Jump to content

Recommended Posts

Posted (edited)

Hoi!

So, I've decided to post a script that I've been using for many years. What it does is lock a folder with a specified password, allowing you to hide and unhide a folder from view any time you please.
Keep in mind the code isn't entirely mine - it's an upgraded version of script I found on the internet many years ago.

The method of hiding the folder can be seen through if the intruder suspects that there is something hidden there. If a hacker or pentester suspected that there was a hidden file they could find it fairly easily, and I'll tell you how later on in this post. However, if anyone else approached your computer and looked at the files they probably wouldn't look twice. I mean, would you? I don't, unless I suspect..

So, here's the code (why can't we have spoiler tags..):

@echo off
color 0a

:LOAD
cls
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto MAIN
if NOT EXIST MyStuff goto MFOLDER
goto MAIN

:MAIN
cls
echo [ FolderLocker V3 ]
echo.
echo 1 - LOCK FOLDER
echo 2 - UNLOCK FOLDER
echo 3 - EXIT
echo.
set /p Choice=Choice: 
if %Choice% == 1 goto CONFIRMLOCK
if %Choice% == 2 goto UNLOCK
if %Choice% == 3 goto EXIT
goto MAIN

:LOCK
ren "MyStuff" "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder 'MyStuff' has been locked.
timeout /t 1 >NUL
goto MAIN

:CONFIRMLOCK
cls
echo [ FolderLocker V3 ]
echo.
echo Lock Folder 'MyStuff'? (Y/N)
set /p Choice=Choice: 
if %Choice% == Y goto LOCK
if %Choice% == y goto LOCK
if %Choice% == N goto MAIN
if %Choice% == n goto MAIN
echo Invalid choice.
timeout /t 1 >NUL
goto MAIN

:UNLOCK
cls
echo [ FolderLocker V3 ]
echo.
echo Folder's Password:
set /p Password=Password: 
if NOT %Password% == password goto EXIT ELSE
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "MyStuff"
echo Folder 'MyStuff' has been unlocked.
timeout /t 1 >NUL
goto MAIN

:MFOLDER
cls
echo [ FolderLocker V3 ]
echo.
md MyStuff
echo Folder 'MyStuff' has been created.
timeout /t 1 >NUL
goto MAIN

:EXIT

To change the password, just put your password in the :UNLOCK function, 6th line down from the line ":UNLOCK". You can also configure the commands so that it can unlock/lock a file in another directory, making it harder for a random person to know where the folder is, and greatly reduces the chances of someone suspecting a hidden folder (come on, a batch/exe file sitting there saying "FolderLockerV3" isn't going to spark some suspicion?). The folder to be locked is called 'MyStuff', to those who can't understand batch overly well.

Anyway, as you may have deducted, the method of hiding the file is very simple. It adds the hidden tag on the file (obviously), but then makes Windows think it's a protected OS file (specifically, a Control Panel file).

To view the file when it's hidden, you can click on the 'Options' button under 'View' in Windows Explorer and then click on 'Change folder and search options', then go to the 'View' tab, click on 'Show hidden files, folders and drives', scroll down a little more and then untick 'Hide protected operating system files'. Click on 'Apply' and 'Ok', then you should see the Control Panel folder with all it's contents.

So you can see it's not overly secure but it's not obvious to those who don't know how it's secured. Now that I've told you it seems easy, right? If you didn't know you might be hard pressed to find out, assuming the owner of the folder converted the batch into an executable or something else that hides plain text.

Anyway, enjoy and let me know if you have any other improvements or changes you want to (or are even going to) make to this code! I would love to know your ideas.

Edited by Dave-ee Jones
Posted

Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following:

 

dir /ahs

Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden)

This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically:

ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"

dir /ahs

attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop"

dir 

 

Posted
34 minutes ago, digip said:

Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following:

 


dir /ahs

Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden)

This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically:


ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"

dir /ahs

attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop"

dir 

 

That is not entirely true, there are a few if expression's followed by a proper Echo.

Posted

This reminds me of malware a customer of mine caught a while back.  It replaced the original folder's names with a SID name and hid it and then created a shortcut that looked like the old folder that would tell it to run the malware first before opening the hidden folder it is associated with.  Of course finding it is as simple as having "show hidden files" on in view.  

Posted
13 hours ago, digip said:

Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following:


dir /ahs

Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden)

This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically:


ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"

dir /ahs

attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop"

dir 

 

I am well aware of this, and I even mentioned that it is easy to see the files if the person knows what they're doing and they suspect there's a hidden file there. So it's no surprise. No reason to be rude at a simple trick that's not supposed to be an unstoppable security system.

11 hours ago, PoSHMagiC0de said:

This reminds me of malware a customer of mine caught a while back.  It replaced the original folder's names with a SID name and hid it and then created a shortcut that looked like the old folder that would tell it to run the malware first before opening the hidden folder it is associated with.  Of course finding it is as simple as having "show hidden files" on in view.  

Haha, classic!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...