There are some freeware utils that do this, my only problem it has to be done on teh commadn line.

IE

I want to run like

batTOexe file.bat file.exe

or better yet

batTOexe c:\batchfiles

cant have a gui.

8/29/2007 5:31:47 PM

i used to use bat2exe.com back in the day. if you can't find it online let me know. i'm sure i still have it somewhere

8/29/2007 5:57:08 PM

learn to use Perl or Python

8/29/2007 8:34:45 PM

oh. i just realized something. in case you didn't figure it out, i meant bat2exe.com as in http://en.wikipedia.org/wiki/COM_file not http://en.wikipedia.org/wiki/.com

8/29/2007 9:45:41 PM

stupid question.

why would you want to convert a batch file to an executable anyhow?

8/29/2007 10:01:05 PM

you wouldn't

8/29/2007 10:14:40 PM

so people can't edit it.

8/30/2007 1:06:44 AM

i guess im just a nosy bastard, but what kind of application would you want to batch-convert batch files to executables via the command line?

i guess there must be some reason, but i sure cant think of one.

8/30/2007 1:32:16 AM

Okay,

besides learnign another scripting language (which frankly i dont feal like doing)

We have lots of batch files we use to configure certain setttings on computers (during deloyment ectra)

Due to the nature of these files they are on open shares (abet hidden). Some of them contain commands which set passwords ectra.

By keeping the files in the .bat format we essentail have passwords in cleartext.

Right now we are increasing our password complexity and all the files need to be updated

ie password->password 2

We have about 30 computers with these shares and the scripts in a common folder

I have a VBS script that goes in and replaces the old passwords with new passwords on the batch files (among other things)

I then want to compile the batch files so users cant just open up the .bat (if they find the hidden share) and fuck around. (i know compiled exe probably arent much better)

so the steps here are

Change passwords and settings in batch file ->compleated
Compile batch files to exe ->working on it
delete old batch files->compleated
Update password and batch task names in our managment software ->compleated

I dont want other stupid fucking answers, I dont care if your a fucking 1337 motherfucker who thinks i should do it in whatever fuckign langauge has got you soppy wet this month. I dont feel like writing my own tool to do it for me.

8/30/2007 9:38:32 AM

calm down man

8/30/2007 9:41:24 AM

You're doing something all wrong if passwords have to be set with the help of scripts laying around in an open share.

And like you already mentioned, the EXEs aren't going to be any better. Most of the times, they'll still have the cleartext passwords/commands, but just the API calls are turned into binary. Basically, you're still using the same commands/internal code, but it's not being called by the human understandeable program/method name. I know I don't sound clear, but this is what happens.

If you really want a good solution to a bad situation, look at Java or .NET or something.

8/30/2007 9:49:20 AM

Ok, so basically you're talking about simple security issues here, right?

Why can't you set Administrative privileges only on the .vbs and .bat files that are running? For that matter, on the "hidden" network share that you don't want users stumbling onto? Rule #1 for being an Admin is giving the users NO rights beyond logging into their account and using Office, etc.

Be explicit with your permissions and they can't sneak around your network.

If you're only talking about local computer security (ie, each computer has it's own directory of scripts), then you still should not be allowing the users to be Administrators with the ability to view that directory, or ANY directory besides the ones they need to operate the computer.

I guess I'm having trouble understanding your methods, just seems insecure to me to begin with.

8/30/2007 9:51:24 AM

Im just sick of the fact that nobody can give a straight fucking answer on here anymore.

Sombody asks

Where can i buy cherry ice cream

and people answer


DOOD YOU CANT GET ANY DECENT CHERRY ICE CREAM YOU NEED TO START BY MILKING A COW

then sombody else answers

DONT YOU KNOW, THE ONLY CHERRIES THAT ARE GOOD YOU HAVE TO GROW A CHERRY TREE AND GET THEM FRESH

then another one

DUDE CHERRY ICECREAM SUCKS, THE ONLY FLAVOR OF ICE CREAM WORHT EATING IS ROCKY ROAD

and

WHY WOULD ANYONE WANT TO EAT CHERRY ICECRAM



I dont want to milk a cow buy dry ice, pick pits out of cherries

just want somboyd to tell me that there is a kroger around the corner.


(trying bat2exe.com now, i got one decent reponse)

8/30/2007 9:51:56 AM

Quote :

"look at Java or .NET or something."

since when is java or .net appropriate for simple scripting needs? just cus you happen to know a language doesn't mean it's a good solution to every problem

[Edited on August 30, 2007 at 9:54 AM. Reason : ^ sir, you need to calm down. immediately, if not sooner]

8/30/2007 9:53:36 AM

only reason I said Java or .NET is that it's easy to conceal cleatext passwords using these languages. Scripting languages won't help you hide passwords, and I think he's already using VBScript.

