Protect password in batch file

[henryb]

I need to use the net use command in a batch file that will be run

automatically, to ensure that a mapped drive is connected.

My question is, how can I avoid having the password to the mapped share

appear in plain text in the batch file?

Thanks.

 

[Hans Le Roy]

Hi Henry,

"henryb" <henryb@discussions.microsoft.com> wrote in message

news:281C754F-F208-4E66-B7F6-C0D4E7F4429F@microsoft.com...<span style="color:blue">

>I need to use the net use command in a batch file that will be run

> automatically, to ensure that a mapped drive is connected.

>

> My question is, how can I avoid having the password to the mapped share

> appear in plain text in the batch file?

>

> Thanks.</span>

Maybe Batch2Exe does what you want.

http://bat-to-exe-converter.fatih-kodak.qarchive.org/

Kind regards

Hans

 

[VanguardLH]

Hans Le Roy wrote:

<span style="color:blue">

> Hi Henry,

>

> "henryb" <henryb@discussions.microsoft.com> wrote in message

> news:281C754F-F208-4E66-B7F6-C0D4E7F4429F@microsoft.com...<span style="color:green">

>>I need to use the net use command in a batch file that will be run

>> automatically, to ensure that a mapped drive is connected.

>>

>> My question is, how can I avoid having the password to the mapped share

>> appear in plain text in the batch file?

>>

>> Thanks.</span>

>

> Maybe Batch2Exe does what you want.

> http://bat-to-exe-converter.fatih-kodak.qarchive.org/</span>

You sure? Doesn't that merely wrap the original file with an .exe

interpreter? That is, the original batch file is probably just a data

section in the .exe file that anyone with a hex editor could view the

text strings to see the password. One of the features mentioned at the

author's home site is "hidden source" so maybe it jumbles up the data so

it can't be seen by looking inside the resultant .exe file with a hex

editor or string search utility.

 

[Anteaus]

http://autoitscript.com

Compile to an encrypted executable, and it's reasonably secure - well,

against nongeek types anyway. You can run the batch file with Run() - or

better, use the builtin DriveMapAdd() command.

If you want to be more secure, there is an RC4 module you can encrypt the

password itself with. Although, I would have the user enter it manually, no

automatic password is entirely secure as the computer itself must have some

way of decrypting it.

You should also over-write any variable which held the plaintext password

with a random string before the program terminates, otherwise a

memory-sniffer could still find it in RAM or the swapfile. But then, that's

getting paranoid.

Either that, or use http://mylogon.net - a GPL tool for a similar purpose

which might meet your needs.