Re: Encrypt Statrup Script Password Using Group Policy
- From: "rickym61" <rickym61@xxxxxxxxxxx>
- Date: Wed, 5 Sep 2007 17:14:27 +0100
I have managed to find PrimalScript 2007 Enterprise which seems to be secure so far, you can create your VBS, encode to VBE and then compile this to an exe, the old version 4.1, created the .exe but when invoked, created a random .vbs/.vbe in temp, which you could easily read using the below decode script, I believe the .exe also works via gpo for startup scripts, from discussions with other IT professionals. I'm yet to try this myself.
"John Bryntze" <JohnBryntze@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:38679521-213E-4ECF-A257-5030E6AF772C@xxxxxxxxxxxxxxxx
As rickym61@xxxxxxxxxxx wrote you can encode your vbs script to vbe with.
screnc.exe tool from Microsoft, but it is not safe at all.
Read more how unsafe it is here:
http://john.bryntze.net/jbkb/index.php?title=Script-kb1_Decode_vbe_files
vbe files can be executed in the same way as vbs, you don't have to handle
vbe files any different than vbs files.
"rickym61@xxxxxxxxxxx" wrote:
Hi Marwan.
If the script is .vbe they can run it as if they copied it locally and it
will do what the script was meant to do, in your case, change the admin
password (assuming they have rights to run scripts, change settings, edit
registry etc) A normal user with no admin rights, I think may not be able to
run it.
If you find a 3rd party app, let me know, thanks.
"Marwan" <Marwan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:400073B7-AAED-4425-B431-6032B9653180@xxxxxxxxxxxxxxxx
> Hi Ricky,
>
> Are users be able to execute the script when usnig the screnc.exe?
>
> Regards,
>
>
> "rickym61@xxxxxxxxxxx" wrote:
>
>> Hi Marwan.
>>
>> At work, we encode our script using screnc.exe and to decode
>> scrdec18.exe,
>> this then leaves the script with garbled text if opened in notepad,
>> however,
>> there are a number of websites that you can paste the encoded text >> into
>> and
>> it will decode it.
>>
>> I would too be interesting in any 3rd party software that would fully
>> encode
>> the scripts from prying eyes.
>>
>> hope the above helps.
>>
>>
>> "Marwan" <Marwan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:0C3B183A-4BC9-4F05-A391-B6DB6DA64D9E@xxxxxxxxxxxxxxxx
>> > Using group policy startup script (using VB script), I managed to
>> > change
>> > successfully the local Administrator password on domain XP stations.
>> > However,
>> > the scripting tools cannot encrypt or mask the password. This leaves
>> > the
>> > password exposed in clear text inside the Active Directory of each
>> > domain
>> > controller (sysvol).
>> > Is there a third party tools or any ideas how to encrypt the >> > password?
>>
- Follow-Ups:
- Re: Encrypt Statrup Script Password Using Group Policy
- From: John Bryntze
- Re: Encrypt Statrup Script Password Using Group Policy
- References:
- Re: Encrypt Statrup Script Password Using Group Policy
- From: John Bryntze
- Re: Encrypt Statrup Script Password Using Group Policy
- Prev by Date: Re: Offline files not syncing all files and folders
- Next by Date: allow standard user to install drivers
- Previous by thread: Re: Encrypt Statrup Script Password Using Group Policy
- Next by thread: Re: Encrypt Statrup Script Password Using Group Policy
- Index(es):
Relevant Pages
|
