on other sites

Hi TheBigWeb,

 

yeah that makes sense and I do understand what you are trying to do. 
I just recently startet to learn how to use API´s (bought Udemy courses and so on) so will definetly look into this method.

 

On the other side I think this won´t work for everything. Some services don´t have an API and I need to pull Data with a logged in Account. 
 

Link to post
Share on other sites

Hey pash,

 

I did read that post and all it does is hide a password that the end-User does type in. 

So when I ask for a password in a UI Box I can hide it with ****. 

 

But I want to work on a special case, 

my bot does a login (built in by me), the login information is in the ubot code. 

 

So the bot does login to my Semrush Account, pulls some Information and continues the other tasks. 

When I compile my bot and ship it to the enduser, I am afraid he might find out my password, which is somewhere in cleartext in the bot.

 

I hope this clears things up a bit.

sorry Tibret.

I'm not good English.

 

If you use Ubot Browser.

You can use.

in shared browser {
    set visibility("Invisible")
    navigate("https://secure2.ubotstudio.com/customers/login","Wait")
    wait for browser event("Everything Loaded","")
    wait(1)
    type text(<username field>,"My Username","Standard")
    type text(<password field>,"My Password","Standard")
    click(<login button>,"Left Click","No")
    wait for browser event("Everything Loaded","")
    wait(1)
}
navigate("https://ubotstudio.com/customers/dashboard","Wait")
wait for browser event("Everything Loaded","")
wait(1)

www.semrush.com version

set(#SemrushUsername,"","Global")
set(#SemrushPassword,"","Global")
in shared browser {
    set visibility("Invisible")
    navigate("https://www.semrush.com/","Wait")
    wait for browser event("Everything Loaded","")
    wait(1)
    click(<outerhtml="<span class=\"s-btn__text\">Log in</span>">,"Left Click","No")
    type text(<email field>,#SemrushUsername,"Standard")
    type text(<password field>,#SemrushPassword,"Standard")
    change checkbox(<name="remember">,"Checked")
    click($element offset(<login button>,2),"Left Click","No")
    wait for browser event("Everything Loaded","")
    wait(1)
}
navigate("https://www.semrush.com/dashboard/","Wait")
wait for browser event("Everything Loaded","")
wait(1)
Link to post
Share on other sites

Hey Pash,

What is your native language?

 

 thanks for your help. :) 
But your described how to login  with a password, I allready can do this. 
I am just concerned that if I save my password in a compiled bot, a customer can find out my password using my bot. 

I don´t know if it is even possible or if I should/ can secure my passwords. 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...