Greetings monks,

I am charged with the unpleasant task of "password-protecting" a windows .exe file, or otherwise stopping a user from running this executable unless authorized. Search didn't turn up much that's similar to my problem. The complications:

I realize that calling this "security" is a bit of a stretch. But I only need this to be "secure" to the point where the average non-hacker would be defeated, and the average hacker would be slowed down or perhaps annoyed enough to make it not worth the effort. This is what I came up with so far:

use warnings;
use strict;
use Convert::UU qw(uudecode);
use Digest::MD5 qw(md5_hex);
use Win32::Process;
use Win32;
use File::MkTemp;

print "Password: ";
chomp( $_ = <STDIN> );

my $dep;

if(md5_hex($_) eq '207f499c334c2a3199f748a327b1b515') {
   # For added "security" (I use the term lightly)  we're going to use
+ a random filename.
   $dep = mktemp('XXXXXXXX', $ENV{'TEMP'}) . '.exe';

   print "Password OK.  One moment please.\n\n";
   open OUT, '>', $dep or die $!;
   
   my $uu;
   {
      local $/;
      $uu = <DATA>;
   }

   binmode OUT;
   print OUT uudecode($uu);
   close OUT;

   # We need to pass along the command line arguments
   my $com = join ' ', ($dep, @ARGV);

   # And the current directory; this script is always called via .bat 
+files, 
   # so the current working directory should always be set; we don't c
+are what it is,
   # but we need to let the process know below
   chomp(my $curr_dir = `cd`);

   my $proc;
   Win32::Process::Create(
      $proc,                        # Process object
      $dep,                         # Filename
      $com,                         # Command line args
      0,                            # Should the process inherit fileh
+andles?  (No.)
      NORMAL_PRIORITY_CLASS,        # Priority (normal)
      $curr_dir                     # Process' working directory
   ) or die $!;

   $proc->Wait(INFINITE);

   print "Please don't close this window.  It will close itself automa
+tically in a few seconds.\n";
}

END {
   # Delete the temp file.  This won't be run if the script doesn't ex
+it normally!
   unlink $dep if $dep;      
}

__DATA__
# long uuencoded string of the original .exe goes here

[download]

I then take this script and run it through PAR to create a standalone .exe, and then I will distribute this wrapper exe as a drop-in replacement for the original .exe.

Some unresolved problems with my solution:

Can you think of anything else I could do here, or anything I'm overlooking? I particularly don't like the END block. (This is my first post. Thanks in advance.)

In reply to Password-protect an arbitrary windows executable? by chester

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.