benzrf Posted April 14, 2009 Share Posted April 14, 2009 (edited) This is NOT my first script, so feel free to flame me(lol). This is not supposed to be anything particularly elaborate, just a program that asks you for a second password after your computer starts up and shuts down the computer if you get it wrong, as well as adding the attempt into a log. I know, why bother if you already have a password?, but think about it this way: Hacking a computer pretty much just entails booting it up from a CD, DVD, or flash drive, and then using John the Ripper or something similar to crack the hash. However, getting a password out of a compiled EXE means sifting through binary or hex(doesn't it?), and there are definitely more people out there who know how to do the former than the latter.CODE$passq = InputBox("Type in the password you want.", "Type the password below.")$program = '$passq = InputBox("Login", "Type your password.", "", "*", -1, -1, -1, 10)' & @CRLF & '$passq2 = InputBox("Login", "Confirm your password.", "", "*", -1, -1, -1, 10)' & @CRLF & '$passq = StringLower($passq)' & @CRLF & '$passq2 = StringLower($passq2)' & @CRLF & 'If $passq <> $passq2 Then' & @CRLF & ' $passq = InputBox("Login", "The two passwords do not match.", "", "*", -1, -1, -1, 10)' & @CRLF & ' $passq = StringLower($passq)' & @CRLF & 'EndIf' & @CRLF & 'If $passq <> StringLower("' & $passq & '") Then' & @CRLF & ' BlockInput(1)' & @CRLF & ' $fileq = FileOpen("C:\logfile", 1)' & @CRLF & ' BlockInput(1)' & @CRLF & ' FileWriteLine($fileq, @HOUR & ":" & @MIN & ", " & @MDAY & "/" & @MON & "/" & @YEAR & ". Attempted password:" & $passq)' & @CRLF & ' BlockInput(1)' & @CRLF & ' FileClose($fileq)' & @CRLF & ' BlockInput(1)' & @CRLF & ' Shutdown(29)' & @CRLF & 'EndIf'$filehandleq = FileOpen(@ScriptDir & "\securityscript.au3", 2)FileWrite($filehandleq, $program)FileClose($filehandleq)$runpathq = RegRead("HKEY_CLASSES_ROOT\AutoIt3Script\Shell\Compile\Command", "")$runpathq = StringLeft($runpathq, StringLen($runpathq) - 3)$runpathq = $runpathq & @ScriptDir & "\" & "securityscript.au3" & '"'RunWait($runpathq)RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", "SecurityScript", "REG_SZ", @ScriptDir & "\securityscript.exe")ExitBy the way, the reason I put several BlockInputs is that if the intruder presses Ctrl-Alt-Del, they just might be able to halt the program. So I repeat it several times to reset it just in case they manage to.Lastly, to set this to run every time someone logs in, start up RegEdit and go to:HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER if you want it to be when you log in only)/SOFTWARE/Microsoft/Windows/CurrentVersion/Runand add a new REG_SZ value containing the script's path.UPDATE: The script I have included now creates and compiles the "real" script, as well as adding the necessary registry key and puts your desired password into the script for you. Edited April 19, 2009 by benzrf Link to comment Share on other sites More sharing options...
DJKMan Posted April 15, 2009 Share Posted April 15, 2009 (edited) lol not bad. It's also a good way to obtain the intruder's passwords in some cases. Some of my friends are dumb enough to try their own passwords on my computer. By the way, if you want to make this write to the registry automatically, you can use RegWrite( Anyway, I'll use this (and give you credit of course) in one of my upcoming projects. Nice work. Edited April 15, 2009 by DJKMan Link to comment Share on other sites More sharing options...
snowman533 Posted April 15, 2009 Share Posted April 15, 2009 awesome work, ill use this in my password storer, of course you will get full credit Intermediate AutoIt/Autohotkey User Link to comment Share on other sites More sharing options...
