> Agreed - if your users are the least bit savvy, this trick will only buy you > 5 minutes while they search for the script decoder, but if they're of the > "where is the anykey?" variety, none of them will be any the wiser.
If you want to spare 5 minutes : http://www.interclasse.com/scripts/decovbe.php IMHO, it is not a good practice for security people to agree with a "low grade" solution such as this one. If you bless "script scrambling", you will be in trouble fighting against "1-byte XOR encryption", "enterprise-wide pre-shared keys" and "hardcoded passwords" ... Why don't you change the local administrator password remotely (using a WMI script for instance), or even lock down the local administrator account if your 500 computers are part of a Windows domain ? It would be much safer than giving away the local admin password in a script, moreover you cannot be sure that the logon script will run on *all* workstations in a given timeframe. Regards, - Nicolas RUFF Security Researcher @ EADS-CRC --------------------------------------------------------------------------- ---------------------------------------------------------------------------
