Sign in to follow this  
Followers 0
Insolence

Need an idea...

18 posts in this topic

I made a program to control a few computers in a classroom, it reads a simple ini file.

My problem is anyone on the network could edit the ini file, how do I get it protected? Could I possibly use dllcall's and a secure mySQL database somewhere?


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites



Well, excellent idea, but that doesn't stop them from just deleting the file.


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

Well, excellent idea, but that doesn't stop them from just deleting the file.

<{POST_SNAPBACK}>

Set the default share on the file/folder to read-only access and give yourself full access.

Lofting the cyberwinds on teknoleather wings, I am...The Blue Drache

Share this post


Link to post
Share on other sites

It's at my school and I'm not an admin. Any other solution?


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

It's at my school and I'm not an admin.  Any other solution?

<{POST_SNAPBACK}>

Other than filling out the paperwork and getting a project folder on the network drive that is set up as described earler....not that I know of. Setting the file attribs to +RH may help, but that will really only slow someone down and annoy them.

Lofting the cyberwinds on teknoleather wings, I am...The Blue Drache

Share this post


Link to post
Share on other sites

you can set the File Attributes through AU3, or you can pass a command through a dos terminal, using the cacls command, and restrict it to a specific Windows account


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

you could always encrypt it


[font="Times"] If anyone remembers me, I am back. Maybe to stay, maybe not.----------------------------------------------------------------------------------------------------------[/font][font="Times"]Things I am proud of: Pong! in AutoIt | SearchbarMy website: F.R.I.E.S.A little website that is trying to get started: http://thepiratelounge.net/ (not mine)[/font][font="Times"] ----------------------------------------------------------------------------------------------------------[/font][font="Arial"]The newbies need to stop stealing avatars!!! It is confusing!![/font]

Share this post


Link to post
Share on other sites

Xenogis, come on, read what I said. Someone could just delete it.

MSL, will this get me in trouble with the school or anything?

Can I set it to read from any account, and write from only my/the teachers account?


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Xenogis, come on, read what I said.  Someone could just delete it.

MSL, will this get me in trouble with the school or anything?

Can I set it to read from any account, and write from only my/the teachers account?

<{POST_SNAPBACK}>

Microsoft Windows XP [Version 5.1.2600]

© Copyright 1985-2001 Microsoft Corp.

02/08/2005 16:53:19.12

C:\>cacls /?

Displays or modifies access control lists (ACLs) of files

CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]]

              [/P user:perm [...]] [/D user [...]]

  filename      Displays ACLs.

  /T            Changes ACLs of specified files in

                the current directory and all subdirectories.

  /E            Edit ACL instead of replacing it.

  /C            Continue on access denied errors.

  /G user:perm  Grant specified user access rights.

                Perm can be: R  Read

                              W  Write

                              C  Change (write)

                              F  Full control

  /R user      Revoke specified user's access rights (only valid with /E).

  /P user:perm  Replace specified user's access rights.

                Perm can be: N  None

                              R  Read

                              W  Write

                              C  Change (write)

                              F  Full control

  /D user      Deny specified user access.

Wildcards can be used to specify more that one file in a command.

You can specify more than one user in a command.

Abbreviations:

  CI - Container Inherit.

        The ACE will be inherited by directories.

  OI - Object Inherit.

        The ACE will be inherited by files.

  IO - Inherit Only.

        The ACE does not apply to the current file/directory.

02/08/2005 16:53:33.98

C:\>

C:\cacls filename.txt /P *:R

*SHOULD* set everyone to read only, then you just add a

Edit: Doesn't work.

C:\cacls filename /G youraccount:F

to grant yourself full control.

Ok, you may have to loop the permission denial after dumping the ouput of "cacls filename.txt > temp.txt"

Edited by Blue_Drache

Lofting the cyberwinds on teknoleather wings, I am...The Blue Drache

Share this post


Link to post
Share on other sites

Thank you VERY much!


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

how about read ini file

if file, key, or value is corrupted, fileinstall inifile

or grab inifile from comp B, modify for comp A

installl to comp A, cycle through all pc's and if not found fileinstall and repeat.

or put a backup in another directory and if dir1 ini file does not exist, run backup inifile and place a copy in dir 1 or some other trick?

Edited by Coffee

Share this post


Link to post
Share on other sites

That doesn't work either. Someone can just edit the ini directly. I can't encrpt it because eventually they could just catch on.

I think I'll use the DOS stuff that was mentioned with some encryption algoritym I come up with.

Maybe current action & time would be the R4 key... something like that :lmao:


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

Having this in the startup of any computer that can access the file will work:

2 programs, each program makes sure the other is not closed and is not delted from the startup registry.

Have 4 .txt files that have same content. Each program will open their files using FileOpen(). This makes the files unable to be deleted. If one of the files becomes corrupt then it is replaced.

Lastly, you can have an admin program that is passworded internally that can tell the others to disable themselves.

/note: There is most likely something easier but this one you don't have to use external program.

Edited by Wolvereness

Offering any help to anyone (to my capabilities of course)Want to say thanks? Click here! [quote name='Albert Einstein']Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.[/quote][quote name='Wolvereness' date='7:35PM Central, Jan 11, 2005']I'm NEVER wrong, I call it something else[/quote]

Share this post


Link to post
Share on other sites

Yes, the easier method is just setting permissions.

You could just write a script to close both .exe's anyway and it'd throw the whole thing off... can't really get passed that.


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

What you can do is pull the md5 of the original file, and then have it check the ini file each time it runs. There's a dll file that does md5's, just search md5.dll in the forums...


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

I don't have to do that, and that still doesn't solve any problems.

FileSize does that well enough.


"I thoroughly disapprove of duels. If a man should challenge me, I would take him kindly and forgivingly by the hand and lead him to a quiet place and kill him." - Mark TwainPatient: "It hurts when I do $var_"Doctor: "Don't do $var_" - Lar.

Share this post


Link to post
Share on other sites

File size isn't accurate. Pulling an md5 sum will change with a single character switched.


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0