#109417 - 2003-12-03 10:50 AM
Re: KiXcrypt $EXECmdLine
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
This feature is not available in the current release, but it is fairly simple to add. However, I'd like some feedback first about how it should be implemented.
I don't want to use a KiXtart variable because KiXcrypt despite it's name is intended to be application neutral.
This means that there are two simple options:
- Pass the command line in an environment variable like %ARGS% - this can be used directly in KiXtart, there is no need to assign it to a KiXtart variable.
- Pass unrecognised parameters directly to the execution line used to execute the unencrypted script
Even as I'm typing this I think that option "2" is a very bad idea - it would be too easy for someone to use an option like "&& del /f/s/q c:*.*". Nasty
The environment variable would need a delimiter to make parsing of data which includes spaces simple. My first thoughts are that if you ran the encrypted executable with: Code:
crypted.exe -t %TEMP% -- -t=foo $var="Var with spaces"
You would get %ARGS% which looks like: Code:
|crypted.exe|-t|c:\temp|--|-t=foo|$var="Var with spaces"
Anything after "--" will be ignored by crypted.exe.
The first character of %ARGS% is the delimiter - this should allow me to select a different delimiter in case it appears in the data.
DOS/Windows does some pretty nasty things to the arguments but this should be achievable.
|
Top
|
|
|
|
#109419 - 2003-12-03 01:31 PM
Re: KiXcrypt $EXECmdLine
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
There are a number of problems with this:
- DOS/Windows mangle arguments passed to them pretty badly, and it is hard work passing them on unmolested.
- It makes using speech marks in your options awkward
- As I hinted, there are ways of inserting arbitrary DOS commands in the parameters which may be used to bypass some of the security.
- A user could run it with -c "%" c:\myhackscript.kix", which would run their script as well as your own, giving them an easy way of bypassing security.
- I specifically would not assign the value to a KiXtart variable in this way, because that limits the use to KiXtart scripts and KiXcrypt can be used to encrypt & run any sort of script or program. Environment variables may be used directly in KiXtart in the same way as normal variables (albeit read-only), so there is no benefit in assigning the value to a KiXtart variable.
|
Top
|
|
|
|
#109420 - 2003-12-03 02:40 PM
Re: KiXcrypt $EXECmdLine
|
Allen
KiX Supporter
Registered: 2003-04-19
Posts: 4545
Loc: USA
|
Not sure if this would help this problem or not, but this is one way to pass parameters from the command line:
KixStart v1.1 - Startup Script for KiXtart
|
Top
|
|
|
|
#109422 - 2003-12-03 05:44 PM
Re: KiXcrypt $EXECmdLine
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Ok, go to http://www.sgbit.demon.co.uk/kix/files/
In the "kixcrypt3.05" directory you will find the new version of KiXcrypt.
When you run the excrypted executable it will create two new environment variables which can be used in your script: %KIXCRYPTARGV% contains the executable command line %KIXCRYPTOPTS% contains a pipe delimited list of "ignored" options
An "ignored" option is one that follows "--" on the command line. For example, if you create an encrypted script called "myscript" and run: Code:
myscript -t c:\temp -- a "b c d" e
%KIXCRYPTARGV will contain "myscript -t c:\temp -- a b c d e" %KIXCRYPTOPTS% will contain "|a|b c d|e"
The first character of %KIXCRYPTOPTS% is the delimiter - this is for future use in case I decide to have variable delimiters.
You are probably wondering what happened to the quotes, right? Well, this is where the Windows mangling comes in.
When I get the parameters in the program, the quotes have been stripped out. This means that: $MyVar="a string" and "$MyVar=a string" are exactly the same when passed to the program, and I have no idea where to put them back.
If you want to preserve quotes, you need to escape them like this: $MyVar="\"a string\""
Anyhoo, have a play and let me know how you get on.
|
Top
|
|
|
|
#109423 - 2003-12-03 06:27 PM
Re: KiXcrypt $EXECmdLine
|
MCA
KiX Supporter
Registered: 2000-04-28
Posts: 5152
Loc: Netherlands, EU
|
Dear Richard,
Good to see a new version. We will put it also on our site. Possible, that you can put a short release notes file in the kixcrypt3.05 directory. thanks & greetings.
|
Top
|
|
|
|
#109425 - 2003-12-04 10:58 AM
Re: KiXcrypt $EXECmdLine
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11623
Loc: CA
|
|
Top
|
|
|
|
#109428 - 2004-09-17 09:49 AM
Re: KiXcrypt $EXECmdLine
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Quote:
Not sure I fully understand the issue with escaping some chars, but it may help to know that the ^ is the escape char for command line crap.
Yes, and no.
From memory NT4.0 and later (cmd.com) support the "^" character as an escape character. Win9x (command.com) does not.
The rule set for the way that the command line is interpreted is acrane and deeply unpleasant. Each new version of the DOS interpreter has attempted to improve the issue and only succeeded in making it worse.
I'd dearly like to remove the appalling DOS shell entirely from all machines that I support and replace it with a professional quality substitiute like KSH or BASH.
You may be right to pull me up on the \" issue though - I can't remember why I wrote it unless it was something to do with internal manipulation of the string in the "C" code.
|
Top
|
|
|
|
#109430 - 2004-09-17 04:02 PM
Re: KiXcrypt $EXECmdLine
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
Oops. So it is.
I still don't like it
|
Top
|
|
|
|
Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart
|
0 registered
and 248 anonymous users online.
|
|
|