China DOS Union

Originally posted by martin325 at 2006-2-22 13:14:
May I ask the expert on the 7th floor, can you upload your Doskey?

My doskey is not mine either, it's the one that comes with MS-DOS/Windows 98

Thanks to the moderator for providing a clever way : )
My boot disk was made under WINME, and the computer with the WINME system installed can't be found either.

Just tried doskey.com under Win98, there is a version conflict, can't use it : (

I wonder if any enthusiastic friend can provide a download?

The method on floor 15, I tried it, it didn't work.

Is it that the guess answer is incorrect, or is it my own operation error?

Please let the moderator announce the answer!

Originally posted by martin325 at 2006-2-22 16:49:
The method on floor 15, I tried it, but it didn't work.

Is the answer to the guessing game incorrect, or did I make a mistake in operation?

I said, I just roughly pointed it out, and didn't fully state the answer, because this would affect others' answers. I believe those who know will understand. Moreover, the method I mentioned only applies to the doskey that comes with MS-DOS, and may only be partially applicable to third-party developments.

In the Autoexec batch file, write:
doskey del=none
doskey doskey=cls
After running and executing Autoexec, the del command cannot be used, and the doskey itself cannot be uninstalled.

How to make the del command "usable" again without restarting the computer?

Description: My doskey is developed by a third party.

Re DOSforever:

The statement about "high bit" was purely a typing error, but surprisingly, it provoked your indignant outcry, which is quite a pleasant surprise. The claim about "no prize" is also unfounded. Just take a look at the 5 little hands on floor 15; 20 points is the upper limit of my rating!

However, your answer did indeed bring me an unexpected gain. 1, 2, and 3 were all what I expected, but 4 was something I didn't think of, and it hasn't been uncovered yet. Inadvertently, I've discovered 5 more solutions, which together with your 4 methods exactly make up "ten".

Currently, it seems this exchange is getting more and more interesting. Actually, I'm a bit grateful for these "security issues" with doskey, but its loopholes are indeed too many.

Re martin325:

I really admire your perseverance in focusing on DOS security issues. In the past, I only spent a little time on it and then gave up as I felt it was hopeless.

Actually, to enhance DOS security, the login issue at startup is the first stronghold, and the permission allocation after startup is just some simple internal protection measures.

As for command restriction, I think the most practical way is to directly modify command.com. It's not complicated; just use a hexadecimal editing tool to replace strings with equal length.

Additionally, in your current plan, simply prohibiting del is not enough. Don't forget it has an alias called Erase.

Finally, regarding the cracking of doskey, can you wait until I unveil the Alt- mystery to reveal it?

[ Last edited by willsort on 2006-2-23 at 12:45 ]

Thanks for the reminder :)
Waiting for the answer...

Re martin325:

After searching for it thousands of times in the crowd, suddenly looking back, it was right there in the dimly lit place.

Brother DOSforever's interpretation of alt- turns out to be hidden in DOSKey /?, while I was struggling to find the solution from Alt-Num, Alt-Enter. Okay, now I can announce all the solutions I know so far to unlock doskey doskey=cls.

1. (Alt-F10)
   
2. (space)doskey doskey=
   
3. doskey.com doskey=
   
4. call doskey doskey=
   
5. for %c in (doskey) do %c doskey=
   
6. if errorlevel 0 doskey doskey=
   
7. doskey/reinstall
   
8. command /k doskey doskey=
   exit
   
9. echo doskey doskey=>dk.bat
   dk.bat
   del dk.bat
   
10. ren doskey.com dk.com
    dk doskey=
    ren dk.com doskey.com
    

[ Last edited by willsort on 2006-2-24 at 18:14 ]

Okay, let me give it a try!

Regarding security issues, when I boot up in DOS, I set three choice statements in Autoexec and disabled F5, F8, Ctrl+C, and Ctrl+Break. So the first line of defense is also set!

This method is relatively simple. Security-wise, it's not very good, but it can be considered a line of defense. It's still useful for little菜鸟 like me, right? Please, moderator, point out the major loopholes in this method!

Also, may I ask if there are other more secure methods?

Just now I tested it, and found that only the first item is effective for the third-party developed doskey program I use!

The remaining 9 items are all ineffective!

Re martin325:

There is something strange here. I have tested under MSDOS6.22, MSDOS7.10 and WinME boot disks. In MSDOS7.10/WinME, the one used is exactly Paul Houle's Enhanced DOSKEY Ver 1.8. Except that item 7 is only valid for MS's DOSKEY due to different parameter switches, the other methods are equally effective. How did you test?

As for your security test, it is suggested that you first make a simplified boot disk IMG image that protects all your existing security measures, then upload it as an attachment or send it directly to my email, so that I can also test the security performance of doskey in your DOS environment by the way.

[ Last edited by willsort on 2006-2-25 at 00:54 ]

The email has been sent to moderator willsort. Please check it and give your valuable opinions.

Additional notes:
When running, the screen display is "non-system disk or disk error"
Please reboot it by enter [Ctrl+Alt+Del]
Bad command or file name
This is to confuse little novices! Haha...

Re martin325:

Tests have been carried out, and it should be said that it has done quite well in terms of security. If you boot with this boot disk and don't know the password key, it's very difficult to log in to the DOS environment.

Of course, there are still some loopholes. The biggest one is that as a boot disk, it still cannot prevent users from logging in to the system in other ways and viewing and editing various files in your boot disk, thus easily understanding and bypassing various security barriers. This is also the biggest security loophole inherent in MS-DOS itself, and even the biggest security weakness of all Microsoft systems. This problem is generally very difficult to solve. The solution I can think of is to make an encrypted and compressed DOS boot disk image, and after BIOS booting, call a certain boot tool to read and load this image to boot the system, but I haven't learned yet which boot tool can read the encrypted and compressed image.

For the current protection measures, I only provide the following suggestions:

1. In config, break.sys and boff in autoexec need only one to be sufficient, and it's up to you to decide which one to choose;

2. The restart prompt after booting seems inconsistent with the original system, and careful people will see the problem.

In addition, the security of doskey has also been tested, and 1-10 are effective except 7. It should be noted that 1 and 7 will directly clear all macro commands, while 2-10 only delete the doskey macro command, and as long as it is deleted, it's much simpler to use doskey -r or doskey del= to clear other macro commands.

[ Last edited by willsort on 2006-2-25 at 13:37 ]