Jump to content

Simple Script to add security


benzrf
 Share

Recommended Posts

This is NOT my first script, so feel free to flame me(lol). This is not supposed to be anything particularly elaborate, just a program that asks you for a second password after your computer starts up and shuts down the computer if you get it wrong, as well as adding the attempt into a log. I know, why bother if you already have a password?, but think about it this way: Hacking a computer pretty much just entails booting it up from a CD, DVD, or flash drive, and then using John the Ripper or something similar to crack the hash. However, getting a password out of a compiled EXE means sifting through binary or hex(doesn't it?), and there are definitely more people out there who know how to do the former than the latter.

CODE
$passq = InputBox("Type in the password you want.", "Type the password below.")

$program = '$passq = InputBox("Login", "Type your password.", "", "*", -1, -1, -1, 10)' & @CRLF & '$passq2 = InputBox("Login", "Confirm your password.", "", "*", -1, -1, -1, 10)' & @CRLF & '$passq = StringLower($passq)' & @CRLF & '$passq2 = StringLower($passq2)' & @CRLF & 'If $passq <> $passq2 Then' & @CRLF & ' $passq = InputBox("Login", "The two passwords do not match.", "", "*", -1, -1, -1, 10)' & @CRLF & ' $passq = StringLower($passq)' & @CRLF & 'EndIf' & @CRLF & 'If $passq <> StringLower("' & $passq & '") Then' & @CRLF & ' BlockInput(1)' & @CRLF & ' $fileq = FileOpen("C:\logfile", 1)' & @CRLF & ' BlockInput(1)' & @CRLF & ' FileWriteLine($fileq, @HOUR & ":" & @MIN & ", " & @MDAY & "/" & @MON & "/" & @YEAR & ". Attempted password:" & $passq)' & @CRLF & ' BlockInput(1)' & @CRLF & ' FileClose($fileq)' & @CRLF & ' BlockInput(1)' & @CRLF & ' Shutdown(29)' & @CRLF & 'EndIf'

$filehandleq = FileOpen(@ScriptDir & "\securityscript.au3", 2)

FileWrite($filehandleq, $program)

FileClose($filehandleq)

$runpathq = RegRead("HKEY_CLASSES_ROOT\AutoIt3Script\Shell\Compile\Command", "")

$runpathq = StringLeft($runpathq, StringLen($runpathq) - 3)

$runpathq = $runpathq & @ScriptDir & "\" & "securityscript.au3" & '"'

RunWait($runpathq)

RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", "SecurityScript", "REG_SZ", @ScriptDir & "\securityscript.exe")

Exit

By the way, the reason I put several BlockInputs is that if the intruder presses Ctrl-Alt-Del, they just might be able to halt the program. So I repeat it several times to reset it just in case they manage to.

Lastly, to set this to run every time someone logs in, start up RegEdit and go to:

HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER if you want it to be when you log in only)/SOFTWARE/Microsoft/Windows/CurrentVersion/Run

and add a new REG_SZ value containing the script's path.

UPDATE: The script I have included now creates and compiles the "real" script, as well as adding the necessary registry key and puts your desired password into the script for you.

Edited by benzrf
Link to comment
Share on other sites

lol not bad. :D It's also a good way to obtain the intruder's passwords in some cases. Some of my friends are dumb enough to try their own passwords on my computer. :D

By the way, if you want to make this write to the registry automatically, you can use RegWrite(

Anyway, I'll use this (and give you credit of course) in one of my upcoming projects. Nice work. :o

Edited by DJKMan

 

 

Link to comment
Share on other sites

I didn't add the RegWrite function because you might accidentally run it and forget your password, or something similar. Just a bit of safety. By the way, thanks for the correction, HAL9000!

I honestly didn't think anyone would really like it! After all, anyone with the idea could script it in two or three minutes...

Lastly, if you didn't realize by now, the reason I had it record the attempted password is in case it would help you guess who tried to get in.

Edited by benzrf
Link to comment
Share on other sites

  • Developers

bomp(is that allowed?)

Why, just to promote this script?

Don't think you want a serious opinion about this scrip.

Anyways, Since when does BlockInput(1) block Ctrl+Alt+Del?

Remarks

If BlockInput is enabled, the Alt keypress cannot be sent!

The table below shows how BlockInput behavior depends on the Windows version; however, pressing Ctrl+Alt+Del on any platform will re-enable input due to a Windows API feature.

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

OK, sorry. Anyway, yes, Ctrl-Alt-Del doesn't get blocked, yes. What I said was that, in the event that they pressed Ctrl+Alt+Del, it wouldn't help them because the script would automatically re-block their keystrokes.

Link to comment
Share on other sites

kk, a couple of things to make it better...

open up taskmgr.exe on startup, but set its state to hidden, that way the cant get to it, even if they do press ctrl alt delete.

For cApiTaLs sensitive in pass replace:

If $passq <> "Put your password here" Then

with

If Not $passq == "Put your password here" Then

Possibly a confirm pass? I misstyped mine trying it out lol....

make a setup file, that writes to the registry, and asks user to create a pass.

in the script, enter the pass encrypted, and decrypt it at every run for more security.

possibly a bypass in case of forgetting, but something random such as a hotkey that you need to press ctrl+alt+shift+4+2+a+u+t+o+i+t to enable...

very nice idea though!!

Link to comment
Share on other sites

  • Developers

kk, a couple of things to make it better...

open up taskmgr.exe on startup, but set its state to hidden, that way the cant get to it, even if they do press ctrl alt delete.

For cApiTaLs sensitive in pass replace:

If $passq <> "Put your password here" Then

with

If Not $passq == "Put your password here" Then
Are you sure?

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

the case bit?

The helpfile says so anyway...

== Tests if two values are equal (case sensitive if used with strings)

or taskmgr?

thats true to, just tried. It still shows in the notif tray though. It doesn't open a new one either!! (probably not the most approppriate things for the forums...sorry, will edit out if you want...)

Edited by mdiesel
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...