Encrypting or Obfuscating a string in a batch file
cronoklee
I'm trying to write a batch file that obfuscates the username logged
onto windows and sends it in a query URL to a web php script. This is
a quick way for employees to into my web portal.
At the moment I've written a very rudimentary find and replace
function which changes enough letters to make the username unreadable
but I'm looking for a more robust solution.
Are there any native ways to encrypt or obfuscate a string variable in
a batch file?
Thanks,
Ciarán
foxidrive
wrote:
You could pick out characters interspersed in echo and program lines.
echo off
for /f "tokens=5 delims=nl" %%a in (
'find "of the batch file" ^<%~f0') do set var=%%a
echo a line of the batch file>nul
echo the secret letter is %var%
echo more lines here
echo and more
pause
Here are some nice examples of obfuscation.
@echo off
goto :start
From: Herbert Kleebauer <kl...@unibwm.de>
Newsgroups: alt.msdos.batch
Date: Tue, 23 Dec 2003 12:11:24 +0100
:start
@echo off
echo.&echo.&echo.
(for %%i in (0211635721 0234721340 0160421373) do call :sub %%i) &echo.
(for %%i in (0212244133 0111121020 0011233040) do call :sub %%i) &echo.
(for %%i in (0121634725 0210737020 0061625041) do call :sub %%i) &echo.
(for %%i in (0041224121 0010521020 0102121042) do call :sub %%i) &echo.
(for %%i in (0042245721 0335121340 0072121041) do call :sub %%i) &echo.
echo.&echo.
(for %%i in (0035042000 0210420040 0000021163) do call :sub %%i) &echo.
(for %%i in (0045145000 0224420120 0000021224) do call :sub %%i) &echo.
(for %%i in (0045247000 0234760160 0000012163) do call :sub %%i) &echo.
(for %%i in (0045450400 0242420210 0000004020) do call :sub %%i) &echo.
(for %%i in (0035050400 0242420210 0000004020) do call :sub %%i) &echo.
echo.&echo.
(for %%i in (0172100000 0107504025 0000000034) do call :sub %%i) &echo.
(for %%i in (0012300000 0240504025 0000000044) do call :sub %%i) &echo.
(for %%i in (0072500000 0343450025 0000000034) do call :sub %%i) &echo.
(for %%i in (0013100000 0020420012 0000000025) do call :sub %%i) &echo.
(for %%i in (0172100000 0027420012 0000000045) do call :sub %%i) &echo.
echo.&echo.&echo.
goto :eof
:sub
set i=%1
set n=1
:loop
set /a j=%i%-%i%/2*2
if [%j%]==[0] (set /p m= <nul) else (set /p m=W<nul)
set /a i=%i%/2
set /a n+=1
if not [%n%]==[27] goto loop
and another:
@echo off&setlocal
:: Herbert Kleebauer - xmas 2008
set s=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123458769-+@$@
set s=%s%@I9ZKqDfZNFreo@2HkuqHfjieBkq@Q5ZIGH9Xgevom@IHsHaHfrberrc@I9kraDf
set s=%s%lUerrC@@@aciUaqerhor@afmPaOesKPr@ahkPa4hZNok@aiPPbeeuuie@aiOUbee
set s=%s%uuie@@@aaexQGrEi4@aagukGrquK@aafxkGkCC4@aae0faeqIO@aaexLaeEIK@@$
set i=66
:loop1
call set c=%%s:~%i%,1%%&set /a i+=1
if [%c%]==[$] goto :eof
for /l %%k in (0,1,65) do (call call :sub %%c%% %%s:~%%k,1%% %%k)
if not [%n%]==[64] (set /a j=32) else echo.&goto :loop1
:loop2
set /a m=%n%^&%j%
if [%m%]==[0] (set /p = <nul) else (set /p =W<nul)
set /a j/=2
if [%j%]==[0] (goto :loop1) else (goto :loop2)
:sub
if [%1]==[%2] set n=%3
and one more:
@echo off&setlocal enabledelayedexpansion
:: Matthias Tacke - Xmas 2008
for %%i in (3 0211635721 0234721340 0160421373 1) do call :sub %%i
for %%i in (0212244133 0111121020 0011233040 1) do call :sub %%i