That said, anyone can use a decompiler to get source code out of anything, which is why all these methods suck.

If he's worried about users seeing new passwords, he should be changing the process, not the tool.

8/30/2007 9:55:47 AM

There is still a fundamental problem with feeling a need to conceal a password that is in a file a user should -never- see if you were running proper network security.

If you want to talk about making your own ice cream, you probably should learn how to make a proper bucket to hold the milk first!

8/30/2007 10:10:32 AM

I explained the problem in a simplistic way, (both the technical problem) and the icecream.

Think of it as more illistrative, the main goal here is to stop other admins (who have have access that i can not restrict) from getting too curious and messing.

I cant prevent it 100%, but im trying to make it a little better.

Again,

YOU GUYS ARENT ANSWERING MY QUESTION. Your telling me HOW I SHOULD MAKE ICECREAM instead of just saying kroger has it.

One answer addressed the question.

Quote :

"i used to use bat2exe.com back in the day. if you can't find it online let me know. i'm sure i still have it somewhere"

You dont understand my problem, you wont ever completly understand my reasons for why i can and cant do certain things. Frankly i dont feel like explaining them all, alot of it is damned politics.

8/30/2007 10:19:05 AM

Quote :

"Im just sick of the fact that nobody can give a straight fucking answer on here anymore."

well, maybe because people here who know a little bit about this shit, have personal qualms about being morally or ethically responsible for helping you do something thats just back-asswards and stupid.

I mean, if you want to play analogy games, this is NOT like making cherry ice cream... It's more like you coming on here saying,

"Hay guys, my company wants me to build wheelchair ramps out of Popsicle sticks and Duct Tape. Can one of you civil engineering types point me to some sort of plan or something?"

Sorry, but people on here are not anonymous dispensers of random information. Many here are industry people with professional reputations.

If you just want to get some rope to hang yourself with, try http://www.google.com

8/30/2007 1:10:18 PM

im guessing this network isnt using a domain controller / AD?

yea bat2exe should do explicitly what you are looking for. You could also do the same thing in VB just using exec commands to a shell and compile that.

As usual gargs doesn't have a clue what the fuck he is talking about. Way to fill up more wasted space gargs.

8/30/2007 1:11:39 PM

LOL

Why do I even bother arguing with a Design major about COMPUTER SCIENCE stuff.

8/30/2007 1:17:27 PM

Because even as a design masters, I still have years of computer science experience on you, particularly in system administration, which you apparently know absolutely nothing about (like most other subjects).

8/30/2007 1:53:16 PM

i agree with what gargs posted.

the OP's process is fundamentally flawed.

security through obscurity is no security at all.






[Edited on August 30, 2007 at 1:56 PM. Reason : ]

8/30/2007 1:53:48 PM

You and gargs both completely missed the point. gs7 posted the right answer.

Then Anteck elaborated, which makes more sense. Security through obscurity for other admins with prying eyes is not stupid. It's a secondary method to ensure integrity, and a totally legitimate one.

8/30/2007 1:56:01 PM

Quote :

"I still have years of computer science experience on you, particularly in system administration, which you apparently know absolutely nothing about (like most other subjects)."

LOL

Nothing I posted has been incorrect. You're just a retard who can't argue for shit.

let me know how that bat2exe hypothesis works for you, idiot.

[Edited on August 30, 2007 at 1:56 PM. Reason : .]

8/30/2007 1:56:04 PM

I never said it was incorrect. You posted worthless information.

I can reply with "The earth rotates around the sun", which is correct, but neither pertinent or an answer to the OP's question. Except you always reply in a way like: "Obviously if you just rotated around the sun, like the earth, it would be a much better solution than finding a bat2exe application". Again, pointless, having nothing to do with the original question, and not providing a beneficial answer in any way.

8/30/2007 1:58:35 PM

Except replace Earth with Java, and Sun with .NET. Since those are the only two things you have any concept of apparently.

8/30/2007 1:59:17 PM

Quote :

"Security through obscurity for other admins "

is completely ineffectual unless the other admins are either (1) incompetent or (2) apathetic.

what the OP wants to do here is build a car security system based on hiding the keys under the floormat.

8/30/2007 1:59:34 PM

Jesus retard

this is not even security by obscurity or whatever shit you're calling it.

Any person who cares about passwords can still open up the binary in less than 10 seconds.

Seriously, do you make a living on lies and deception?

8/30/2007 2:00:05 PM

Quote :

"You could also do the same thing in VB just using exec commands to a shell and compile that. "

VB IS .NET

R-TARD

[Edited on August 30, 2007 at 2:02 PM. Reason : .]

8/30/2007 2:01:26 PM

No. He is protecting the system from users and invaders through normal security measures (ala gs7 for that explanation).

