Sign in to follow this  
Followers 0
playlet

---

27 posts in this topic

#1 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites



If you have registry access, this webpage shows you how to easily lock any drive.


[font="Verdana"] [size="2"]"[/size][/font]Failure is not an option -- it comes packaged with Windows"[font="Verdana"][size="2"] Gecko Web Browser[/size][/font][font="Verdana"][size="2"], [/size][/font][font="Verdana"][size="2"]Yahtzee![/size][/font][font="Verdana"][size="2"], Toolbar Launcher (like RocketDock)[/size][/font][font="Verdana"][size="2"]Internet Blocker, Simple Calculator, Local Weather, Easy GDI+ GUI [/size][/font][font="Verdana"][size="2"]Triangle Solver, TCP File Transfer, [/size][/font][font="Verdana"][size="2"]Valuater's Autoit Wrappers[/size][/font][font="Verdana"][size="3"][size="2"][size="2"]OOP In AutoIt[/size][/size][/size][/font][font="Verdana"][size="2"][size="1"]Using Windows XP SP3, 1GB RAM, AMD Athlon Processor @ 2.1 GHzCheck me out at gadgets.freehostrocket.com[/size][/size][/font]

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

I have to restart computer for the changes to take effect.

Not sure if it'll work, but have you tried killing and restarting your explorer shell to force it to "take"

whim

Share this post


Link to post
Share on other sites

You could write your own file system and use it on the disk. Then Windows can't mount it but you can use your custom "explorer" to read the files.

Share this post


Link to post
Share on other sites

You could write your own file system and use it on the disk. Then Windows can't mount it but you can use your custom "explorer" to read the files.

Sounds interesting. Have an example?

Share this post


Link to post
Share on other sites

You could write your own file system and use it on the disk. Then Windows can't mount it but you can use your custom "explorer" to read the files.

Sounds interesting. Have an example?

No not really. You would just be reading and writing directly to the disk though. You'd have to come up with your own way to store the files.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

Yes, that works. Although killing explorer so many times doesn't seem right or practical.

May be it helps in this case without restarting explorer.exe

just run this command in context of your script after regwrite():

gpupdate /force
Edited by Sh3llC043r

[size="5"] [/size]

Share this post


Link to post
Share on other sites

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor

4. In the right pane, double-click Start.

5. In the Value data box, type 4, click Hexadecimal (if it is not already

selected), and then click OK.

This works for me on XP.It takes effect if the usb has not been inserted yet.

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

When you do this and plug in an USB devise afterwords nothing happens.

And the USB drive is unusable until you revert the changes.

Check it out. The only thing is that it doesnt disable already inserted USB drives.

So the registry change must be done before inserting the USB drive you want disabled.

Share this post


Link to post
Share on other sites

#15 ·  Posted (edited)

Let's get this straight, do you want to disable access to USB drives on machines you control or do you want all machines to disable access to your USB drive?

Currently, the solutions provided by everyone, except me and Richard, are to disable access from your machine to any USB.

Edited by Manadar

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

Hi,

You can execute this command like:

run("cmd.exe /c gpupdate /force", "", @SW_HIDE)

or

#include <Process.au3>
$commandeffect="gpupdate /force"
_RunDOS($commandeffect)

For you i saw if you restart explorer.exe process (like tskill explorer) changes on your regedit(after regwrite() of course) is true and

has take effect witout restarting system.Am i rights?

And i think here is analog method to do it like above.

Try may be it helps.

And please keep in mind gpupdate /force command require max 2 second for take effect in system.

P.S always i use this method in my comp at home(OS WIN XP (ru) 5.1.2600 Service Pack 2 32 bit) for take effect all regedit & GPO(Group Policy Object)

changes without restaring OS.

There is another way to do it but i think it is not secure and may be can damage system.(I test it in my OS) and i recommend do not use this method.

Bcuz drive letter and its hex valuesmay differ on another comp.

Proof see here: h*tp://www.pctools.com/guides/registry/detail/1157/

And say i have Flash drive which letter is "J"(without quotes)

And hex() for J is:

512

If i apply to my system this changes it cause error on drive letter and mistakely prevent access to my another disk which letter is "i".(I test it)

In other words this method may be generate errors or mistakes which is not secure.

But what`s happened if it prevenet access to my logical drive where OS installed?As result this after reboot may be FATAL for OS.

I do not recommend to you use it in your application.

Also i think about 3`rd method with autorun.inf

somethink like below:(sorry i didnt test it on my OS bcuz autorun is disabled probably on my OS +fixed.)

But i think here is may be some idea for you how to realise it.

echo [AutoRun] >>autorun.inf
echo shell\open\Command=yourpass_protected_file.exe>>autorun.inf 
echo open=yourpass_protected_file.exe >>autorun.inf

and here is: yourpass_protected_file.exe your au3 compiled *.exe which require Valid pass and if authorisation is Valid delete autorun.inf from removable drive and

then give access to drive directly.

Just run above command in context of run() command.

Restrictions on this methtod:

1:) Many AV applications may cause false/+\prositivies about this autorun.inf

2:) If user disabled autorun on removable drives maybe it cannot correctly run.

3:) and etc.

Sorry for awfull English.


[size="5"] [/size]

Share this post


Link to post
Share on other sites

#18 ·  Posted (edited)

---

Edited by playlet

Share this post


Link to post
Share on other sites

Big note here. Autorun.inf is not called on USB media without changes made on the target system.

And in many cases, autorun is globally disabled.

Share this post


Link to post
Share on other sites

One note:

Playlet i think this method too is not secure:

{21EC2020-3AEA-1069-A2DD-08002B30309D}

few years ago i try it with another application but here is whole:

if user knows {21EC2020-3AEA-1069-A2DD-08002B30309D} identifier for folder from console:

like

dir & attrib -h -r -s -a

and in next he may bypass all restrictions like:

cd somefolder.{21EC2020-3AEA-1069-A2DD-08002B30309D}

dir

@rem its content of protected folder:(

Please try bypass it from console and you will see it.

Thanks.


[size="5"] [/size]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0