Page 1 of 1
Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 05:00
by gruff999
I found this code on alt.msdos.batch.nt many years ago. I can see what it`s doing in simple 'mechanical' terms but can someone give me a fuller explanation of what "in.com" is, why it works, and the code that creates it? It seems to temporarily create a file that captures console input up until the Enter key is pressed.
Code: Select all
@echo off
set /p username=Enter user name:
echo hP1X500P[PZBBBfh#b##fXf-V@`$fPf]f3/f1/5++u5>in.com
set /p password=Enter password:<nul
for /f "tokens=*" %%i in ('in.com') do set password=%%i
echo %username%
echo %password%
pause
del in.com
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 06:18
by foxidrive
Herbert Kleebauer helped pioneer ascii binary files to post utilities that he wrote embedded into text messages.
Here is an original post with that binary in a thread from 2004 and the source code.
http://www.44342.com/MS-DOS-f497-t485-p1.htmIt also has a different one at the beginning.
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 07:13
by Squashman
We had another thread a while back about obfuscating the password as it is typed in. This goes back to your Xcopy question you asked as well.
viewtopic.php?f=3&t=4664
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 09:46
by penpen
The file "in.com" just calls the DOS interrupt 0x21 function number 0x0A with the input buffer located at DS:0x163 and then returns:
Code: Select all
mov dx, [buffer]
mov ah, 0A
int 21
ret
buffer@163:
BYTE 1 DUP(FE)
BYTE F1 DUP(0)
But the neeeded values are mostly binary and may be corrupted when copy+paste them to a file, so the author has created a file consisting of default text characters doing the same:
Code: Select all
:0001.0100 685031 push 3150 stack <- 0x3150
:0001.0103 58 pop ax ax <- stack (== 0x3150)
:0001.0104 353030 xor ax, 3030 ax ^= 0x3030 (== 0x160)
:0001.0107 50 push ax stack <- ax
:0001.0108 5B pop bx bx <- stack (== 0x160)
:0001.0109 50 push ax stack <- ax
:0001.010A 5A pop dx dx <- stack (== 0x160)
:0001.010B 42 inc dx dx += 1 (== 0x161)
:0001.010C 42 inc dx dx += 1 (== 0x162)
:0001.010D 42 inc dx dx += 1 (== 0x163)
:0001.010E 666823622323 push 23236223 stack <- 0x23236223
:0001.0114 6658 pop eax eax <- stack (== 0x23236223)
:0001.0116 662D56406024 sub eax, 24604056 eax -= 0x24604056 == 0xFEC321CD, ZF :== 1
:0001.011C 6650 push eax stack <- eax
:0001.011E 665D pop ebp ebp <- stack (== 0xFEC321CD)
:0001.0120 66332F xor ebp, [bx] ebp ^= [bx] (== [0x160])
:0001.0123 66312F xor [bx], ebp [bx] ^= ebp ([bx] := 0xFEC321CD) write (int 21, ret, BYTE 1 DUP(FE)) part at :0001.0160
:0001.0126 352B2B xor ax, 2B2B ax ^= 0x2B2B (ax == 0xFEC30AE6, ah == 0A)
:0001.0129 7535 jne 0160 jump to address 0x0160 if 0 != ZF (== 1)
:0001.012B 0D0A00 or ax, 000A never reached
:0001.012E 00000000000000000000 BYTE 10 DUP(0) never reached
:0001.0138 00000000000000000000 BYTE 10 DUP(0) never reached
:0001.0142 00000000000000000000 BYTE 10 DUP(0) never reached
:0001.014C 00000000000000000000 BYTE 10 DUP(0) never reached
:0001.0156 00000000000000000000 BYTE 10 DUP(0) never reached
:: set up by file "in.com"
:0001.0160 CD21 int 21 ah == 0A interrupt 21 function executed
:0001.0162 C3 ret return
:0001.0163 FE BYTE 1 DUP(FE)
The int 21h function 0x0A is explained for example here:
http://stanislavs.org/helppc/int_21-a.htmlpenpen
Edit+: Corrected some errors.
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 10:00
by Squashman
Also realize that this will not work on 64bit versions of Windows.
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 10:31
by gruff999
Squashman, thank you. I have both an XP and Windows 7 64-bit machine on my desk - it`s one of the only things that behaves differently, so far.
I appreciate DosTips is mainly about XP (I assume it still is?).
Others that have caught me out are:
SET /P doesn`t support leading spaces in the prompt under Win 7 (annoying). Actually, I should wait until someone proves me wrong on this forum perhaps?
CHOICE command has new switch /M before specifying your own prompt.
But I don`t need CHOICE any more do I!
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 12:06
by Squashman
gruff999 wrote:I appreciate DosTips is mainly about XP (I assume it still is?).
We try to write batch files that work across all versions of Windows. Of course a lot of options came out with version of Windows after 9X. So most of the stuff we write here does work on XP and above.
gruff999 wrote:SET /P doesn`t support leading spaces in the prompt under Win 7 (annoying). Actually, I should wait until someone proves me wrong on this forum perhaps?
I believe this has been discussed on the forums.
Re: Prevent typed password appearing on screen - explanation
Posted: 26 Feb 2014 16:59
by foxidrive
gruff999 wrote:SET /P doesn`t support leading spaces in the prompt under Win 7 (annoying). Actually, I should wait until someone proves me wrong on this forum perhaps?
That's true, but you can put things like an A and backspace as the leading two characters, which works when printing to the screen.
See here where it is used:
viewtopic.php?f=3&t=5406