Dave-ee Jones Posted December 1, 2017 Posted December 1, 2017 (edited) Hoi! So, I've decided to post a script that I've been using for many years. What it does is lock a folder with a specified password, allowing you to hide and unhide a folder from view any time you please.Keep in mind the code isn't entirely mine - it's an upgraded version of script I found on the internet many years ago. The method of hiding the folder can be seen through if the intruder suspects that there is something hidden there. If a hacker or pentester suspected that there was a hidden file they could find it fairly easily, and I'll tell you how later on in this post. However, if anyone else approached your computer and looked at the files they probably wouldn't look twice. I mean, would you? I don't, unless I suspect.. So, here's the code (why can't we have spoiler tags..): @echo off color 0a :LOAD cls if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto MAIN if NOT EXIST MyStuff goto MFOLDER goto MAIN :MAIN cls echo [ FolderLocker V3 ] echo. echo 1 - LOCK FOLDER echo 2 - UNLOCK FOLDER echo 3 - EXIT echo. set /p Choice=Choice: if %Choice% == 1 goto CONFIRMLOCK if %Choice% == 2 goto UNLOCK if %Choice% == 3 goto EXIT goto MAIN :LOCK ren "MyStuff" "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" echo Folder 'MyStuff' has been locked. timeout /t 1 >NUL goto MAIN :CONFIRMLOCK cls echo [ FolderLocker V3 ] echo. echo Lock Folder 'MyStuff'? (Y/N) set /p Choice=Choice: if %Choice% == Y goto LOCK if %Choice% == y goto LOCK if %Choice% == N goto MAIN if %Choice% == n goto MAIN echo Invalid choice. timeout /t 1 >NUL goto MAIN :UNLOCK cls echo [ FolderLocker V3 ] echo. echo Folder's Password: set /p Password=Password: if NOT %Password% == password goto EXIT ELSE attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "MyStuff" echo Folder 'MyStuff' has been unlocked. timeout /t 1 >NUL goto MAIN :MFOLDER cls echo [ FolderLocker V3 ] echo. md MyStuff echo Folder 'MyStuff' has been created. timeout /t 1 >NUL goto MAIN :EXIT To change the password, just put your password in the :UNLOCK function, 6th line down from the line ":UNLOCK". You can also configure the commands so that it can unlock/lock a file in another directory, making it harder for a random person to know where the folder is, and greatly reduces the chances of someone suspecting a hidden folder (come on, a batch/exe file sitting there saying "FolderLockerV3" isn't going to spark some suspicion?). The folder to be locked is called 'MyStuff', to those who can't understand batch overly well. Anyway, as you may have deducted, the method of hiding the file is very simple. It adds the hidden tag on the file (obviously), but then makes Windows think it's a protected OS file (specifically, a Control Panel file). To view the file when it's hidden, you can click on the 'Options' button under 'View' in Windows Explorer and then click on 'Change folder and search options', then go to the 'View' tab, click on 'Show hidden files, folders and drives', scroll down a little more and then untick 'Hide protected operating system files'. Click on 'Apply' and 'Ok', then you should see the Control Panel folder with all it's contents. So you can see it's not overly secure but it's not obvious to those who don't know how it's secured. Now that I've told you it seems easy, right? If you didn't know you might be hard pressed to find out, assuming the owner of the folder converted the batch into an executable or something else that hides plain text. Anyway, enjoy and let me know if you have any other improvements or changes you want to (or are even going to) make to this code! I would love to know your ideas. Edited December 1, 2017 by Dave-ee Jones Quote
digip Posted December 1, 2017 Posted December 1, 2017 Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following: dir /ahs Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden) This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically: ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" dir /ahs attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop" dir Quote
i8igmac Posted December 1, 2017 Posted December 1, 2017 34 minutes ago, digip said: Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following: dir /ahs Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden) This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically: ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" dir /ahs attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop" dir That is not entirely true, there are a few if expression's followed by a proper Echo. Quote
PoSHMagiC0de Posted December 1, 2017 Posted December 1, 2017 This reminds me of malware a customer of mine caught a while back. It replaced the original folder's names with a SID name and hid it and then created a shortcut that looked like the old folder that would tell it to run the malware first before opening the hidden folder it is associated with. Of course finding it is as simple as having "show hidden files" on in view. Quote
Dave-ee Jones Posted December 2, 2017 Author Posted December 2, 2017 13 hours ago, digip said: Um. Open a command prompt. Go to the place where "MyStuff" was(the aprent directory), and do the following: dir /ahs Now, CD into the listed hidden directory. Now do dir again(or add the /ahs if all files are set to the same attributes and hidden) This does nothing other than change the files attributes, to hidden, and system, which can still be seen and accessed. Basically: ren "poop" "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" dir /ahs attrib -h -s "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" ren "poop2.{21EC2020-3AEA-1069-A2DD-08002B30309D}" "poop" dir I am well aware of this, and I even mentioned that it is easy to see the files if the person knows what they're doing and they suspect there's a hidden file there. So it's no surprise. No reason to be rude at a simple trick that's not supposed to be an unstoppable security system. 11 hours ago, PoSHMagiC0de said: This reminds me of malware a customer of mine caught a while back. It replaced the original folder's names with a SID name and hid it and then created a shortcut that looked like the old folder that would tell it to run the malware first before opening the hidden folder it is associated with. Of course finding it is as simple as having "show hidden files" on in view. Haha, classic! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.