I am using lua to administrate a firewall server and want to obfuscate sensible variables such as login data. I have tried luac but the variable content is still easily readable. Is there any way to encrypt/decrypt these sensible data?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am using lua to administrate a firewall server and want to obfuscate sensible variables such as login data. I have tried luac but the variable content is still easily readable. Is there any way to encrypt/decrypt these sensible data?
I’m assuming you have a lua script which contains both the commands to send as well as any “secret data”, and you want to be able to run this script without having to type in anything interactively.
If so, the script itself must be able to decrypt your secret data in order to use it – and if an attacker can read the script, he can do the same steps to decrypt your data (or run it in a debugger or similar). Thus, it is impossible to really hide the secret data in your script. Use your systems file permissions to ensure nobody but you and the process that executes it can read the script.
That said, if you do not want to hinder real attackers, but only want to avoid casual lookers reading the password, any encoding scheme will do – from simple Rot13 over Base64 to hex-encoding. But you should be conscious that this is not a security measure.