Protect password in batch file

  • Thread starter Thread starter henryb
  • Start date Start date
H

henryb

I need to use the net use command in a batch file that will be run
automatically, to ensure that a mapped drive is connected.

My question is, how can I avoid having the password to the mapped share
appear in plain text in the batch file?

Thanks.
 
Hi Henry,

"henryb" <henryb@discussions.microsoft.com> wrote in message
news:281C754F-F208-4E66-B7F6-C0D4E7F4429F@microsoft.com...
>I need to use the net use command in a batch file that will be run
> automatically, to ensure that a mapped drive is connected.
>
> My question is, how can I avoid having the password to the mapped share
> appear in plain text in the batch file?
>
> Thanks.

Maybe Batch2Exe does what you want.
http://bat-to-exe-converter.fatih-kodak.qarchive.org/

Kind regards

Hans
 
Hans Le Roy wrote:

> Hi Henry,
>
> "henryb" <henryb@discussions.microsoft.com> wrote in message
> news:281C754F-F208-4E66-B7F6-C0D4E7F4429F@microsoft.com...
>>I need to use the net use command in a batch file that will be run
>> automatically, to ensure that a mapped drive is connected.
>>
>> My question is, how can I avoid having the password to the mapped share
>> appear in plain text in the batch file?
>>
>> Thanks.
>
> Maybe Batch2Exe does what you want.
> http://bat-to-exe-converter.fatih-kodak.qarchive.org/

You sure? Doesn't that merely wrap the original file with an .exe
interpreter? That is, the original batch file is probably just a data
section in the .exe file that anyone with a hex editor could view the
text strings to see the password. One of the features mentioned at the
author's home site is "hidden source" so maybe it jumbles up the data so
it can't be seen by looking inside the resultant .exe file with a hex
editor or string search utility.
 
http://autoitscript.com

Compile to an encrypted executable, and it's reasonably secure - well,
against nongeek types anyway. You can run the batch file with Run() - or
better, use the builtin DriveMapAdd() command.

If you want to be more secure, there is an RC4 module you can encrypt the
password itself with. Although, I would have the user enter it manually, no
automatic password is entirely secure as the computer itself must have some
way of decrypting it.

You should also over-write any variable which held the plaintext password
with a random string before the program terminates, otherwise a
memory-sniffer could still find it in RAM or the swapfile. But then, that's
getting paranoid.

Either that, or use http://mylogon.net - a GPL tool for a similar purpose
which might meet your needs.
 
Back
Top