Jump to content

---

playlet

By playlet,
in AutoIt General Help and Support

 Share

Recommended Posts

Richard Robertson Universalist

Richard Robertson

Posted
Posted 

You could write your own file system and use it on the disk. Then Windows can't mount it but you can use your custom "explorer" to read the files.

Sounds interesting. Have an example?

No not really. You would just be reading and writing directly to the disk though. You'd have to come up with your own way to store the files.
Link to comment
Share on other sites
Fire Universalist

Fire

Posted
Posted (edited)

Yes, that works. Although killing explorer so many times doesn't seem right or practical.

May be it helps in this case without restarting explorer.exe

just run this command in context of your script after regwrite():

gpupdate /force
Edited by Sh3llC043r
[size="5"] [/size]
Link to comment
Share on other sites
Juvigy Universalist

Juvigy

Posted
Posted

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor

4. In the right pane, double-click Start.

5. In the Value data box, type 4, click Hexadecimal (if it is not already

selected), and then click OK.

This works for me on XP.It takes effect if the usb has not been inserted yet.

Link to comment
Share on other sites
Juvigy Universalist

Juvigy

Posted
Posted

When you do this and plug in an USB devise afterwords nothing happens.

And the USB drive is unusable until you revert the changes.

Check it out. The only thing is that it doesnt disable already inserted USB drives.

So the registry change must be done before inserting the USB drive you want disabled.

Link to comment
Share on other sites
jvanegmond Universalist

jvanegmond

Posted
Posted (edited)

Let's get this straight, do you want to disable access to USB drives on machines you control or do you want all machines to disable access to your USB drive?

Currently, the solutions provided by everyone, except me and Richard, are to disable access from your machine to any USB.

Edited by Manadar

github.com/jvanegmond

Link to comment
Share on other sites
Fire Universalist

Fire

Posted
Posted

Hi,

You can execute this command like:

run("cmd.exe /c gpupdate /force", "", @SW_HIDE)

or

#include <Process.au3>
$commandeffect="gpupdate /force"
_RunDOS($commandeffect)

For you i saw if you restart explorer.exe process (like tskill explorer) changes on your regedit(after regwrite() of course) is true and

has take effect witout restarting system.Am i rights?

And i think here is analog method to do it like above.

Try may be it helps.

And please keep in mind gpupdate /force command require max 2 second for take effect in system.

P.S always i use this method in my comp at home(OS WIN XP (ru) 5.1.2600 Service Pack 2 32 bit) for take effect all regedit & GPO(Group Policy Object)

changes without restaring OS.

There is another way to do it but i think it is not secure and may be can damage system.(I test it in my OS) and i recommend do not use this method.

Bcuz drive letter and its hex valuesmay differ on another comp.

Proof see here: h*tp://www.pctools.com/guides/registry/detail/1157/

And say i have Flash drive which letter is "J"(without quotes)

And hex() for J is:

512

If i apply to my system this changes it cause error on drive letter and mistakely prevent access to my another disk which letter is "i".(I test it)

In other words this method may be generate errors or mistakes which is not secure.

But what`s happened if it prevenet access to my logical drive where OS installed?As result this after reboot may be FATAL for OS.

I do not recommend to you use it in your application.

Also i think about 3`rd method with autorun.inf

somethink like below:(sorry i didnt test it on my OS bcuz autorun is disabled probably on my OS +fixed.)

But i think here is may be some idea for you how to realise it.

echo [AutoRun] >>autorun.inf
echo shell\open\Command=yourpass_protected_file.exe>>autorun.inf 
echo open=yourpass_protected_file.exe >>autorun.inf

and here is: yourpass_protected_file.exe your au3 compiled *.exe which require Valid pass and if authorisation is Valid delete autorun.inf from removable drive and

then give access to drive directly.

Just run above command in context of run() command.

Restrictions on this methtod:

1:) Many AV applications may cause false/+\prositivies about this autorun.inf

2:) If user disabled autorun on removable drives maybe it cannot correctly run.

3:) and etc.

Sorry for awfull English.

[size="5"] [/size]
Link to comment
Share on other sites
Fire Universalist

Fire

Posted
Posted

One note:

Playlet i think this method too is not secure:

{21EC2020-3AEA-1069-A2DD-08002B30309D}

few years ago i try it with another application but here is whole:

if user knows {21EC2020-3AEA-1069-A2DD-08002B30309D} identifier for folder from console:

like

dir & attrib -h -r -s -a

and in next he may bypass all restrictions like:

cd somefolder.{21EC2020-3AEA-1069-A2DD-08002B30309D}

dir

@rem its content of protected folder:(

Please try bypass it from console and you will see it.

Thanks.

[size="5"] [/size]
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...