for %%i in (0121634725 0210737020 0061625041 1) do call :sub %%i
for %%i in (0041224121 0010521020 0102121042 1) do call :sub %%i
for %%i in (0042245721 0335121340 0072121041 3) do call :sub %%i
for %%i in (0035042000 0210420040 0000021163 1) do call :sub %%i
for %%i in (0045145000 0224420120 0000021224 1) do call :sub %%i
for %%i in (0045247000 0234760160 0000012163 1) do call :sub %%i
for %%i in (0045450400 0242420210 0000004020 1) do call :sub %%i
for %%i in (0035050400 0242420210 0000004020 3) do call :sub %%i
for %%i in (0172100000 0107504025 0000000034 1) do call :sub %%i
for %%i in (0012300000 0240504025 0000000044 1) do call :sub %%i
for %%i in (0072500000 0343450025 0000000034 1) do call :sub %%i
for %%i in (0013100000 0020420012 0000000025 1) do call :sub %%i
for %%i in (0172100000 0027420012 0000000045 3) do call :sub %%i
goto :eof
:sub
if %1 LSS 10 (for /L %%A in (1 1 %1) do echo.)& goto :eof
for /L %%A in (0 1 26) do ^
set /A "M=%1&(1<<%%A)"&if !M! GTR 0 (set /p =#<nul) else (set /p = <nul)
foxidrive
wrote:
>On Mon, 5 Oct 2009 02:36:28 -0700 (PDT), cronoklee <cron...@gmail.com>
>wrote:
>
>>Hi
>>I'm trying to write a batch file that obfuscates the username logged
>>onto windows and sends it in a query URL to a web php script. This is
>>a quick way for employees to into my web portal.
>>
>>At the moment I've written a very rudimentary find and replace
>>function which changes enough letters to make the username unreadable
>>but I'm looking for a more robust solution.
>>
>>Are there any native ways to encrypt or obfuscate a string variable in
>>a batch file?
>
>You could pick out characters interspersed in echo and program lines.
>
>echo off
>for /f "tokens=5 delims=nl" %%a in (
>'find "of the batch file" ^<%~f0') do set var=%%a
>echo a line of the batch file>nul
>echo the secret letter is %var%
>echo more lines here
>echo and more
>pause
Mind you, once you build a username from random letters into a variable
called %var% then all a user has to do is enter lines like this at a
stragetic position in the batch file
echo %var%
pause
to find out what the name is.
cronoklee
> On Mon, 05 Oct 2009 23:46:08 +1100, foxidrive <got...@woohoo.invalid>
> wrote:
>
>
>
>
>
Thanks for the reply - It looks great foxidrive (and complicated!).
It's hard to see where the variable goes. i presume M is the variable
in the final example? Any ideas how to undo the obfuscation on the
server side? I'm pretty handy with php but pretty bad with this stuff
so I can barely tell what's going on here.
Ciarán
cronoklee
> On Mon, 05 Oct 2009 23:46:08 +1100, foxidrive <got...@woohoo.invalid>
> wrote:
>
>
>
>
>
I'll be wrapping the file in an exe in the end so this wont be a
problem. Besides, I'm not too worried about security - I just dont
want it to be glaringly obvious that it's their username that's being
sent off.
Ciarán
foxidrive
wrote:
>> >>I'm trying to write a batch file that obfuscates the username logged
>> >>onto windows and sends it in a query URL to a web php script. This is
>> >>a quick way for employees to into my web portal.
>
>I'll be wrapping the file in an exe in the end so this wont be a
>problem. Besides, I'm not too worried about security - I just dont
>want it to be glaringly obvious that it's their username that's being
>sent off.
