i am trying to create a server with unique user/pw login credentials, however i cant figure out the way to add multiple user /pw t the auth.bat
@echo off
rem Example script for performing basic user authorization for virtualhere in windows
rem Also includes a simple password protection mechanism for accessing a device
rem Return 3 if the user needs to provide a username AND password (or the password is incorrect) to use the device
rem Return 2 if the user needs to provide only a password (or the password is incorrect) to use the device
rem Return 1 if the user is allowed to access this device
rem Return 0 if the user is not allowed to access this device
rem Parameters are passed in as:
rem %1 = VENDOR_ID
rem %2 = PRODUCT_ID
rem %3 = CLIENT_ID
rem %4 = CLIENT_IP
rem %5 = PRODUCT_SERIAL
rem %6 = PASSWORD
rem %7 = DEVPATH
rem %8 = NICKNAME
rem %9 = NUM_BINDINGS
rem for help debugging this script, look in the file log.txt to see the arguments passed in
rem and the result of the IF statements below
echo %1 > log.txt
echo %2 >> log.txt
echo %3 >> log.txt
echo %4 >> log.txt
echo %5 >> log.txt
echo %6 >> log.txt
echo %7 >> log.txt
echo %8 >> log.txt
echo %9 >> log.txt
rem "mypassword" = "34819d7beeabb9260a5c854bc85b3e44" as an MD5 hash
rem go here https://passwordsgenerator.net/md5-hash-generator to determine the MD5 hash for the password you want to use
IF %6=="782a385b4c51caf1fa6238ebab78db59" (
echo "Password ok" >> log.txt
) ELSE (
echo "Password invalid" >> log.txt
exit 2
)
ECHO %3 | FIND "(Defamous)" >Nul
if errorlevel 1 (
echo "NOT authorized" >> log.txt
EXIT 0
) ELSE (
echo "Authorized!" >> log.txt
exit 1
)
any way i try to add another field after the IF function for another hash pw it simply returns an error and the original pw stops working.
appreciate the assistance in advance!
.`
Do you know any languages besides batch files? Eg c# or python or powershell etc?
For complicated user/password setups, it might be easier to write the authorization in some other language and then just call that module directly and return 0, 1, or 2
no I am not familiar,…
no I am not familiar, however would it be more feasible to create a list of host names (client ID) that are acceptable to limit users and use one password to login all users? for my purposes just being able to track host information that accesses it would be enough to ensure no malicious use, which i am attempting to log just each log in
i am fairly new at this and any help would be much appreciated.
@echo off
rem Example script for performing basic user authorization for virtualhere in windows
rem Also includes a simple password protection mechanism for accessing a device
rem Return 3 if the user needs to provide a username AND password (or the password is incorrect) to use the device
rem Return 2 if the user needs to provide only a password (or the password is incorrect) to use the device
rem Return 1 if the user is allowed to access this device
rem Return 0 if the user is not allowed to access this device
rem Parameters are passed in as:
rem %1 = VENDOR_ID
rem %2 = PRODUCT_ID
rem %3 = CLIENT_ID
rem %4 = CLIENT_IP
rem %5 = PRODUCT_SERIAL
rem %6 = PASSWORD
rem %7 = DEVPATH
rem %8 = NICKNAME
rem %9 = NUM_BINDINGS
rem for help debugging this script, look in the file log.txt to see the arguments passed in
rem and the result of the IF statements below
echo %1 >> log.txt
echo %2 >> log.txt
echo %3 >> log.txt
echo %4 >> log.txt
echo %5 >> log.txt
echo %6 >> log.txt
echo %7 >> log.txt
echo %8 >> log.txt
echo %9 >> log.txt
rem "mypassword" = "34819d7beeabb9260a5c854bc85b3e44" as an MD5 hash
rem go here https://passwordsgenerator.net/md5-hash-generator to determine the MD5 hash for the password you want to use
IF %6=="782a385b4c51caf1fa6238ebab78db59" (
echo "Password ok" >> log.txt
) ELSE (
echo "Password invalid" >> log.txt
exit 3
)
ECHO %3 | FIND "Stephane Malboeuf" >Nul
if errorlevel 1 (
echo "NOT authorized" >> log.txt
echo "%TIME% %DATE%-----------------------------------------------------------------------------------" >> log.txt
Exit 0
) ELSE (
echo "Authorized!" >> log.txt
Echo "%TIME% %DATE% -----------------------------------------------------------------------------------" >> log.txt
exit 1
)
any way i could accomplish a basic list of Clients to have access and log it would be greatly helpful
.
Change the
auth.batfile to look like this:Then create a file called
users.txtlike this e.gNote that the
%3argument is what needs to go into this users.txt file so it can be matchedmuch appreciated! this has…
much appreciated!
this has definitely moved me forward, now i cant seem to get the log to not be reported to twice with the basic info, why is it doing this?
as well if the user/pw is wrong it seems to loop the login and it attempts to log in until i crash the program.. any idea why this occurs?
"user"
"192.168.1.143"
"MSI EPF USB"
"USB\ROOT_HUB30\4&B3ACFCA&0&0,USB\VID_1770&PID_FF00\MSI_EPF_USB,10"
"user"
"192.168.1.143"
"MSI EPF USB"
"USB\ROOT_HUB30\4&B3ACFCA&0&0,USB\VID_1770&PID_FF00\MSI_EPF_USB,10"
"Password ok"
"OK after FINDSTR (0)-------------Authorized! 8:44:25.32 2022-12-09------------"
@echo off
echo %3 >> log.txt
echo %4 >> log.txt
echo %5 >> log.txt
echo %7 >> log.txt
IF %6=="782a385b4c51caf1fa6238ebab78db59" (
echo "Password ok" >> log.txt
) ELSE (
EXIT 2
)
FINDSTR %3 users.txt >Nul
echo "OK after FINDSTR (%ERRORLEVEL%)-------------Authorized! %TIME% %DATE%------------" >> log.txt
IF 0==%errorlevel% (
EXIT 1
) ELSE (
EXIT 0
)
.
1. Yes this is expected. It will try to use the device first, the server will fail it and say a password is required, then it prompts for the password. This is for backward compatibility and is the way it works. Just dont log if if fails.
2. If the password is wrong it will prompt again for the password. Then you just click cancel on the prompt if you dont know the password.