64 replies to this topic

[powaking]

UPDATE:

NOW we are getting somewhere:
Download 3proxy:
http://sourceforge.n...cts/three-proxy
118,100 bytes download, extract from zip mycrypt.exe, 12,288 bytes.

It needs a "salt", but I guess that having saved more than 4 Mb of space, and having got rid of the depencies nightmare afore mentioned one could use a random generator to create it.

By the way, it seems like the "salt" that grub4dos md5crypt generates is based on system time, so, even a batch file is enough to have the same semi-random numbers.

jaclaz

Nice!

My friend whipped something up for me. He wrote this in java so we're talking a 5kb .jar file. Just need to have java installed (who doesn't nowadays). If you don't provide a salt one is generated radomly for you. I'm asking him if its ok for me to post it (don't see why not but thought I would be considerate).

I'll check out your suggestion though. That mycrypt.exe seems to be exactly what we're looking for.

[powaking]

Nice!

My friend whipped something up for me. He wrote this in java so we're talking a 5kb .jar file. Just need to have java installed (who doesn't nowadays). If you don't provide a salt one is generated radomly for you. I'm asking him if its ok for me to post it (don't see why not but thought I would be considerate).

I'll check out your suggestion though. That mycrypt.exe seems to be exactly what we're looking for.

Here it is. Issue it as such:

java -jar grubmd5crypt.jar password salt

Salt is optional. If none is given one is ramdomly created. Otherwise the format for salt is $1$[whateveryouwant]$

I used jsmooth to wrap it as an exe so you can try that as well.

I tried the md5crypt from 3proxy and found that it included CR: before the hash. Would have to truncate that. Wouldn't be a problem (don't think).

So there are some solutions we have. Java, Python or EXE from 3proxy. And we started off with nothing just a few days ago. HA

[powaking]

As far as making a CD expire I wrote up an autoit script that runs before PEShell (so wpeinit gets loaded with all the nic drivers). It downloads a file that has a date on it. If the current date is equal to or less than 0 then the cd has expired and reboots the machine. If it is not able to download the file (off network or on different network then it uses a specified date thats coded into the script (could use a date of a file creation on the cd as well).

This is great for a work environment. If you suspect someone has a cd of yours you can easily shutdown its use. Also if you want your techies to be sure to have the latest version of VistaPE you know they will be forced to get an update since their CD will expire.

Let me know if you are interested.

[was_jaclaz]

Just to "complete" the range of available solutions, here is a small batch, salt.cmd that generates a semi-random 4 characters "salt".
Though it is, rather obviously, painfully slow to execute (about five seconds on my VIA Epia), it generates a "salt" that, though still pseudo-random, appears to be "more" random that the one that grub4dos provides.
The batch includes a limited number of characters (the "safe" ones) and makes a 4 characters salt.
It seems that the md5crypt command in grub4dos, beside, as said, being linked to system time, produces either a 3 or a 4 character salt.
Most probably the password command allows also for up to 8 characters in salt, as the original FreeBSD implementation, but I haven't tested it.

As far as making a CD expire I wrote up an autoit script that runs before PEShell (so wpeinit gets loaded with all the nic drivers). It downloads a file that has a date on it. If the current date is equal to or less than 0 then the cd has expired and reboots the machine. If it is not able to download the file (off network or on different network then it uses a specified date thats coded into the script (could use a date of a file creation on the cd as well).

This is great for a work environment. If you suspect someone has a cd of yours you can easily shutdown its use. Also if you want your techies to be sure to have the latest version of VistaPE you know they will be forced to get an update since their CD will expire.

Let me know if you are interested.

@powaking
Don't take it the wrong way , but it seems to me not the most useful feature.

I mean, assuming that most of the time one boots from a CD for recovery purposes, (and thus it is a very good idea having it protected with the password to prevent unauthorized use / use by people with not enough knowledge to use it) having this kind of "online verification" means that if something goes wrong with your system and for any reason the network hardware or the server holding the file does not work, you are basically the (proud) user of an unbootable system AND of an unbootable recovery CD.