This is to keep other admins from futzing around with his scripts. It has nothing to do with them gaining some sort of knowledge or power. They are ADMINS. He just doesn't want them tooling around in his stuff and inadvertently changing something. Or potentially wasting his time in various other ways.

And even IF he wants to actually keep them out, it's still a good extra step.

Quote :

"Any person who cares about passwords can still open up the binary in less than 10 seconds."

Unless he is storing these passwords in a string table at the end of the binary, more than likely it's all going to be binary encoded, so yes you could open the file in 10 seconds, but at the least its going to take a decompiler or a debugger to get to the passwords.

You are both being stupid as fuck about this. The TIME it would take someone to find any usable information far outweighs the VALUE of that information. This is a primary fundamental of security through obscurity, and a long-standing and well recognized standard for protection.

if you want to be stupid about this, I'll be glad to show you how I can get into plenty of encrypted systems and schemes. You'd both do well to take a course on computer security.

8/30/2007 2:06:41 PM

gargs, i'm on your side, numnuts.

hiding cleartext passwords in a binary exe is exactly what the concept of "security through obscurity" entails.

and its totally worthless to try and hide anything that way from even the least competent skript kiddie.

its exactly analogous to taking the key to your house and hiding it under the doormat.

8/30/2007 2:07:23 PM

^^ VB is not .NET. It's a supported language for the CLI compiler into the .NET framework. You can develop, compile and distribute VB without ever touching .NET anything.

your answer of "If you really want a good solution to a bad situation, look at Java or .NET or something."

Is fucking stupid.

8/30/2007 2:09:27 PM

Quote :

"Security through obscurity for other admins with prying eyes is not stupid. It's a secondary method to ensure integrity, and a totally legitimate one."

strings ftw

strings *.exe > password.txt

8/30/2007 2:09:37 PM

Quote :

"hiding cleartext passwords in a binary exe is exactly what the concept of "security through obscurity" entails. and its totally worthless to try and hide anything that way from even the least competent skript kiddie. its exactly analogous to taking the key to your house and hiding it under the doormat."

As opposed to hiding the key by leaving it in the lock? And it's more like hiding the key in a bush or under a rock in the yard. And no it's not totally worthless to do that. It will, in fact, prevent an overwhelming majority of intrusion attempts. You may not understand that, but it is a reality.

^
"Unless he is storing these passwords in a string table at the end of the binary, more than likely it's all going to be binary encoded, so yes you could open the file in 10 seconds, but at the least its going to take a decompiler or a debugger to get to the passwords."

I do agree, if he's string storing the values, then it's completely retarded, unless it's STRICTLY to prevent people from making changes to his scripts.

[Edited on August 30, 2007 at 2:11 PM. Reason : .]

8/30/2007 2:10:59 PM

LOL

I can't believe NCSU lets in monkeys this stupid.

Let's see.

http://search.yahoo.com/search;_ylt=A0geu.KUB9dGhmoAWy9XNyoA?p=free+.net+command+line+decompiler&y=Search&fr=moz2

took me less than a minute.

First link has a Java and a .NET decompiler, both of which are command line - no installation. I personally, have used JAD, and it decompiles everything in microseconds.

Where he stores anything in a compiled MANAGED framework binary is not upto him. And even then, these decompilers THROW the fucking source code AT your face. He's coding a fucking native system call. The entire program will be less than 5 lines long.

Now, you're talking about encryption. Dude doesn't wanna write a simple program, I am sure he'll implement an encryption library based on a shared key to protect his "BAT2EXE" generated binary, which WILL have the passwords in cleartext anyway.

Dude, seriously. Don't ever argue about technology with me. I can blatantly tell you that this ignorance might work in your line of work, but not in front of me.

8/30/2007 2:13:14 PM

Quote :

"VB is not .NET"

HOLY FUCKING SHIT

YOU SERIOUSLY CANT BE THIS BIG OF AN IDIOT


Should I ROFL or cry?

8/30/2007 2:14:18 PM

I use VB6 on a daily and no .NET needed.

8/30/2007 2:21:20 PM

Quote :

" it's more like hiding the key in a bush or under a rock in the yard. And no it's not totally worthless to do that. It will, in fact, prevent an overwhelming majority of intrusion attempts. You may not understand that, but it is a reality."

yes, it will probably prevent the casual user from finding the passwords.

yes, it will definitely prevent admins from accidentally changing the passwords.

but to hide passwords "from prying eyes" taken from a batch file into a converted binary is the stupidest, most ignorant of all possible methods and for you to recommend that as a viable form of security tells me that you really don't know what you're talking about.

I worked for 2 years at a company developing a multi-Gigabit/sec throughput network security processor, verifying multiple cryptographic algorithms from the system level down to the transistor level. And I've got nothing left to say here.






[Edited on August 30, 2007 at 2:33 PM. Reason : ]

8/30/2007 2:24:30 PM

Not my concern that you use dev tools dead since 2005.

