I want to hide this simple bat code stored in a bat file,i don't know how to encrypt it. Ez Tools Software Speakercraft In Wall. How to encrypt a batch. Batch files can only be written in ANSI text. Nov 27, 2013 Hello, The proposal to encrypt the password inside a batch seems to be canceled. And the second proposal to use private and public key with PGP is also canceled, due to the 'passphrase' not enough secure.

This script of mine here to use the password associated with a batch file from a hidden stream attached to the file, prompt for the password if not present and save it. If you know how to work out what is going on in the batch you could do the same and get the password to work with, but to a casual observer it is not at all obvious how it works.

Script to prompt for and enter password in hidden manner: Script to store password in an extra data stream with the batch file that you can't see but is there and can be read by the batch file itself: Steve. Re reading your question for the reasons why it sound like you just need to seetup ad permissions and computer permissions as needed. You to can use restricted group s group policy for instance to add a new group 'firstyou line techs' into the local administrators group of all pcs in certain container. Likewise you can adjust rights so that said users can adjust group memberships and reset passwords etc.

In ad but not be full domain admins. If of interest will dig out docs from when i set this up many years ago for a big ad i setup. Exactly, now I read the question correctly this isn't a script for a one-off problem for a password that doesn't really matter, sounds like effectively hiding a domain admin password like this. I would seriuously look at the many options available for delegating responsibility, giving techs full admin access to certain boxes as local admins, give them the rights that they do need to certain servers, delegate permissions to AD objects in certain OU's etc. All can be done and is the 'right' way. Personally I use such password hiding for when I want to hide a password logon for sending an smtp log message or other fairly unimportant things.

I know other people have used Auto It scripts compiled to an EXE to push in passwords etc. Perhaps if you want to let us know what sort of things you are trying to do whether we can advise other ways? Your copying icon to c: drive using psexec, why not push it instead to the c$ share, or if it is a regular thing, use GPP to push file down, software installation, or even a startup script if the user doesn't have rights to the area. Once again, storing any password anywhere, encrypted or not is security through obscurity. I suppose we can tout that banner all day long-- at the end of the day Windows itself would fall under this category. Texas A&.

Anyone hear of mimikatz? Origin 8 Serial Number Crack For Internet there. The ability to dump clear text local/domain OS passwords from memory? What about kon-boot?

The ability to bypass windows authentication all together? Storing a password as a seeded hash, would still fall under your broad category of 'storing any password anywhere, encrypted or not' Let's come down a few notches shall we. Arguably, the skills required to pull a Windows OS clear text password (or hash for attacks) from memory would be the same skills required to pull a decrypted 'steelrunas' password from memory. Either way you have vulnerabilities. So long as the weakest form of authentication is relied upon, compromise will become increasingly simple-- so the issue comes down to risk (accepting, rejecting, transferring, mitigating, etc.). Which is why the best way frankly is just give the people needing to run the command he rights to do it, if it is an administrative task would suggest giving them a seperate domain account with suitable rights to what it needs to. They can then connect using that account to do this job, i.e.