Quote:

Put delete inhibit on the temp folder and it should stay even after the script finishes.



Not unless you are using one of the early versions of KiXcrypt which did not have much in the way of hack defeats. The "delete inhibit" exploit was fixed in Version 2.08b released 1st Feb 2002. It is noted in the version history and the warning messages as the "Russ Exploit" in recognition of the guy that found and reported it to me privately

If you look at the version info you will see that quite a few exploits have been identified and defeated.

Certainly by the time I got around to the console-less versions these simple exploits were defeated.

Specifically regarding delete inhibit, KiXcrypt performs a few checks to ensure that it will be able to both overwrite and remove the temporary file before it starts to write real script code out.

If the "-x" flag was used on the package creation then it is more secure as the primary script is never commited to disk. A small bootstrap script is written and the primary script is passed directly to it for execution.

It is not impossible to defeat KiXcrypt packages but it is (I believe) sufficiently difficult to be "good enough".

Edited by Richard H. (2004-08-02 03:02 PM)