SS64 Discussion Forum

Chimaera

IA-32

Registered: 2009-08-24

Posts: 121

Adding protection to a file im writing whats best way?

Getting close to finishing a backup file ive been doing for a while.

and i was trying to think of some protection that i could add to the file other than making it into an .exe which isnt completly foolproof.

Whats the best way to protect my work?

Can nag screens be made in cmd?

the version that i allow for testing could show the files and then delete them so they have to have the proper version?

Or can i build a time delay or ip grab and store to stop multiple use or something that will fool most people?

or should i just not bother?

SmartGenius

8086

Registered: 2008-12-11

Posts: 23

Re: Adding protection to a file im writing whats best way?

Hi you....

you want to atach the running of your batch only to work on some systems or something like that, or want to encode your bat to not show the source code, you can try changing codification on your editor or encript your bat...

Ex: http://thesmartgenius.wordpress.com/wt-patcher/  <<-- Download and try to obtain his source code

Greets !

PD: Sorry for my english !

carlos

PDP-11

Registered: 2008-11-03

Posts: 85

Re: Adding protection to a file im writing whats best way?

The cited exe file is very, very simple.
Is only a bat file encoded in UTF-16 Little Endian.
And compiled with exescript.

Really, with exescript you compile this code:

Call %myfiles%\WTGPbySmart.bat
Exit

myfiles variable is variable of exescript program.
and in attached files is added the WTGPbySmart.bat encoded.

You can view the path of extracted files:

add this code to your regedit:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
"DisableCMD"=dword:00000001

Now, run Process Monitor, and uncheck all except: Show File System Activity.
Right click over all current process, and click in Exclude.

Now run the exe file. And you look where the the files are extracted.
In my case:

%UserProfile%\AppData\Local\Temp\~E897.bat
%UserProfile%\AppData\Local\WTGPbySmart.bat

WTGPbySmart.bat is encoded file. How change encoded. Open the file with EditPad. Go to menu Convert->Text encoding and select: DOS 437 United States or if in the script are a line with command chcp, for example chcp 1252: check Windows 1252 Western European.

carlos

PDP-11

Registered: 2008-11-03

Posts: 85

Re: Adding protection to a file im writing whats best way?

Note: You can not protect a file encoding or not. Cmd.exe read a valid file. This valid file always is putted in some location of hard disk.

SmartGenius

8086

Registered: 2008-12-11

Posts: 23

Re: Adding protection to a file im writing whats best way?

HaHaHa !! Good to see you Carlos

For someone that its not familiarized with this, will not be easy to discover that, off course you are an advanced user

The File Can Be Encoded as i do, and can be hidden in special sites like "Tasks" or into the "RECYCLER", sites not accesibles by the windows explorer, or write it into memory and delete

Example:

@cd/d"%tmp%"&more +1 %0|debug>nul&cmd/q/cgr.bat&exit
e100 FF FE 20 32 3E 6E 75 6C 0A 40 28 74 69 74 6C 65
e110 5B 63 72 61 63 6B 6D 65 20 30 2E 33 5D 0A 73 65
e120 74 6C 6F 63 61 6C 3D 65 6E 61 62 6C 65 65 78 74
e130 65 6E 73 69 6F 6E 73 3D 65 6E 61 62 6C 65 64 65
e140 6C 61 79 65 64 65 78 70 61 6E 73 69 6F 6E 0A 64
e150 65 6C 20 25 30 20 32 3E 6E 75 6C 0A 66 6F 72 20
e160 2F 6C 20 25 25 25 25 20 69 6E 20 28 29 20 64 6F
e170 20 40 28 6D 6F 72 65 2F 63 3C 6E 75 6C 0A 73 65
e180 74 20 2F 70 20 70 3D 50 61 73 73 77 6F 72 64 3A
e190 0A 66 6F 72 20 2F 6C 20 25 25 5E 5E 20 69 6E 20
e1A0 28 31 2C 31 2C 39 29 20 64 6F 20 40 73 65 74 20
e1B0 2F 61 20 22 70 3D 70 5E 25 25 5E 3C 3C 31 25 25
e1C0 5E 22 0A 69 66 20 6E 6F 74 20 3A 21 70 21 3A 20
e1D0 6E 65 71 20 3A 37 34 35 39 39 38 34 3A 20 40 28
e1E0 0A 65 63 68 6F 2F 50 61 73 73 77 6F 72 64 20 63
e1F0 6F 72 72 65 63 74 61 2E 0A 65 63 68 6F 5C 63 72
e200 61 63 6B 6D 65 20 30 2E 33 20 70 6F 72 20 47 65
e210 72 6D 61 6E 69 61 63 0A 70 61 75 73 65 3E 6E 75
e220 6C 0A 65 78 69 74 29 29 29
ngr.bat
rcx
129
w
q

But it's not garantized fully protection against a experimented batch user

PD: This Script was compiles with QBFC, but i forgot to delete the comments from ExeScript xD

Last edited by SmartGenius (2010-01-29 09:23:08)