HAL9000 Posted April 15, 2009 Share Posted April 15, 2009 wrong $passq = InputBox("Login", "Type your password.", "*", -1, -1, -1, -1, 10) right $passq = InputBox("Login", "Type your password.", "", "*", -1, -1, -1, 10) Link to comment Share on other sites More sharing options...
benzrf Posted April 16, 2009 Author Share Posted April 16, 2009 (edited) I didn't add the RegWrite function because you might accidentally run it and forget your password, or something similar. Just a bit of safety. By the way, thanks for the correction, HAL9000! I honestly didn't think anyone would really like it! After all, anyone with the idea could script it in two or three minutes... Lastly, if you didn't realize by now, the reason I had it record the attempted password is in case it would help you guess who tried to get in. Edited April 16, 2009 by benzrf Link to comment Share on other sites More sharing options...
benzrf Posted April 18, 2009 Author Share Posted April 18, 2009 bomp(is that allowed?) Link to comment Share on other sites More sharing options...
Developers Jos Posted April 18, 2009 Developers Share Posted April 18, 2009 bomp(is that allowed?)Why, just to promote this script?Don't think you want a serious opinion about this scrip. Anyways, Since when does BlockInput(1) block Ctrl+Alt+Del?RemarksIf BlockInput is enabled, the Alt keypress cannot be sent!The table below shows how BlockInput behavior depends on the Windows version; however, pressing Ctrl+Alt+Del on any platform will re-enable input due to a Windows API feature. SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
benzrf Posted April 18, 2009 Author Share Posted April 18, 2009 OK, sorry. Anyway, yes, Ctrl-Alt-Del doesn't get blocked, yes. What I said was that, in the event that they pressed Ctrl+Alt+Del, it wouldn't help them because the script would automatically re-block their keystrokes. Link to comment Share on other sites More sharing options...
Mat Posted April 18, 2009 Share Posted April 18, 2009 kk, a couple of things to make it better... open up taskmgr.exe on startup, but set its state to hidden, that way the cant get to it, even if they do press ctrl alt delete. For cApiTaLs sensitive in pass replace: If $passq <> "Put your password here" Then with If Not $passq == "Put your password here" Then Possibly a confirm pass? I misstyped mine trying it out lol.... make a setup file, that writes to the registry, and asks user to create a pass. in the script, enter the pass encrypted, and decrypt it at every run for more security. possibly a bypass in case of forgetting, but something random such as a hotkey that you need to press ctrl+alt+shift+4+2+a+u+t+o+i+t to enable... very nice idea though!! AutoIt Project Listing Link to comment Share on other sites More sharing options...
Developers Jos Posted April 18, 2009 Developers Share Posted April 18, 2009 kk, a couple of things to make it better... open up taskmgr.exe on startup, but set its state to hidden, that way the cant get to it, even if they do press ctrl alt delete. For cApiTaLs sensitive in pass replace: If $passq <> "Put your password here" Then with If Not $passq == "Put your password here" ThenAre you sure? SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Mat Posted April 18, 2009 Share Posted April 18, 2009 (edited) the case bit?The helpfile says so anyway...== Tests if two values are equal (case sensitive if used with strings)or taskmgr?thats true to, just tried. It still shows in the notif tray though. It doesn't open a new one either!! (probably not the most approppriate things for the forums...sorry, will edit out if you want...) Edited April 18, 2009 by mdiesel AutoIt Project Listing Link to comment Share on other sites More sharing options...
Developers Jos Posted April 18, 2009 Developers Share Posted April 18, 2009 This proves you didn't try. It should be: If Not ($passq == "Put your password here") Then SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Mat Posted April 18, 2009 Share Posted April 18, 2009 woops... we're both right if you take away the not... $1 = "AaAa" $2 = "AaAa" If ($1 == $2) Then MsgBox (48, "Jos", "Jos is right.") If $1 == $2 Then MsgBox (48, "MDiesel", "MDiesel is right.") but you're right when you add it. AutoIt Project Listing Link to comment Share on other sites More sharing options...
benzrf Posted April 18, 2009 Author Share Posted April 18, 2009 (edited) Thanks for the tip! I'll update my first post. Edited April 18, 2009 by benzrf Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now