Nonetheless, though I personally have not an use for this feature, it is interesting, and the part of loading early in booting and being able to download files from network could be re-used in some other ideas.

So it would be nice if you post it to a new thread (as to not mix too many things in this one) I am sure that some member will appreciate it.



jaclaz

P.S.: The java .exe grubcrypt.exe seems not "portable", here is what I get in a non-java-1.5-installed PC :

grubcrypt testException in thread "main" java.lang.UnsupportedClassVersionError: GrubMd5Crypt(Unsupported major.minor version 49.0)        at java.lang.ClassLoader.defineClass0(Native Method)        at java.lang.ClassLoader.defineClass(Unknown Source)        at java.security.SecureClassLoader.defineClass(Unknown Source)        at java.net.URLClassLoader.defineClass(Unknown Source)        at java.net.URLClassLoader.access$100(Unknown Source)        at java.net.URLClassLoader$1.run(Unknown Source)        at java.security.AccessController.doPrivileged(Native Method)        at java.net.URLClassLoader.findClass(Unknown Source)        at java.lang.ClassLoader.loadClass(Unknown Source)        at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)        at java.lang.ClassLoader.loadClass(Unknown Source)        at java.lang.ClassLoader.loadClassInternal(Unknown Source)

there must be some dependency left

Attached Files

•  salt.zip   1.07KB   593 downloads

[powaking]

grubcrypt test

Exception in thread "main" java.lang.UnsupportedClassVersionError: GrubMd5Crypt

(Unsupported major.minor version 49.0)

        at java.lang.ClassLoader.defineClass0(Native Method)

        at java.lang.ClassLoader.defineClass(Unknown Source)

        at java.security.SecureClassLoader.defineClass(Unknown Source)

        at java.net.URLClassLoader.defineClass(Unknown Source)

        at java.net.URLClassLoader.access$100(Unknown Source)

        at java.net.URLClassLoader$1.run(Unknown Source)

        at java.security.AccessController.doPrivileged(Native Method)

        at java.net.URLClassLoader.findClass(Unknown Source)

        at java.lang.ClassLoader.loadClass(Unknown Source)

        at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)

        at java.lang.ClassLoader.loadClass(Unknown Source)

        at java.lang.ClassLoader.loadClassInternal(Unknown Source)

there must be some dependency left

I might not have compiled it correctly with jsmooth then. I'll check it out and see what I can do to make it executable in a non java environment.



Haven't checked out your salt batch but sounds like we have even more options.



As for the expiration I understand your concerns (and didn't take it the wrong way ). I really made it so that what I have now can be expired once I get our cd creating server up and running. Its also another reason to make sure they have the latest version of the cd as well. But agree it should be in a seperate thread so it can be searchable.

[powaking]

I'm trying to modify the Grub script so that if a checkbox is ticked off then it will add a password line and process the md5 hashing of what ever is typed in the box.

What I can't do is get it to pass the output to a variable.

I'm a bit green to winbuilder scripting environment so any assistance would be appreciated.

Here is what I have.

If,"%pCheckBox2%",Equal,true,TXTAddLine,"%MenuFile%","password --md5 %pass%","Append"

I've tried setting %pass% as a variable to kick off the md5 hashing but all I get is the command and not the output of the command.

[Brito]

Hi there!

Please start a new topic on the support forum and post the entire code content of your script so that we can study it.

I'm *guessing* that you need to use the name of object where the var is being written, something like %textbox1% instead of %pass% - but without taking a look on your script it's hard to know where to point you on the right direction..

[powaking]

Hi there!

Please start a new topic on the support forum and post the entire code content of your script so that we can study it.

I'm *guessing* that you need to use the name of object where the var is being written, something like %textbox1% instead of %pass% - but without taking a look on your script it's hard to know where to point you on the right direction..

Its not really my script its Nightmans Grub script. All I did was include a check box with a text box where you would type your password in. The script will read if the checkbox is ticked and then execute the command which would be the command and the textbox entry. I then need to take the output and append it to the menu.lst of grub.