8/30/2007 2:24:31 PM

I have this patent idea

storing passwords using bat2exe which anyway won't work on Windows.

8/30/2007 2:25:29 PM

^^not my concern companies still want products in the languages either.

also not my concern that vb is independent of .NET either.

8/30/2007 2:32:20 PM

lol

fine

I lose that particular argument, then, I guess.

8/30/2007 2:37:23 PM

well this conversation has strayed quite a bit from the question at hand, but i am procrastinating and feel the need to add to the nonsense...

i agree that using .NET or Java is, although a viable solution, possibly a bit overboard for encrypting passwords on this small of a scale.

i agree that, depending on the sensitivity of the information, security through obscurity isn't much worth doing if it's credit card information, paypal/verisign processor passwords, etc. but if it's a myspace password, who really cares if someone can open the binary and get the password. (ok, you might care, but you get the idea)

i guess what i'm saying is that the solution to his problem is dependent on the situation, which we have not been given very much detail about for good reason i'm sure. so the best way to provide useful help to this question is to post a link to bat2exe.com and let him worry about the quality of security from there.

without further delay, i give you: http://bat2exe.com

8/30/2007 2:42:40 PM

Jesus christ you guys are thick.

Its a fuckign simple script that rusn a few windows command lines to create folders share files ectra. yes i could do it in vbs, but i aready have the .bat files written, i dont feel like rewirting it.

It was a simple 10 second question, im not building a fucking wheelchair, this isnt Domain level security policy. Frankly they ahve eveyr right to see exactly what im doing, but that dostn mean they NEED TO.

I use it to simply some of my admin tasks

The other fucking admins can see it all they want, i just dont want them fucking with shit.

Were on a domain, they are admins on the server, they can take ownership of the files if they want.

Im not trying to stop mr fuckign 1337 script kidding from poking around.

Unlike some of you idiots these people have jobs to do, they dont spend all fucking day decompiling random exe files to see what they are.

.bat files attract more attention, simple as that. Batch files encourage people to look in them and then ask you fucking questions. Alot of it is politics.

STOP TRYING TO PRETEND TO UNDERSTAND THE PROBLEM. STOP ARGUIGN STUPID SHIT.

NOTHING IS FOOLPROOF other than gouging out their eyes so they cant see the file.

Im not tyring to waste a few days comign up with some obscure scheme or rewiritng code just to prevent a few retards from reading my shit.

Im not trying to protect againts a Directed attack, this isnt an open network.

8/30/2007 2:42:45 PM

Quote :

"Unlike some of you idiots these people have jobs to do"

LOL

And you're asking TWW to do your job for you.

8/30/2007 2:46:11 PM

Quote :

"but to hide passwords "from prying eyes" taken from a batch file into a converted binary is the stupidest, most ignorant of all possible methods and for you to recommend that as a viable form of security tells me that you really don't know what you're talking about."

We are talking about the same thing dude. Dear god. neither of you even fucking comprehend his use case. Which is why this is so funny to me.

I FULLY understand what both of you are saying, why and what for. Neither of you comprehend WHY he wants to do this, or why it's a valid solution to his problem.

Quote :

"took me less than a minute."

Still missing the point. But that's fine. i'm glad there are technical monkeys like you so I can keep making good money.

Quote :

"HOLY FUCKING SHIT YOU SERIOUSLY CANT BE THIS BIG OF AN IDIOT Should I ROFL or cry?"

.NET is a framework. The term "VB.NET" refers to the version of Visual Basic that the .NET framework supports. It is NOT .NET. You can still develop with Visual Basic without compiling it into a .NET environment. I'll be glad to show you this in visual studio if you like.

Seeing as I just spent the last few days at Microsoft, in the Visual Studio development office, I might have a little clue how .NET works.

8/30/2007 2:46:35 PM

Tech Talk ----> Soap Box For Nerds

I feel so dirty. What Have I Become???

OH THE HUMANITY!








[Edited on August 30, 2007 at 2:48 PM. Reason : ]

8/30/2007 2:46:59 PM

Quote :

"LOL And you're asking TWW to do your job for you. "

No retard, he was asking for a solution to a block.

^Only when Gargs brings his stupid ass into threads.

[Edited on August 30, 2007 at 2:48 PM. Reason : .]

8/30/2007 2:48:00 PM

Let me say it again.

Noen reminds me of Twatwaffle/Carolinaboy on Campusblender.

Quote :

"Seeing as I just spent the last few days at Microsoft, in the Visual Studio development office, I might have a little clue how .NET works."

And what exactly were you doing? Definitely not coding in VB or even a shell script I am sure.

[Edited on August 30, 2007 at 2:49 PM. Reason : .]

8/30/2007 2:48:54 PM

interviewing for a job, which I just got an offer for yesterday.

8/30/2007 2:52:01 PM