Question
So I made a very simple, very non-secure batch program which compares the password you enter to the password in the program. Now I want to see if I can somehow bypass it (I´m personally thinking of something along the similar to SQL injection). The only restriction is you can´t read the source code. So, any suggestions?
https://stackoverflow.com/questions/23174804
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian@echo off
:A
echo enter password to activate the program
set/p "pass=>"
if NOT %pass% == l33t goto :A
start program
cls
exit
This is batch for
if (password == "l33t") {start program}.
edit: You also can´t bruteforce it.
Solution 2
I cannot see how this answer could do any harm, because if you know the batch source code, then you would probably know how to start the program anyway.
So let's try and enter:
EXIST blabla.txt
This should throw an error, but the batch continues and therefore you bypass the if clause.
OTHER TIPS
Here a batch bruteforcer 3 minutes to find your code. LOL
@echo off&cls
setlocal EnableDelayedExpansion
set $ListChar=a b c d e f g h i j k l m o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0
::For a code with 4 char (without special char)
echo %time%>Brutef.txt
for %%a in (%$Listchar%) do (
for %%b in (%$Listchar%) do (
for %%c in (%$Listchar%) do (
for %%d in (%$Listchar%) do (
set $CODE=%%a%%b%%c%%d
if "!$CODE!"=="l33t" (echo !time!>>Brutef.txt
echo CODE FOUND : !$Code!
PAUSE
start program)))))
You can check the needed time in Brutef.txt
Type start program in your console. That will bypass the password "protection".
scnr
Anyway, there is no injection hole in that code.
