DosTips.com

A Forum all about DOS Batch
https://www.dostips.com/forum/

IFEO Tool - Block malicious EXEs from running in your machine

https://www.dostips.com/forum/viewtopic.php?f=3&t=9783

Page 1 of 1

IFEO Tool - Block malicious EXEs from running in your machine

Posted: 20 Sep 2020 05:50
by hacxx
IFEO Tool - Block malicious EXEs from running in your machine

I have developed this tool a few years ago and only recently i have made it available for download. Basically IFEO is the abreviation of Image File Execution Options, a registry key that allow the blocking of executables by name.

Here is the thread where it can be downloaded:
http://dubioushacker.xobor.com/t928623f ... chine.html

Here is the source code, i wonder if anyone has some tips on how to improve it...

Code: Select all

@echo off
@title IFEO Tool
:start
echo .....................................................
echo .                   IFEO Tool                       .
echo .                                                   .
echo .      Block EXEs from running in the machine       .
echo .                                                   .
echo .  (This program requires admin privileges to run)  .
echo .....................................................
echo (1) Add registry key                                .
echo (2) Remove registry key                             .
echo .....................................................
set /p choice=Choose what you like to do (1/2) : 
if "%choice%"=="1" goto 1
if "%choice%"=="2" goto 2
cls
goto start
:1
cls
echo .....................................................
echo .                   IFEO Tool                       .
echo .                                                   .
echo .      Block EXEs from running in the machine       .
echo .                                                   .
echo .  (This program requires admin privileges to run)  .
echo .....................................................
set /p id1="Write EXE: "
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\%id1%" /v Debugger /t REG_SZ /d "ntsd -d" /f
pause
cls
goto start
:2
cls
echo .....................................................
echo .                   IFEO Tool                       .
echo .                                                   .
echo .      Block EXEs from running in the machine       .
echo .                                                   .
echo .  (This program requires admin privileges to run)  .
echo .....................................................
set /p id1="Write EXE: "
reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\%id1%" /f
pause
cls
goto start
Thanks

Re: IFEO Tool - Block malicious EXEs from running in your machine

Posted: 20 Sep 2020 10:34
by Compo
IMO, the entire thing is a waste of time done this way. It's too much effort to locate and invoke a batch file elevated, press on a number key, type a filename, press enter, press enter again, and then force close the cmd.exe window.

You'll only be adding executables which you know you have, so why not use a Windows Explorer Context Menu for it, right click on an executable file, and select 'Add to IFEO' or whatever you've allocated as the menu entry name.

Re: IFEO Tool - Block malicious EXEs from running in your machine

Posted: 20 Sep 2020 18:17
by hacxx
Great idea, i will try to implement a tool like that. Thanks
All times are UTC-06:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/