I guess what I'm really asking is how do I execute a command and save the output into a variable and be able to call that variable so that I can do a txtaddline.

The command to execute would be: grubcrypt %pTextbox1%. The output of this would then be called up here:

If,"%pCheckBox2%",Equal,true,TXTAddLine,"%MenuFile%","password --md5 OUTPUT","Append"

I'll post the script if need be but not sure if it will help out any.

[pscEx]

I guess what I'm really asking is how do I execute a command and save the output into a variable and be able to call that variable so that I can do a txtaddline.

Something like this:

FileCreateBlank,"tmpfile"

TXTAddLine,tmpfile,"[mysection]","Append"

ShellExecute,Hide,"cmd.exe", "/c for /f #$qtokens=1 delims=#$q %a in ('mycommand') do echo myvalue=%a >> tmpfile"

IniRead,"tmpfile","mysection","myvalue","%myVar%"

Peter

[powaking]

Something like this:

FileCreateBlank,"tmpfile"

TXTAddLine,tmpfile,"[mysection]","Append"

ShellExecute,Hide,"cmd.exe", "/c for /f #$qtokens=1 delims=#$q %a in ('mycommand') do echo myvalue=%a >> tmpfile"

IniRead,"tmpfile","mysection","myvalue","%myVar%"

Peter

Thanks this is working but I can't get %myVar% to call up in this line after it gets processed. This is what I've tried:

TXTAddLine,"%MenuFile%",%myVar%,"Append"

TXTAddLine,"%MenuFile%",#$q%myVar%#$q,"Append"

TXTAddLine,"%MenuFile%","%myVar%","Append"

None of them is working. All I'm getting is myVar in the text file instead of the value of myVar.

[pscEx]

Thanks this is working but I can't get %myVar% to call up in this line after it gets processed. This is what I've tried:

TXTAddLine,"%MenuFile%",%myVar%,"Append"

TXTAddLine,"%MenuFile%",#$q%myVar%#$q,"Append"

TXTAddLine,"%MenuFile%","%myVar%","Append"

None of them is working. All I'm getting is myVar in the text file instead of the value of myVar.

I remember that there is an issue with IniRead.

Try not having %myVar% in [Variables]

Peter

[powaking]

I remember that there is an issue with IniRead.

Try not having %myVar% in [Variables]

Peter

This is what I have:

If,"%pCheckBox2%",Equal,true,Exec,%ScriptFile%,MD5

It then processes this:

[MD5]
FileCreateBlank,"c:\temp\md5.script"
TXTAddLine,"c:\temp\md5.script","[password]","Append"
ShellExecute,hide,"cmd.exe", "/c for /f #$qtokens=1 delims=#$q %a in ('%tools%\grubcrypt %pTextBox1%') do echo myvalue=%a >> c:\temp\md5.script"
IniRead,"c:\temp\md5.script","password","myvalue",%myVar%
FileDelete,"c:\temp\md5.script"

(I confirmed this worked by looking in md5.script)

Then thats when this line is processed:

TXTAddLine,"%MenuFile%",%myVar%,"Append"

I don't have %myVar% under [Variables]

I added an echo, %myVar% and its populated with the correct data its the txtaddline which is not reading the variables data.

[pscEx]

This CodeBox snippet works:
[codebox][main] Title=CodeBox test Description=Running custom commands [variables] %tmpfile%=%ProjectTemp%\psc.txt [process] If,ExistFile,%tmpfile%,FileDelete,%tmpfile% FileCreateBlank,%tmpfile% TXTAddLine,%tmpfile%,"[mysection]","Append" ShellExecute,Open,"cmd.exe","/k for /f %a in ('echo test') do (echo myvalue=%a >> #$q%tmpfile%#$q)" IniRead,%tmpfile%,"mysection","myvalue",%myVar% Message,%myVar%,Information[/codebox]
Peter

[pscEx]

I added an echo, %myVar% and its populated with the correct data its the txtaddline which is not reading the variables data.

