Convert Batch (bat) into AutoIT (au3) and create EXECUTABLE

[utilizadortnt]

I have two batch files:

map_drive.bat

 net use x: \\10.0.0.1\upload /user:utilizador password 

and

putty.bat

 
cd ..
cd PuTTY
putty.exe utilizador@10.0.0.1 -pw password

I want to hide the passwords and create a executable from this batch files.

Can someone please help me?

Edited July 28, 2013 by utilizadortnt

[Melba23]

utilizadortnt,

Welcome to the AutoIt forum.

But you need to know immediately that AutoIt will not keep your passwords safe. Searching the forums will provide you with a lot more information in greater detail, but in brief:

 

- Your plain language script is within the compiled .exe, but in compressed form. It is not immediately viewable with a hex editor, but is by no means secure as it is expanded in memory when the .exe is run.

- Obfuscator (part of the full SciTE4AutoIt3 package) will obscure your script by changing variable and constant names (and a lot more!), which makes it harder to decompile but again does not render the .exe secure.

So, compiling an AutoIt script will prevent quick snooping, but a determined, experienced hacker can relatively easily get your source - including passwords, specific filenames, etc - or the encryption routines you have used in your script to encrypt/decrypt them if they are stored in another file.

Probably not what you wanted to hear, but best you are told straight away.

M23

[utilizadortnt]

Thank you Melba23 !

I have read several posts and I realise that is a "mission impossible" to 100% secure passwords.

I understand an experienced hacker can access that information but I want to protect my file from common users.

 

I have run into this script to create the map_drive I need without exposing the password.

#include <Process.au3>
_RunDOS("net use x: /delete /yes > nul")
_RunDOS("net use x: \\10.0.0.1\upload password /user:utilizador")
MsgBox( 0, "Done", "Connected Server", 3)

How can I protect it further with Obfuscator?

 

I have also come accros this command:

 ShellExecute("putty.bat") 

But again, I don't want to have batch file with plain text passwords. I would prefer something like this:

 ShellExecute("putty.exe") 

Were the executable would contain the user and password. Can someone assist with this one please?

Thanks in advance.

 

[Melba23]

utilizadortnt,

To use Obfuscator just download the full SciTE4AutoIt3 package and install it. The <Help - SciTE Help> menu offers assistance for all the added goodies that you will find.

As to using ShellExecute - look in the Help file and you will see how to add parameters to the command. The Help file should always be your first point of call when using AutoIt.

M23

[utilizadortnt]

Thank you for your fast reply.

I have tried this one

ShellExecute('..\Putty\putty.exe', '"utilizador@10.0.0.1 -pw password"')

But it still asks for the password.

Can someone help me please? I have read the help file but am unable to proceed.

Edited July 28, 2013 by utilizadortnt

[utilizadortnt]

#include <Process.au3>
_RunDOS("net use x: /delete /yes > nul")
_RunDOS("net use x: \\10.0.0.1\upload password /user:utilizador")
MsgBox( 0, "Done", "Connected Server", 3)

$Execute = "..\putty\putty.exe"
$Arguments = "utilizador@10.0.0.1 -pw password"
ShellExecute ( $Execute, $Arguments)

Edited July 28, 2013 by utilizadortnt

[MarkRobbins]

I believe anything that uses shell execute can be hooked (and read) from within windows. So if you are trying to create a time-limited password key as an exe, this might be of concern to you.