Using QuickTest Professional and this approach, you can hack email accounts published on Internet. Are you interested? :) So, continue reading this QTP tutorial for details.
I've just recorded a simple script, which signs into Gmail. It:
- Fills 'Username' in
- Fills 'Password' in
- Clicks 'Sign in' button
And the recorded QTP script is:
As you can see, QTP script is simple enough.
I've set "someaccount" to 'Username' editbox. But what about 'Password' editbox? What value have I filled in?
QTP encrypted the password using SetSecure method:
The SetSecure method is recorded when a password or other secure text is entered.
The text is encrypted while recording and decrypted during the test run.
How to know the initial text?
There is one trick. Apply SetSecure method to non-secured edit box!
Instead of this QTP code:
I run this QTP script:
And the result of this QTP script is:
Yes, "mypwd" was encrypted to "493844a99bee0e3ab952f2e867fd08e3". So, "mypwd" is the password I filled!
So, this is an easy way to decrypt an encrypted password in QTP.
By the way, there are two ways how to decrypt a password in QuickTest Professional:
- Using Crypt.Encrypt
'encrStr' will contain an encrypted text.
- Using Password Encoder from 'Start/Programs/QuickTest Professional/Tools'
- I explained two ways how to crypt a text in QTP
- I shown an approach how to decrypt an encrypted text
Well, I promised to show how to hack email addresses... I remember!
I searched several QTP sites and forums for "SetSecure" function and found that some QTP engineers published their code snippets with encrypted passwords (for example, entrance into email accounts) :)
Now you know how to "read" (=steal) passwords in plain text.
Why do I tell that?
Just to remind - be careful when you publish such private info on Internet.
- QTP VIDEO - How to capture dynamic text?
- Top 40 Automated Testing Blogs - Nov 2008
- QTP - How to get font size/color, background color etc of controls?
- 10 steps to become QTP guru
- All QTP visual tutorials
Do you like this QTP tutorial? Would you like to receive them automatically in the future?
If yes, please subscribe to this blog RSS feed or by Email. (How to subscribe? VIDEO guide)
Do you know that you are free to use/copy/publish all my materials on your site/blog?