Windows 7 Batch File that denies access to a folder

#1
Hi guys I know I am a newbie here but I am no newbie to tech. However there is a problem I have been having recently and I can't seem to beat it lol and it's irritating me! So I was wondering if you could help me solve my dilema.

See I use a batch file on my USB that protects it (From un-geek people) But it is easily gotten through if you know how to. Now I have already solved one or two flaws. I converted the batch to an exe so you can't get the password and I also put the i attribute in as well. But I cannot figure out how to make a batch file that changes the permissions on the folder so that when it is unlocked everyone has full control but when it is locked NO ONE can access it. (I am happy to know that the only flaw with this is changing the folders permissions manually) See my USB is full of extremely confidential stuff. So if anyone could get me on my way with this?

Also please don't suggest any sort of program to replace this as I am not allowed to use encryption programs in the workplace. Just batch files or exe files.

So can anyone help? here is the current script I am using.
Code:
cls @ECHO OFF
 title Folder USBHDD
 if EXIST "Hidden Folder" goto UNLOCK
 if NOT EXIST USBHDD goto MDLOCKER
 :CONFIRM
 echo Lock and encrypt USB?
 set/p "cho=>"
 if %cho%==y goto LOCK
 if %cho%==Activate goto LOCK
 if %cho%==n goto END
 if %cho%==N goto END
 echo Incorrect Choice. Try Again.
 goto CONFIRM
 :LOCK
 ren USBHDD "Hidden Folder"
 attrib +h +s +i "Hidden Folder"
 echo Folder Hidden
 goto End
 :UNLOCK
 echo Access is requested. Type the Master Control Code
 set/p "pass=>"
 if NOT %pass%== bypasssecurityprotocol goto FAIL
 attrib -s -h -i "Hidden Folder"
 ren "Hidden Folder" USBHDD
 echo Access Granted
 goto End
 :FAIL
 echo Invalid password
 goto end
 :MDLOCKER
 md USBHDD
 echo USBHDD created successfully
 goto End
 :End
 


AceInfinity

Senior Member
Microsoft MVP
#2
I converted the batch to an exe so you can't get the password
To your dismay, you didn't fix anything on that front. If you sent me the exe I would prove it :)

There's no foolproof way to do this with batch though, that's the truth. If you want something to be secure on your USB, why not use a utility like BitLocker?

You don't have to install the program anywhere in your workplace, but it will protect your key anyways with password security. I don't see how they wouldn't allow that.

The batch script itself isn't quite all pretty though unfortunately, but i'll point out a few reasons.

1) There's no reason for this because this is the end of the script anyways.
Code:
goto End
:End
Anywhere where goto End is called could be easily replaced by exit /b or goto :eof and thus making :End useless.

2) If this file is double clicked the console will close by the time this script has nothing else to run or it terminates, so things like this will not be seen unless you can read it within the fraction of a half of a second that the console stays open after this is echoed to the output buffer:
Code:
echo USBHDD created successfully
3) These are 2 separate commands to be interpretted here
Code:
cls @ECHO OFF
So it should be separated by a '&' or each on a new line.

4)
Code:
set/p "cho=>"
Should be:
Code:
set /p cho=^>
5)
Code:
if %cho%==y goto LOCK
if %cho%==Activate goto LOCK
if %cho%==n goto END
if %cho%==N goto END
You don't account for the capital 'Y' here, but that could be avoided by using the /i switch to check case insensitively. Although you have 2 methods here that goto LOCK.

I've cleaned up your batch code for you a bit:
Code:
@ECHO OFF & cls
title Folder USBHDD
if EXIST "Hidden Folder" goto UNLOCK
if NOT EXIST "USBHDD" goto MDLOCKER

:CONFIRM
echo Lock and encrypt USB?
set/p cho=^>
if /i "%cho%"=="y" goto LOCK
if /i "%cho%"=="n" goto :eof
echo Incorrect Choice. Try Again.
goto CONFIRM

:LOCK
ren "USBHDD" "Hidden Folder"
attrib +h +s +i "Hidden Folder"
echo Folder Hidden
pause & goto :eof

:UNLOCK
echo Access is requested. Type the Master Control Code
set/p pass=^>
if NOT "%pass%"=="bypasssecurityprotocol" goto FAIL
attrib -s -h -i "Hidden Folder"
ren "Hidden Folder" "USBHDD"
echo Access Granted
pause & goto :eof

:FAIL
echo Invalid password
pause & goto :eof

:MDLOCKER
md USBHDD
echo USBHDD created successfully
pause
Other than that, have you looked into the flags for ATTRIB: /S, /R, /D?

Open up command prompt and type in "ATTRIB /?"
 


Last edited:

kaos

Senior Member
#3
What about using +R +A +S +H :p

the code is infectious lol
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.