Sorry, our posts crossed.

I'll have a test with txtaddline

Peter

[powaking]

This CodeBox snippet works:

[main]Title=CodeBox testDescription=Running custom commands[variables]%tmpfile%=%ProjectTemp%\psc.txt[process]If,ExistFile,%tmpfile%,FileDelete,%tmpfile%FileCreateBlank,%tmpfile%TXTAddLine,%tmpfile%,"[mysection]","Append"ShellExecute,Open,"cmd.exe","/k for /f %a in ('echo test') do (echo myvalue=%a >> #$q%tmpfile%#$q)"IniRead,%tmpfile%,"mysection","myvalue",%myVar%Message,%myVar%,Information

Peter

Interesting. Having this line under [MD5] works but doesn't work if its under the [Process] section.TXTAddLine,"%MenuFile%",password --md5 %myVar%,"Append"

So now you have the option of password protecting your VistaPE using

[pscEx]

This works (Resfile contains 'test')

[main]Title=CodeBox testDescription=Running custom commands[variables]%tmpfile%=%ProjectTemp%\psc.txt%resfile%=%ProjectTemp%\res.txt[process]If,ExistFile,%resfile%,FileDelete,%tmpfile%FileCreateBlank,%resfile%If,ExistFile,%tmpfile%,FileDelete,%tmpfile%FileCreateBlank,%tmpfile%TXTAddLine,%tmpfile%,"[mysection]","Append"ShellExecute,Open,"cmd.exe","/c for /f %a in ('echo test') do (echo myvalue=%a >> #$q%tmpfile%#$q)"IniRead,%tmpfile%,"mysection","myvalue",%myVar%Message,%myVar%,InformationTXTAddLine,%resfile%,%myVar%,"Append"

The main difference I see:

TXTAddLine,%resfile%,%myVar%,"Append"

TXTAddLine,"%MenuFile%",%myVar%,"Append"

You see that your line has quotes around the file name?

Peter

[powaking]

This works (Resfile contains 'test')

[main]Title=CodeBox testDescription=Running custom commands[variables]%tmpfile%=%ProjectTemp%\psc.txt%resfile%=%ProjectTemp%\res.txt[process]If,ExistFile,%resfile%,FileDelete,%tmpfile%FileCreateBlank,%resfile%If,ExistFile,%tmpfile%,FileDelete,%tmpfile%FileCreateBlank,%tmpfile%TXTAddLine,%tmpfile%,"[mysection]","Append"ShellExecute,Open,"cmd.exe","/c for /f %a in ('echo test') do (echo myvalue=%a >> #$q%tmpfile%#$q)"IniRead,%tmpfile%,"mysection","myvalue",%myVar%Message,%myVar%,InformationTXTAddLine,%resfile%,%myVar%,"Append"

The main difference I see:You see that your line has quotes around the file name?Peter

Hmmm interesting. I haven't even thought of that. I now have it so that I can password protect certain items in the menu just by modifying the source.

THANKS!

[Phoenixs]

I would like to know what file to edit to enable the password of my bootcd boot!

Will I have to edit the file "menu.lst"?

I am enclosing folders and files located in my BootCD!



At the moment I'm doing this BootCD to boot from USB!




Could you please help me Please!

Everyone thank you very much!

[Wonko the Sane]

I would like to know what file to edit to enable the password of my bootcd boot!

Then READ this thread AND the other one I pointed you to here:
http://www.911cd.net...o...c=24054&hl=

Will I have to edit the file "menu.lst"?

Yes, as you would have found out if you had READ before posting.

WHAT is the difficult part in:
http://www.boot-land...?...=4718&st=12

Wouldn't that IMPLY that you have to edit your menu.lst?
Doesn't it ALSO tell you WHAT and HOW to edit it?



Wonko

[Phoenixs]

Yes. Lei publications, but if I create a menu.lst with the following information ...

menu.lst
# Password is "admin", NOT encrypted
Test_password title
admin password
geometry (hd0, 0)

# Password is "admin", MD5 encrypted
MD5 Test_password title
password - md5 <MD5_hash_for_admin>
geometry (hd0, 0)


Not a good way! Since it loops to the same file menu.lst!

