Sign in to follow this  
Followers 0
powaking

Lockdown Your Apps

4 posts in this topic

If you write apps for your collegues and only want them to use them then you may want to try this. I used this with a set of tools that I wrote (primarily a remote control tool using VNC).

As you can see it will download a text containing a list of users. This list has been converted using the _stringtohex so that if someone happens to see this file they won't know what it is or what it means. It will then take the current logged on user convert their username to hex and then compare against the list. If the user is not authorized it will then send you an email (using blat.exe) and close out the tool.

To convert the list from string to hex I created another tool to do this. This way it will be easier to add and remove users. This tool will then send keystrokes the upload the updated list.

Ok, you guys can now tear it apart :)

Ping("[i]enter server that has the file of user names[/i]")
If @error Then
    MsgBox(16, "Authorization Failed", "Server Unavailable!" & @CRLF & "Unable to authorize use of tool.", 8)
    AutoItExit()
    Exit
EndIf

FileInstall("blat.exe", @TempDir & "\")
$file = _tempfile ()

InetGet("[i]your server that holds the list of users[/i]", $file, 1, 0)

$auth = 0
$newfile = FileOpen($file, 0)

$unamehex = _stringtohex (@UserName)

While 1
    $line = FileReadLine($newfile)
    If @error = -1 Then ExitLoop
    If $unamehex = $line Then
        $auth = 1
        ExitLoop
    EndIf
WEnd

FileClose($newfile)
FileDelete($file)

If $auth = 0 Then
    Run(@TempDir & '\blat.exe -body "Tool Executed by ' & @UserName & '" -to [i]enter your address here[/i] -f ' & @UserName & '[i]domain[/i] -server [i]email server[/i] -subject "Unauthorized use attempted by ' & @UserName & '"', "", @SW_HIDE)
    MsgBox(16 + 262144, "Error", "You are not authorized" & @CRLF & "to use this tool!", 8)
    AutoItExit()
    Exit
EndIf

Share this post


Link to post
Share on other sites



If you write apps for your collegues and only want them to use them then you may want to try this. I used this with a set of tools that I wrote (primarily a remote control tool using VNC).

As you can see it will download a text containing a list of users. This list has been converted using the _stringtohex so that if someone happens to see this file they won't know what it is or what it means. It will then take the current logged on user convert their username to hex and then compare against the list. If the user is not authorized it will then send you an email (using blat.exe) and close out the tool.

To convert the list from string to hex I created another tool to do this. This way it will be easier to add and remove users. This tool will then send keystrokes the upload the updated list.

Ok, you guys can now tear it apart :)

Not bad. I do something similar with VNC. One of the managers uses it to train people, but we don't want him to know our VNC password. Therefore, I use a list with only the names of the computers he can access. The PC name and password fill themselves in using ControlSetText so it is too fast for him to see.

One thing I would recommend is using the beta TCP functions to send an email rather than relying on blat. I have used both blat and Sendmail in the past, but I prefer to do everything via AutoIt when possible.

Share this post


Link to post
Share on other sites

Not bad. I do something similar with VNC. One of the managers uses it to train people, but we don't want him to know our VNC password. Therefore, I use a list with only the names of the computers he can access. The PC name and password fill themselves in using ControlSetText so it is too fast for him to see.

One thing I would recommend is using the beta TCP functions to send an email rather than relying on blat. I have used both blat and Sendmail in the past, but I prefer to do everything via AutoIt when possible.

I haven't dove into Beta just yet. From all the messages I've been reading it seems I'm missing out on a lot and am probably doing a lot of stuff the hard way. But I agree, the less apps you can rely on with your scripts the better.

Not sure if you know but with vnc you can use the -securitytypes=none option so that no password is required. Just goes right through (with RealVNC that is).

Share this post


Link to post
Share on other sites

I'm finally using AutoIt beta. Curious to know how you are using TCP commands to send email messages. I've tried the INetSMTPmail script someone had writting but keep getting an error about getting an open socket (error 4).

I have used the TCP functions in another one of my apps which works well but that script doesn't seem to help.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0