Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

encryting scripts

by RayRay459 (Pilgrim)
on Aug 14, 2001 at 21:31 UTC ( [id://104839]=perlquestion: print w/replies, xml ) Need Help??

RayRay459 has asked for the wisdom of the Perl Monks concerning the following question:

(Win32)I have a script that will update local administrator passwords on remote machines in a domain. There is a problem with security though as it is done through, what i believe is plain text. I had an idea, not sure how feasable it is, or if even pearlish, but an idea. Maybe copy out and encrypted file/script and then use another script to call it and execute it. That way a secure local copy is run on the machine and then it will delete itself. Is there a perl way to do this???? Thanks in advance. Ray

Replies are listed 'Best First'.
Re: encryting scripts
by Cirollo (Friar) on Aug 14, 2001 at 22:01 UTC
    This would be nothing more than obfuscation; anyone who looked at your wrapper script could use the same method to recover the cleartext of the encrypted script.

    Also, if you are extracting the script as cleartext and storing it on a disk in a temporary location, it would be easy to get that cleartext file; you just have to read it between the time when it is opened and when it is deleted.

      so there is no way to write an encrypted script and execute it?
        One solution might be to use ActiveState's PerlApp tool, which turns your Perl applications into executables that can be run on machines without Perl installed. This means that you have to buy ActiveState's $195 Perl Dev Kit.

        But, PerlApp doesn't give you absolute security. Anyone who reads the discussion at Security, is it to much to ask? could figure out how to 'decompile' your PerlApp executable and recover the source code. In a lot of cases, PerlApp would give "good enough" security, but anyone who is determined enough could get right through it.

        Unfortunately, I don't know of any airtight way to do what you want.

Re: encryting scripts
by John M. Dlugosz (Monsignor) on Aug 15, 2001 at 02:11 UTC
    I take it there is a list of passwords that the program needs to do its job?

    Encrypt them using a master password that doesn't appear in the script. You'll have to type it (or insert the key disk) when you run it.


Re: encryting scripts
by ralphie (Friar) on Aug 14, 2001 at 22:38 UTC
    have you thought about compiling the script? i use the activestate pdk and generate exe's with the perlctrl tool, but i believe perl2exe would work as well.

      i'll look into compiling it and creating an exe of it. I'll have to read up on it and play with it. Thank you very much for your help guys!. Much appreciated. Ray
Re: encryting scripts
by IndyZ (Friar) on Aug 15, 2001 at 09:46 UTC
    I take it that this is on NT or 2k. You should be able to set the permissions on the password file (or the whole script, for that matter) so that only Administrator can read it.

Re: encrypting scripts
by runrig (Abbot) on Aug 15, 2001 at 09:50 UTC
    Use Acme::Bleach :) No, forget I said that. Really. Don't. Just kidding. Nothing to see here. Move along.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://104839]
Approved by root
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (3)
As of 2024-04-15 03:28 GMT
Find Nodes?
    Voting Booth?

    No recent polls found