I have a file called menu.lst which each application or iso files from my bootUSB.

[Wonko the Sane]

I have a file called menu.lst which each application or iso files from my bootUSB.

OK, I'll try again , those are examples, to test ONLY.

You open your ALREADY working menu.lst and EITHER:

• add a line "like" (to protect the WHOLE menu.lst):
  

  password <your_password>

  or
  

  password - md5 <MD5_hash_for_your_password>

  at the beginning of the menu.lst, like (example):
  
  

  color blue/green yellow/red white/magenta white/magenta <-your existing colour settings
  timeout 30 <-your existing timeout settings
  default /default <-your existing default settings (if any)
  password <your_password> <- this is the line you insert
  title Something <-your existing FIRST menu.lst entry title
  .... <- whatever is ALREADY in your FIRST menu.lst entry

  OR:
• add a line inside a menu choice (to protect ONLY that entry), like (example):
  

  title Something <-your existing menu.lst entry title
  password <your_password> <- this is the line you insert
  .... <- whatever is ALREADY in your menu.lst entry
  .... <- whatever is ALREADY in your menu.lst entry

What is the difficult part?

# Password is "admin", NOT encrypted
Test_password title
admin password
geometry (hd0, 0)

Please note that "title Test_password" (what I posted) and "Test_password title" (what you posted) is NOT the same thing.
Please note that "password admin" (what I posted) and "admin password" (what you posted) is NOT the same thing.
title and password are grub4dos commands.


When the grub4dos reads the menu.lst entries it recognizes "title" and display on the screen what is after it, then finds "password" and it:

• waits for the input of the password
• checks that the password is correct (i.e. corresponds to the arcgument of the "password" command)

if it is, it continues reading, if it is not it does not.




Wonko

[Phoenixs]

I have this in my menu.lst

menu.lst
color yellow / black yellow / red white / blue white / blue
timeout 30
default 0
gfxmenu = / boot / fondo.png

Booting WinPE
title 1 - WinPE
chainloader / MNPE / Setupldr.bin

Booting Hiren `s Boot CD 9
title 2 - Hiren `s Boot CD 9
find - set-root / HBCD / boot.gz
kernel / HBCD / memdisk
initrd / HBCD / boot.gz

Kaspersky Rescue Disk Booting
title 6 - Kaspersky Rescue Disk
configfile / boot / kasper.lst

I create another lst file or can be in it?
You can enter a password MD5_hash? What is the procedure to follow?

I clarify that I am new to this!



Thank you in advance for your reply.
Regards

[Wonko the Sane]

I have this in my menu.lst

Change your menu.lst to (copy and paste):

color yellow /black yellow/red white/blue white/blue

timeout 30

default 0

gfxmenu=/boot/fondo.png

password WAREZUSER



#Booting WinPE

title 1 - WinPE

password WINPE

chainloader /MNPE/Setupldr.bin



#Booting Some WAREZ

title 2 - WAREZ Boot CD 9

password -md5 $1$5$v1NoiV.uQUgcvxo/NNGnQ.

find - set-root /HBCD/boot.gz

kernel /HBCD/memdisk

initrd /HBCD/boot.gz



#Kaspersky Rescue Disk Booting

title 6 - Kaspersky Rescue Disk

password KASPERSKY

configfile /boot/kasper.lst

DO NOT use google translate or similar as they introduce SPACES near / (slashes) that will make the menu.lst invalid.



Wonko

[Phoenixs]

It does not work!

[Wonko the Sane]

It does not work!

I am sorry for you.

It does work here, must be an effect of different latitude.

WHICH EXACT grub4dos version are you using?

Use 2009-10-16:
http://nufans.net/gr...urrent_release/
http://nufans.net/gr...-2009-10-16.zip

HOW does it "not work"?

DESCRIBE what happens when you boot.


Wonko