VuGen 12.53 Parametrization

All,

I am trying to get some information since I was not able to find what I was looking for in function reference.

I've looked through the functional reference guide and I was not able to find function called "lr_decrypt".

Inside my vugen script below:

web_set_user("domain\username", lr_decrypt("adareaer23242kjadfdsfs"), "hostname:port");

lr_decrypt is referring to the password you typed which turned into decryption. I am trying to find a way to parametrize but it looks like it is not possible.

Is there a way to accomplish this task? If not, what would be the second best option?

Thanks,

 

 

  • Verified Answer

    lr_decrypt() (see also lr_unmask()) can be used with a parameter, but you have to do it yourself like lr_decrypt(lr_eval_string("{EncodedPassword}"))

    Create a parameter EncodedPassword with the content adareaer23242kjadfdsfs

    So you have to make lists/table of 'domain\username' and 'encrypted password'.

    The help of 12.55 states:

    Select an entire string between quote marks, not including the quote marks themselves. Right-click in the selected string and select Mask String. The original string is replaced with an lr_decrypt call where the EncodedString argument is the original string after encoding.

    Then run Start > All Programs > HPE Software > HPE LoadRunner > Tools > Password Encoder. Paste the value into the Password field, and click Generate. The masked string appears in the Encoded String box. Click Copy and paste the masked string into a parameter for later use, or assign the value to a string variable.

    Still cumbersome if you have for all your 1000 users different passwords.

  • Thanks Remmelzwaal for your suggestation.

    If I have user more than serveral thousands with different password, is it still the way to implement?

    Also, I want to check the following. The decrypted content will be different everytime even with the same user. The encrytpion/decryption will be generated randomly; therefore no same decrypted content ever for the same user.

    If the above case is the situation then isn't it better off with correclating? since correlating convert the dynamic value into a variable.

    Please let me know your thoughts.

    Thanks,

     

     

  • Hi Yangnigon,

    I do not know any tool to encode large lists of passwords in LR.

    The encryption is random (so someone cannot see that all users have the same password), but it is always decryptable, so no need to regenerate. I can take the string from an example and decrypt is as well.

    You do not need to use encrypyted passwords, just replace the lr_decrypt("...") call with the plain password text.

    Now days Vugen is free for downloading. So any one that can lay his hands on the list of encrypted passwords can write a simple script to decript them. I guess not that secure any way.

    Or one of the MicroFocus engieers have to correct me.

    Regards,

    lr_message(lr_decrypt("5af5997ffd4a576f81951cd0888617205a1aef"));