Question

[luke127]

I have been doing a bit of research into Batch scripts and .exe files. I have recently got a script that makes a cmd window come up asking for a password to unlock a folder bla bla bla. Except when I convert the batch file to an exe it still has one major security hole and that is if you make another batch file with the same script and put a different password it still unlocks the folder. Does anyone know how to "plug" this hole?

Here's the script: (I use it to protect my USB at school)

cls
 @ECHO OFF
 title Folder Confidential
 if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
 if NOT EXIST Confidential goto MDLOCKER
 :CONFIRM
 echo Are you sure you want to lock the folder(Y/N)
 set/p "cho=>"
 if %cho%==Y goto LOCK
 if %cho%==y goto LOCK
 if %cho%==n goto END
 if %cho%==N goto END
 echo Invalid choice.
 goto CONFIRM
 :LOCK
 ren Confidential "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
 attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
 echo Folder locked
 goto End
 :UNLOCK
 echo Enter the Password to unlock folder
 set/p "pass=>"
 if NOT %pass%== password here goto FAIL
 attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
 ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Confidential
 echo Folder Unlocked successfully
 goto End
 :FAIL
 echo Invalid password
 goto end
 :MDLOCKER
 md confidential
 echo Confidential created successfully
 goto End
 :End

This works however it still has the security hole above and the script is easy to get from the net if you look hard enough.

 

[carnageX]

Use code tags to keep formatting. This also should have gone in the programming board.

[/ code] 
(remove the space in the "[/ code]" part.

 

[luke127]

Okay thanks carnage. I didn't know about the code BB code. Now that it is correct the screen shot is no longer needed.

 

[kmote]

This isn't going to lock your folder securely at all.

 

[luke127]

Yeah but it has to work at school without them getting up me about making a program lol. Besides not many of the people at school are techies like me so it's doubtful that they will get through it. They would probably just delete it. Anyway any suggestions on a better code then?

 

[kmote]

You could probably find a windows version of mcrypt, put that in the root of the USB drive with the folder and a simple script if you want. Don't put the password in the script though, that totally defeats the point.

 

[office politics]

this should work well for usb drives

Portable TrueCrypt / TrueCrypt Portable

 

[luke127]

It won't at school because it needs administration rights. I already tried it.

 

[office politics]

download 7 zip command line - http://downloads.sourceforge.net/sevenzip/7za920.zip

create a new encrypted archive w password - How to Create an Encrypted ZIP With 7Zip | eHow.com

extract files when needed

readd files to the archive (if needed)

delete unencrypted files.

 

[luke127]

Well I could do that I guess. I might get in trouble for using the .exe file to run the program although I use Axcrypt to go at school and it works fine However it's annoying as I have to manually decrypt the file update it delete the encrypted version and then make a new ecrypted version and delete the unencrypted one. It's annoying!

Anyway can someone give me an idea that would protect a folder as such? So it needs a password to "access" the folder? Not the stuff in the folder just the folder itself?