I think I misunderstood your intention - I gather you want to encode their
username on the local PC to send in the URL and then decode it on the
remote server.
cronoklee
> On Mon, 5 Oct 2009 06:25:11 -0700 (PDT), cronoklee <cronok...@gmail.com>
Yes, exactly. It does not need to be "hack proof", but it should not
be obvious from the address bar that the username is being sent in the
url.
foxidrive
wrote:
>On Oct 5, 4:27�pm, foxidrive <got...@woohoo.invalid> wrote:
Setup a rot13 in a batch file and then use rot13 on the server.
set "var=%var:a=n%"
set "var=%var:b=o%"
set "var=%var:c=p%"
etc
here's the map (top to lower)
abcdefghijklmnopqrstuvwxyz
NOPQRSTUVWXYZABCDEFGHIJKLM
cronoklee
> On Mon, 5 Oct 2009 12:26:04 -0700 (PDT), cronoklee <cronok...@gmail.com>
Thanks foxidrive but I'm still having some trouble with this idea.
First of all I need to endoce numbers as well as letters so the rot13
map won't work but I've done something similar: See example below.
The problem is the letters are being replaced more than once. In this
case, the word "dog" comes out as "bae", not "jum".
Is there any way around this?
Thanks
Ciarán
set "var=%var:a=g%"
set "var=%var:b=h%"
set "var=%var:c=i%"
set "var=%var:d=j%"
set "var=%var:e=k%"
set "var=%var:f=l%"
set "var=%var:g=m%"
set "var=%var:h=n%"
set "var=%var:i=o%"
set "var=%var:j=p%"
set "var=%var:k=q%"
set "var=%var:l=r%"
set "var=%var:m=s%"
set "var=%var:n=t%"
set "var=%var:o=u%"
set "var=%var:p=v%"
set "var=%var:q=w%"
set "var=%var:r=x%"
set "var=%var:s=y%"
set "var=%var:t=z%"
set "var=%var:u=A%"
set "var=%var:v=B%"
set "var=%var:w=C%"
set "var=%var:x=D%"
set "var=%var:y=E%"
set "var=%var:z=F%"
set "var=%var:A=G%"
set "var=%var:B=H%"
set "var=%var:C=I%"
set "var=%var:D=J%"
set "var=%var:E=K%"
set "var=%var:F=L%"
set "var=%var:G=M%"
set "var=%var:H=N%"
set "var=%var:I=O%"
set "var=%var:J=P%"
set "var=%var:K=Q%"
set "var=%var:L=R%"
set "var=%var:M=S%"
set "var=%var:N=T%"
set "var=%var:O=U%"
set "var=%var:P=V%"
set "var=%var:Q=W%"
set "var=%var:R=X%"
set "var=%var:S=Y%"
set "var=%var:T=Z%"
set "var=%var:U=0%"
set "var=%var:V=1%"
set "var=%var:W=2%"
set "var=%var:X=3%"
set "var=%var:Y=4%"
set "var=%var:Z=5%"
set "var=%var:0=6%"
set "var=%var:1=7%"
set "var=%var:2=8%"
set "var=%var:3=9%"
set "var=%var:4=a%"
set "var=%var:5=b%"
set "var=%var:6=c%"
set "var=%var:7=d%"
set "var=%var:8=e%"
set "var=%var:9=f%"
foxidrive
wrote:
>> >> I think I misunderstood your intention - I gather you want to encode their
>> >> username on the local PC to send in the URL and then decode it on the
>> >> remote server.
>>
>> >Yes, exactly. It does not need to be "hack proof", but it should not
>> >be obvious from the address bar that the username is being sent in the
>> >url.
>>
>> Setup a rot13 in a batch file and then use rot13 on the server.
>>
>> set "var=%var:a=n%"
>> set "var=%var:b=o%"
>> set "var=%var:c=p%"
>
>Thanks foxidrive but I'm still having some trouble with this idea.
>First of all I need to endoce numbers as well as letters so the rot13
>map won't work but I've done something similar: See example below.
rot47 will cater for that. See Wikipedia, but beware using poison
characters.
>The problem is the letters are being replaced more than once. In this
>case, the word "dog" comes out as "bae", not "jum".
That's the order of conversion.
>
>set "var=%var:a=g%"
[snip]
>set "var=%var:g=m%"
You see a is translated to g and then later is translated to m
You'd have to arrange the order of translation - or alternately use
VBscript with a transliteration script as all Windows have WSH available
too.
cuddlyca...@gmail.com
foxidrive
--
foxi
Stanley Daniel de Liver
wrote:
Ok too tricky with the hard-to-process characters.
Use asm.
--
It's a money /life balance.