Solved

Hiding password in batch....

Posted on 2004-04-27
12
1,331 Views
Last Modified: 2012-06-21
Hi, im making a .bat file to help people start programs with administrator rights!
My problem is that for this program to work i have to write the administrator password to the file. And this creates a huge security risk... anyone can open it an get the password. I've made it to .com and .exe but the password still shows, some one said i could hardcore the password in to the .vbs file that makes it all possible, but I don't know how to...
I've searched the net for 3 day now... nothing! Pleas Help! Thanks!!!
 
Here is the bach side of the program:
@echo off
pause

:START
CLS
ECHO --------------------
ECHO 1 - notepad
ECHO 2 - cmd
ECHO 3 - explorer
ECHO 4 - info
ECHO 5 - exit
ECHO --------------------
:QUERY
ECHO 1, 2, 3, 4 eller 5?
GETKEY
IF ERRORLEVEL 54 GOTO QUERY
IF ERRORLEVEL 53 GOTO L5
IF ERRORLEVEL 52 GOTO L4
IF ERRORLEVEL 51 GOTO L3
IF ERRORLEVEL 50 GOTO L2
IF ERRORLEVEL 49 GOTO L1
GOTO QUERY
:L1
cscript c:\RunAs\vbrunas.vbs administrator qweasdzxcget96e notepad
goto start
:L2
cscript c:\RunAs\vbrunas.vbs administrator qweasdzxcget96e cmd
goto start
:L3
cscript c:\RunAs\vbrunas.vbs administrator qweasdzxcget96e explorer
goto start

Here is the .vbs script

On Error Resume Next
Dim WshShell, oArgs, FSO

Set oArgs = wscript.Arguments

If InStr(oArgs(0), "?") <> 0 Then
wscript.echo vbCrLf & "Du måste strata X med X.bat, annars funkar det inte!!! Om problem: niklas.liljestrand@prakticum.net" & vbCrLf
Usage
End If

If oArgs.Count < 3 Then
wscript.echo vbCrLf & "! Usage Error !" & vbCrLf
Usage
End If

sUser = oArgs(0)
sPass = oArgs(1) & vbCrLf
sCmd = oArgs(2)

Set WshShell = CreateObject("WScript.Shell")
Set WshEnv = WshShell.Environment("Process")
WinPath = WshEnv("SystemRoot") & "\System32\runas.exe"
Set FSO = CreateObject("Scripting.FileSystemObject")

If FSO.FileExists(WinPath) Then
'wscript.echo winpath & " " & "verified"
Else
wscript.echo "!! ERROR !!" & vbCrLf & "kan inte hitta eller verifiera " & WinPath & "." & vbCrLf & "detta funkar endast i 2000 och kanske i XP"
Set WshShell = Nothing
Set WshEnv = Nothing
Set oArgs = Nothing
Set FSO = Nothing
wscript.Quit
End If

rc=WshShell.Run("runas /user:" & sUser & " " & CHR(34) & sCmd & CHR(34), 2, FALSE)
Wscript.Sleep 30 'need to give time for window to open.
WshShell.AppActivate(WinPath) 'make sure we grab the right window to send password to
WshShell.SendKeys sPass 'send the password to the waiting window.

Set WshShell = Nothing
Set oArgs = Nothing
Set WshEnv = Nothing
Set FSO = Nothing

wscript.Quit

'************************
'* Usage Subroutine *
'************************
Sub Usage()
On Error Resume Next
msg = "Kontakta Niklas Liljestrand, om du vill ha hjälp!"

wscript.echo msg

wscript.Quit

End Sub
0
Comment
Question by:DisLikeMe
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 3

Expert Comment

by:Tele_tech
ID: 10936002
There must be something specific about the software that needs admin rights ... a folder or a file...
most likely not full system access...
would it not be easier to find this and set the permission specific to allow the software to run for the user or users group that needs it?

Have solved a few problems with software this way and does not cross security as long as you don't get crazy with the rights.....
create a group.. give it the specific rights for the software needed
add the users that need it....

How many different software packages do you need to run?
if there is a reason... that this won't work.. I know of a solution that will work for the casual user although a person that really wants to dig may be able to get past it...
I will check back.. if you need it, I will post it....  but recommend the above method
0
 

Author Comment

by:DisLikeMe
ID: 10942465
The problem is that all users have unicue usernames and passwords and belong to a group with low rights, they all hav their own user mapps on the server... and to accses some files they have to log out and in with the other account that is for all users localy on the machines. This program would make it possible for the users to stay in their own account and still have admin rights to some programs...  We are using win2000 server so making some files execute only without read rights is not possible... Pleas help! Tanks!
0
 
LVL 3

Expert Comment

by:Tele_tech
ID: 10946200
how about assigning execute and read rights to the needed files?  not to the folders  
we have some software that our standard users can not run.. but by tweaking rights via policies they can run them as a power or admin user

let them have read and execute without write priviledge..

back to what you were looking at.. instead of VB script .. how about a full compile to an exe?
the password would not be visible.

other languages, even going back to Qbasic with the ablitiy to compile to stand alone EXE have a shell command that would let you do exactly what you are wanting...
would look like a BAT file running and would have the security.  I use it in a couple of un-attended applications ... it is quick and easy to right in.  I normaly don't use it when interaction is required because of the DOS interface.. but would be better than a batch file more configurable and secure against most casual users.... (would have to open EXE) to get password....
if you need some lines of code.. let me know and what you want to use VB or QB or ?  
for maintenance I would use something simple and quick that you have or could get cheap
0
 

Author Comment

by:DisLikeMe
ID: 10948367
Converted the .bat file to .exe and to .com but the password is still in clear text... so what im looking fore is some way to hide the text in the .bat .co. or .exe file, or scripting the password in to the .vbs file... in a way wich would take much effort to crack! Thanks!
0
 
LVL 1

Expert Comment

by:cablito
ID: 10949005
Do the machines have .NET framework installed?

