arrrrggghh! vbs and quotes

[box_l]

hi,

i am trying to get truecrypt traveller to run for my teachers (non-admin).

the problem is that it will not load the driver for a non admin.

my idea is autorun.inf calls a vbs that uses runas to elevate the application.

however, i cannot seem to get this bit right

Code:

WshShell.Run "runas /user:adminequivalent "TrueCrypt\TrueCrypt.exe /q background /e /m rm /v Confidential.tc""

where do my quotes/chr(34)s go?

or does anyone have a better idea?

TIA

BoX

[DrPerceptron]

WshShell.Run "runas /user:adminequivalent " & chr(34) & "TrueCrypt\TrueCrypt.exe /q background /e /m rm /v Confidential.tc" & chr(34) & ""

I think...

[PiqueABoo]

Out of interest why can't you just install truecrypt on these machines where they're not an admin?

[box_l]

@piqueaboo

because the traveller mode uses (tries to) its own driver and does not use the one already installed. frustrating huh!


@drperceptron

thank you, but it looks like i need 2 more quotes.

this works at the cmd prompt

Code:

Q:\>runas /user:adminequivalent "TrueCrypt.exe /q background /e /m rm /v Confidential.tc"

BoX

[ajbritton]

Surely for this to work you will have to give out the passwords for the adminequivalent local user accounts.

Have you looked at this: Rohos Mini Drive

[Quackers]

There is a security policy that allows non administrators to install drivers in group policy.

[box_l]

no. i shall use wshsendkeys and the encrypt the vbs file so it cannot be read

i know that encrypted vbs (vbe) can be decrypted but it would only give them a local admin to the laptop/pc which will be fully encrypted and in accessible anyway.

rohos is great and free but only gives 1Gb in the free vesion

i have one with the head teacher already for testing. it gets horrible if the drive is not dismounted properly too. thats not to say truecrypt ones will not, they probably will. but teachers being who they are they, i dont expect them to get it right all the time and i dont want to have to deal with lots of buggered up drives with lost files.

box

@quackers

thank-you

i'll have a look tomorrow

[box_l]

dr perceptron, your code was correct.

it special characters in my password in the wsh.sendkeys that was making it fail. it was just so hard to see what was happening in the cmd window after the password was entered.

thanks applied to you origional post.

BoX

[Arthur]

As mentioned above the best way to do this would be to install TrueCrypt along with the driver it needs so that even restricted users can mount encrypted volumes. If you would like a copy of the package I created that does this just let me know.

[box_l]

yes please!

does it get the traveller mode for the usb stick working?

BoX

[Geoff]

Encoded VBS scripts are not secure.

VBE decoder - Decode all files encoded (original version) with screnc.exe

[box_l]

Hi Geoff,

I know they are only obfuscated really, but as i posted above

i know that encrypted vbs (vbe) can be decrypted but it would only give them a local admin to the laptop/pc which will be fully encrypted and in accessible anyway.

they might get a local admin passord but they will not get past the truecrypt boot password on the laptop.

any better ideas than this?

BoX

[Geoff]

Why do you need to use Traveller mode? Why don't you just pre-install TrueCrypt on these machines and just avoid the whole issue?

they might get a local admin passord but they will not get past the truecrypt boot password on the laptop.

No but they could install a keylogger

[Arthur]

I'll upload the package later today.

[ZeroHour]

One other way to do it for future reference is using AUTOIT. It has a function built in for runas another account and if you secure the exe it should be harder to sniff the details where as if I kid finds that script he has the account password.