Solved

PGP GnuPG - Automation of PGP self decrypting files

Posted on 2003-11-13
23
5,466 Views
Last Modified: 2008-03-17
I receive many PGP self decrypting windows executables every week. (which all have the same pass phrase) I need to find a way to automate the decryption of these files so I do not have to type the same pass phrase over and over again every day. Does anyone know a way to automate this either in windows or Linux?
0
Comment
Question by:stabor23
  • 8
  • 5
  • 5
  • +2
23 Comments
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 9741590
Thought about putting together a script for automating this task? Does it toss up a window for you to type in the phrase? If so You can script it out so that all you have to do it run the script and it will do the rest for you.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9742031

see page 13 of  http://www.cs.sunysb.edu/files/pgp/PGP65CommandLineUsersGuide.pdf for command line reference

You could pipe your directory contents into a file:
dir /b >contents.txt

and act on each file in the contents.txt file

for %variable in (set) do command [command-parameters]




0
 

Author Comment

by:stabor23
ID: 9742547
TooKoolKris:

I love to script and I try to script everything, but alas it does open a window for me to type in and I do not know how to script for this. And by the way do you mean in windows or Linux?

chicagoan:

I have PGP freeware ~8.0.2 (for windows) which apperently does not include any command line support. So I downloaded the NA version for windows to match that pdf (6.5.8 is what I found) but it will not decrypt the executables, simply says: Not PGP file! (or something very simular). GPG version 1.2.1 says the same thing. I could download 6.5.8 for linux as well but I double it makes a difference.

Any Ideas?

Thank you both for your help,
S
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 9742586
This is true, these are not PGP files. They are something that PGP, Inc. invented that bear little relation to the OpenPGP standard.

If the sender can send you "real" PGP files, then you can write a script that uses GPG to decrypt them.
0
 

Author Comment

by:stabor23
ID: 9742630
I will see what I can do about the sender, but I am unsure they will change as they send hudereds if not thousands of files encrypted (I assume) automaticly in the same way.

Thank you for the chris for the insight though.

S
0
 

Expert Comment

by:Leventis
ID: 9742773


pg:44 PGPPASS: Store your passphrase from the link the first person added.

This is the command you need to run from what I understood, I suggest you reading that little paragraph over there.
SET PGPPASS=zaphod beeblebrox for president

You could copy this and change the password and the help phrase.  I would take this and paste it on notepad and save it as foo.bat You could save it anywhere you feel like it. The bad thing about this method, also as the user guides notes, is that it poses a security threat.  If your computer is being used by other people or someone has access to it, he could very easily find out the password and steal all the encrypted information.  If the information was not important, I don't think it would be encrypted :) So, be sure that this is what you want to do and not pose a security threat.. :)

I hope this helped,
Leventis
0
 

Author Comment

by:stabor23
ID: 9743178
Leventis:

SET PGPPASS is a fine solution to entering the password, but the problem as it stands is that the command line version (any: GnuPG, PGP 6.5.8, PGP win 8.0.2)  are unable to decrypt the PGP executables. They all say that it is not a PGP file. The only way i have thus far to decrypt these files is to execute each one of them and type the pass phrase in the little box that pops up. I would like to change the way I get them in, but the files come from a seperate company that I doubt will be receptive to changing it for us. (although I have asked, we shall see what they say when they get back to me)

That having been said, anybody?
windows or Linux solution will be fine and I am able to run the EXEs with WINE on linux.

S
0
 

Expert Comment

by:Leventis
ID: 9744483
 Have you tried passing the password as a parameter. If I had my damn computer I would try and figure that out, but my computer is not working right now.. argh..

Sorry for not helping with the previous post :)
Leventis
0
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 9747453
Yea, I'm talking about scripting for windows. If it tosses up a window you can grab that window and then send information and keystrokes to that window so that it handles everything for you without you having to type it out.

I'm not versed in scripting for Linux, I do a little C++ but not C scripting or quick C.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9747902
I haven't been able to find any command line parameters for self-executing PGP files...