It would be really easy to write a VB.NET console mode application that would do that.

No need for licenses or anything. If you have the .NET framework installed, you can compile it yourself, so when the password changes, all you do is chance the source code, compile it, and copy the updated one to the machines.

I am talking about a 10 lines of code program.
0
 
LVL 1

Expert Comment

by:cablito
ID: 10949020
Matter of fact, I could post the code here if you have .net framework on the machines or was willing to install it.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 3

Expert Comment

by:Tele_tech
ID: 10952295
are you saying in clear text while the software is running?  or by browsing somewhere ?  not sure how it could be clear text if impeded in EXE..

if you are speaking of while it is running.. that is just a matter of masking the output......
0
 
LVL 3

Expert Comment

by:Phoenixric
ID: 10967269
Hi,
May I clarify this?
"Converted the .bat file to .exe and to .com but the password is still in clear text..."

Where in particular? in the batch pop-up? In the script?
But I assumed that what was Im thinking is not the real problem, but in some cases, you can just right click the particular batch if its on the user desktop as shortcut. And in the properties menu, point to programs tab and just put a check in the "Close on exit" check box.

You can either make a very simple application which calls the batch file you have created . .You can even rename your batch file to .sys or .dat and  rename it again to .bat when your application runs. With this you can hide the batchfile itself somewhere which only the application can locate the exact location.

Its really risky to create a plain batch file which is by default being accessed by the users on their desktops.
Unlike you have  created an application which you can deploy together with the batchfile. This application will also served as the default shortcut on users desktop which actually hides the call for your .bat file.

I can provide you some codes for this if you wish too. .
Hope I could help.

PhoenixRic ;-)
0
 
LVL 3

Accepted Solution

by:
Tele_tech earned 20 total points
ID: 10968455
Another approach..... I had not thought of, even though I use it evey day...
In a stand alone  .exe.. not a script.
this can be done with almost any language.. qb7 or VB6 would do just fine have used both to do it
Set up the code so that when an option from the menu is selected
it will create a batch file to do what you want
shell to the batch file  
          turn off the echo
          pipe all output to >nul
when they close the program the batch ran control will return to the exe
If using VB when you shell the exe will continue to run.. put a wait step long enough for the software to launch  this may need to be a matter of testing for the slowest connection or machine to make sure they all have time to launch the software.
and then delete the batch file.
the exe will return to the menu.
even though the password is visible for a short time in the batch file, if they know where it is
I don't think that in the XX second wait they would be able to open and find the info...
granted a determinined hack might.. but not a normal user.  to help slow down anyone for the xx wait
have the batch file created in an obscure location
     if they know where it is they can unhide it.. but that is why the obscure... could be way down in program files under one of
microsofts folders
I have a computer that runs unattended this way with passwords to servers... when the computer is not running the software.. all the information is encoded into the exe... to the point that to change it.. I have to go to source and change it and re-compile

In qb7 the batch file will exist as long as the program is running... so may want to change attributes to  hidden while it is running
0
 
LVL 3

Expert Comment

by:Phoenixric
ID: 10974372
HI,
Yes its a wise approach as I've first mentioned. . . Anyway I dont think you have some more questions on your previous post. . Is that idea is what you're working right now? Stil need some help specifically in programatically hiding file attributes?

By the way have you tried converting your vbscript to vb standard exe? or qbasic?
Did tried to used policies software such tweakui or poledit?

We have lots of options. You can even load users rights and priveledges for needed application for the first time they log in to the network. You can have a snapshot of their user name and password then save it to a .ini file. to be read by your application lets say in VB then loads the necessary user priveledges.

Your good enough in coding as I analyzed the codes, but I think you really get want to stick with same approach(Which is not applicable for this situation). You must think of another way appropriate for multi-user environment like youre working in. . Not risking confidential user identifications.

PhoenixRic ;-)
0
 

Author Comment

by:DisLikeMe
ID: 10974930
The clear text wich Im speaking of, is if you open the file in ex. notepad!
0
 
LVL 1

Expert Comment

by:cablito
ID: 10979219
I thought you had abandoned the question.

I´ll see if I can post the C# .Net version here.

Please confirm you do have the .Net framework installed on the machine or is willing to install it. (Considering sooner rather than latter you will have to do it in order to run the newest applications)
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Introduction: Recently, I got a requirement to zip all files individually with batch file script in Windows OS. I don't know much about scripting, but I searched Google and found a lot of examples and websites to complete my task. Finally, I was ab…
This is about my first experience with programming Arduino.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now