IanN1990 Posted September 5, 2016 Share Posted September 5, 2016 Hi, I had an idea last night but it requires information about how this UDF works. I am part of second-line support and in charge of improving internal processes. One of the relationships i am currently looking at is the interaction between first-line and second-line. First-Line has access to Active Directory but only read-only and security will never approve write access due to how dangerous it could be. The problem is a lot of non-critical requests are being passed to second-line which could be done by first line. Example - Updating someones printer pass details, assigning visualized freeware applications etc My Current Idea I have written a application, that when loads presents with a list of freeware applications or printerpass. When first-line selects a user + package and clicks go it generates a file on my back-up vitalized machine (as both first-line + backup are linked by network) which sees the file and processes it (with my AD account) My New Idea is In the UDF it says you can connect using details, though i would need to figure out the nitty / gritty of storing my information while making it impossible to read outside of the script, would anything else on that system gain that ability or is it limited only to that autoit process ? Link to comment Share on other sites More sharing options...
water Posted September 5, 2016 Share Posted September 5, 2016 If you provide credentials in an AutoIt script then it is quite easy for people to extract this information. I would stick with your current idea. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
IanN1990 Posted September 5, 2016 Author Share Posted September 5, 2016 (edited) Hi, Though i admit at the time of writing this point i was aware of that but was confident i could protect it in some way. So i was looking more at the AD aspect of secure connection not over-riding any current connection they might have. Saying that i have been knocked down a peg or two in that aspect password aspect. Though, i did find this. Would this protect the password within the code? Edited September 5, 2016 by IanN1990 Link to comment Share on other sites More sharing options...
water Posted September 6, 2016 Share Posted September 6, 2016 It is my understanding that you can only make it harder to gain access to the stored credentials but at a point in time the script needs to be interpreted by AutoIt. That's when the full source code needs to be unencrypted. So: There is no 100% secure way to store your credentials. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
IanN1990 Posted September 6, 2016 Author Share Posted September 6, 2016 (edited) So are you referring to when the variable is needed to run it is decrypted or when the script is loaded it is decrypted. In other words the data is "safe" (i use loosely) until it is run at which point someone would be able to read memory for the decrypted information? Edited September 6, 2016 by IanN1990 Link to comment Share on other sites More sharing options...
water Posted September 6, 2016 Share Posted September 6, 2016 I do not know CodeCrypter. But as I understand it your code is only save if you need to enter a password (or whatever) that is stored outside the script (your head etc.). Means: You would need to enter this information every time you run your script. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now