win32 - access shared folder

Discussion in 'Perl Misc' started by Sebastian Scholz, Jun 29, 2004.

  1. Hi

    I like to do a simple copy to a shared folder, which is basically no problem
    until the user is not connected to the maschine and has to enter a username
    and password.

    copy("c:/test.htm","//192.168.1.192/wwwroot/test.htm");

    The shared folder needs a login with login information that the user is not
    suppose to have, so the login data has to be hard coded. What do I have to
    do that the script does an automatic login ?

    Thanks,

    Sebastian
     
    Sebastian Scholz, Jun 29, 2004
    #1
    1. Advertising

  2. First of all, let me offer you a little _untested_ sample script that will
    hopefully help you:

    --- Beginning ---
    use strict;
    use warnings;

    my $IP=192.168.1.192; # define $IP to match your environment
    my $ShareName='wwwroot'; # define $ShareName to match your environment
    my $UserName='Administrator'; # define $UserName to match your environment
    my $Password='SensitivePassword'; # define $UserName to match your
    environment

    # the following net use should connect to the share using the credentials
    # defined for $UserName and $Password.
    system ("net use \\\\$IP\\$ShareName /u:$IP\\$UserName $Password");
    #you should now have access to the share and should be able to copy your
    file over
    system ("copy client.pl \\\\$IP\\$ShareName\\*.*");

    --- End -----


    Not being a native english speaker, I must admit that I'm slightly shooting
    dark because the following statment is ambiguous (to me):

    "The shared folder needs a login with login information that the user is not
    suppose to have, so the login data has to be hard coded. What do I have to
    do that the script does an automatic login ?"

    Let me try to address what I believe to be your concern. As you requested,
    if you hard code the login data (username/password) in the script, it is
    really not secure. It is pretty much equivalent to handing over the
    information to the end user running the script. Of course you might be in an
    environment where users are not computer literate but it is only a matter of
    time before one user reads your source code and figure out the
    username/password.

    You will find many threads concerning 'hidding' your source code. Run the
    command 'perldoc -q hide' on your system or google. The bottom line is that
    there is no way to hide the information once the script is running on the
    user machine. You can try to create an executable or to offuscate the info,
    however, another person with a bit of motivation and knowledge will
    eventually reverse engineer your code. My purpose is not to scare you but
    to make you aware. Writing a script containing a sensitive username and
    password is just not secure.

    To 'minimize' the risk, you might want to create a generic user that is
    limited to writing to the share that you want the user to access. Don't use
    any sensitive user belonging to your administrators group. :) Also, you
    have to realize that upon exit of the sample script provided above, the
    connection to the share will still be there. You should consider removing
    the connection to the share:

    system ("net use \\\\$IP\\$ShareName /d"); # untested code


    Don't hesitate to ask further questions or to report problems/success.

    MrReallyVeryNice
     
    MrReallyVeryNice, Jun 30, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SWJyYWhpbS4=?=

    Access to Shared folder from asp.net

    =?Utf-8?B?SWJyYWhpbS4=?=, Jul 6, 2006, in forum: ASP .Net
    Replies:
    7
    Views:
    6,859
    =?Utf-8?B?SWJyYWhpbS4=?=
    Aug 8, 2006
  2. Thomas Heller
    Replies:
    6
    Views:
    730
    Claudio Grondi
    Apr 9, 2005
  3. mmb
    Replies:
    0
    Views:
    203
  4. shared folder access

    , Oct 15, 2003, in forum: ASP .Net Security
    Replies:
    4
    Views:
    243
    sandy
    Oct 17, 2003
  5. James
    Replies:
    2
    Views:
    149
    Ray at
    Aug 10, 2004
Loading...

Share This Page