How about a keyboard stuffer? Used to use keyfake on DOS/OS/2 to do tasks like this...
http://www.cesoft.com/ has quickeys... think they have a free trial
0
 

Assisted Solution

by:Leventis
Leventis earned 25 total points
ID: 9750608
 I think that I found the solution into your problem. :)  

http://lists.gnupg.org/pipermail/gnupg-users/2002-January/011803.html

 Go to this address and it tells you how to do it. It is pretty simple actually.  You could turn that into a .bat file or an .sh so it's compatible for WIN32 and UNIX :)

Leventis
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 18

Expert Comment

by:chicagoan
ID: 9751053
but PGP command line doesn't work with .exe's - i even renamed one with the gpg and pgp extensions...
what version of gpg did you try this on?
0
 

Expert Comment

by:Leventis
ID: 9751409
 I didn't because I am using a friends computer, not mine. Mine is not working. I ll take it to a tech guy. I thought that would hep but I guess not. When I get my pc fixed I ll try and work on it more.
0
 

Author Comment

by:stabor23
ID: 9771669
Ok, sorry for the hiedus, work and weekends don't mix for me and mine starts on Thursday.

Leventis:

1. Yes I have tried passing the passphrase as a param
2. The link you posted 11/14 at 2:02CST is absolutely correct, but gpg is quite unable to decrypt my PGP executeables. That, amugst many other solutions would work fine if I was decrcypting *.gpg files, or I suppose any pgp or gnupg file encrypted with a key pair.

TooKoolKris:

Rock. That should do the trick, but I am apperently ignorant of how to do that. If you could stear me in the right direction, it would be most appriciated.

chicagoan:

1. I am checking out the link you put up on 11/14 3:05 CDT, I think that it may just do the trick.
2.  GPG version 1.2.1 ; Yeah, I tried the same thing, is'nt that a b!tc8.

Thank you all for your help. I guess all that is left now is to find the best way.

ST
0
 

Author Comment

by:stabor23
ID: 9771727
The Cesoft (http://www.cesoft.com/) software looks like it will work perfectly, but the $99 price tag turns me off abit, (we try to be a cheap company) and besides I think from the info that has come in thus far that I can do it for free. And doing it yourself is more fun anyway.

Thanks for the link though, and I am sure other people will find it useful when we close this thing out.

S
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 40 total points
ID: 9771945
0
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 9772660
Ok then you have to explain your process to me a little and I can write the script for how to do it. If I understand correctly you need to do:

1.) Run .exe
2.) Enter KeyPhrase
3.) Go to the next .exe and do same

Is this correct and if so what is the exact window title that is on the dialog box for entering you phrase?
0
 

Author Comment

by:stabor23
ID: 9772682
yes that is correct

The window title is:
PGP Enter Passphrase

Thanks
0
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 9772727
It would make things easier to script if all of the .exe's that need to be opened are in the same directory. Is this possible?
0
 

Author Comment

by:stabor23
ID: 9772755
yes they can all be in the same dir.
0
 

Author Comment

by:stabor23
ID: 9772770
also i am pretty sure I can modify it to fit my needs if you can produce a broad example, with a few notes of cource

S
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9807679
had any luck?
0
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 160 total points
ID: 9810314
I'm sorry for the delay, what you need is a script that takes advantage of AppActivate & SendKey methods. Put the code into a (.vbs) file.

First we need to launch your exe so we set a shell object. Then we run your exe. You may need to adjust the sleep time so that the AppActivate method doesn't fire off until your exe has fully loaded. 1000 = 1sec. Next is to capture the window that comes up when your exe runs, you said it was "PGP Enter Passphrase". We'll give the script a little time to catch up after grabbing the window. Next what we are going to do is start sending the keystrokes you need to the window. Make sure your window has set focus to exactly where your input goes, if not you will have to send TABs to get it there. So let’s just say you have to tab once to do so for example if not then take it out. Always leave just a little time between key sends as well. Then start sending out your pass phrase one letter at a time. When you are complete and you need to hit enter just tab to the enter button and send enter. Then just call your next exe and start over.

set WshShell = WScript.CreateObject("WScript.Shell")

WshShell.Run "the path to your.exe"
WScript.Sleep 2000

WshShell.AppActivate "PGP Enter Passphrase"
WScript.Sleep 500

WshShell.SendKeys "{TAB}"
WScript.Sleep 500
WshShell.SendKeys "P"
WScript.Sleep 500
WshShell.SendKeys "a"
WScript.Sleep 500
WshShell.SendKeys "s"
WScript.Sleep 500
WshShell.SendKeys "s"
WScript.Sleep 500
WshShell.SendKeys "w"
WScript.Sleep 500
WshShell.SendKeys "{TAB}"
WScript.Sleep 500
WshShell.SendKeys "{ENTER}"

WshShell.Run "the path to your.exe"
WScript.Sleep 2000

WshShell.AppActivate "PGP Enter Passphrase"
WScript.Sleep 500







0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now