OSDev.org

Hello all . I am trying to write a simple password protection when the users starts it's computer it will display a message then prompt for a password if the password is valid it will load windows if not it will reboot.

So far i have implemented the part with the password and reboot if it's incorrect but i am not able to think of a method to load windows if the password is correct.How can i jump to the original MBR and execute it ... Please guide me...

Here is my bootloader it is written in NASM

Hello
instead of wasting your time programming a bootloader (unless you are currently interested in an hobby bootloader) you can:

Install grub.
Read these:
http://ubuntuforums.org/showthread.php?t=7353
http://www.gnu.org/software/grub/manual ... urity.html

Open Google and search for "grub password".

I'm not sure on the latest Windows, but back in the old days for winxp you can just chain-load it.
Check the detail on the wiki Bootloader

As other suggested, if your intent is password protection, you should consider existing boot manager like Grub, or configure with BIOS settings.
Password protected provided by MBR alone would provide very weak security unless you are looking for some academic excises.

ps. Is it just me, it hurts my eyes when seeing all codes in capital letters.

If am writing it for educational purposes not that it hasn't been done before.Thanks for your help but information i found on google doesn't help me...

I don't want to claim I have a solution but I can address you to:

Find info on wiki/forum/google:
- parse partition table
- relocate bootloader
- load windows partition bootsector

well, you have to know that:
There is a boot loader for the whole Hard-disk [Master Boot Record - MBR]. MBR exists at the first sector of Head 0 and Cylinder 0 of the disk [LBA: 0x00000000].
MBR contains:
1- Partition Table: 64 byte table with 4 entries with information about the four primary partitions.
2- boot loader code: that reads the partition table and determines which is the active partition.
3- boot signature 0x55AA.

You have to write a new MBR that will check for password, then read Partition table and load first sector of the active partition to 07C0:0000 and then a far jump...

Volume Boot Record VBR:
First sector of the active partition shall contain another boot loader that loads the operating system.

http://en.wikipedia.org/wiki/Master_boot_record
http://en.wikipedia.org/wiki/Volume_Boot_Record

I hope that helps you )

to make a successful MBR, it should relocate itself before loading anything to 07C0:0000

If it is just for Windows protection that you're writing a bootsector, then there's a utility known as 'syskey' equipped with Windows which can protect your Windows from unauthorized access.This means, without providing a password, you won't be able to even load the 'logon screen'. You can even configure 'syskey' to store your password to a floppy disk so that Windows won't start until this floppy is inserted.

Now since the case is different here, the shortest, yet complete answer you'll find, is chainloading. Just study on it and you're on your way.

Regards.

First of all thanks for trying to help me. Second thought i think i figured out a way for loading windows after the password prompt but i have trouble implementing it.Maybe you guys know my mistake.

[*]Write the MBR at 0/0/0 with my password proggy
[*]After the password is validated execute a routine that will load from sector 2 another prog at 200h
[*]jump to that memory location
[*]the program will load the MBR at address 0x7c00 located at sector 4 and then jump to 0x7c00 booting normaly...

I hope it makes sense... The problem i encountered is that i wrote a simple proggy that i stored on sector 3 but anythink doesn't happen here is the routine that loads it to the preffered address and the proggy that should print a character on the screen...
Proggy in NASM

From a security viewpoint:

Be aware that anyone present at the moment of boot can intercept the boot (e.g. by using a Knoppix CD etc.), read the MBR, and figure out your password with relative ease.

The usual approach would be to store a hash of the passwort. (User enters password, input gets hashed, hashes get compared.) However, that would require you to implement a cryptographic hash function within the MBR...

...and even then, anyone present at the moment of boot can intercept the boot, and install whatever (password-query-free) MBR he desires.

The commonly accepted mantra with regards to this is: If someone has physical access to your machine, there's very little you can do to keep your system secure. More esoteric stuff like TPA / Intrusion Detection etc. nonwithstanding.

opc0de wrote:First of all thanks for trying to help me. Second thought i think i figured out a way for loading windows after the password prompt but i have trouble implementing it.Maybe you guys know my mistake.

[*]Write the MBR at 0/0/0 with my password proggy
[*]After the password is validated execute a routine that will load from sector 2 another prog at 200h
[*]jump to that memory location
[*]the program will load the MBR at address 0x7c00 located at sector 4 and then jump to 0x7c00 booting normaly...

I hope it makes sense... The problem i encountered is that i wrote a simple proggy that i stored on sector 3 but anythink doesn't happen here is the routine that loads it to the preffered address and the proggy that should print a character on the screen...

Code: Select all

	MOV AH,0x02  ;what is wrong here i am not loading it to 200h i don't load the sector ok   i don't jump ok please help?? 
	MOV AL,1
	MOV CH,0
	MOV CL,2
	MOV DX,0x0080 	
	MOV BX,200h
	INT 13h
	CMP AH,0
	JNE Done
	MOV AX,200h
	PUSH AX
	RETF

Where is 'ES' pointing to?

Proggy in NASM

Code: Select all

[BITS 16]

[ORG 200h]

Start:

	MOV AL,'A'
	MOV AH,0x0E
	MOV BH,0x04
	MOV BL,0x10
	INT 0x10

times 512 - ($ - $$) DB 0

This looks ok.

A bit off topic but,

This remind me back in the school days, I store data (hmm, games) in the gap between partitions in school computer.
and I wrote a TSR which require a valid token to map / activate the drive (the token translate into CHS of hidden data so there was no comparison )

The security measure is that don't let anybody know such a thing exists :p

So, for you case you may just hang the computer as if no operating system was installed,
and only kick in the security and ask for password if a special key is pressed during boot.

bluemoon wrote:So, for you case you may just hang the computer as if no operating system was installed,and only kick in the security and ask for password if a special key is pressed during boot.

This seems a convincing a way to specialized protection.However...

I noticed that 'Protecting Windows with password' is nothing more than an excuse for writing a bootloader. As I've already mentioned that there are several possible ways for 'Protecting Windows' and as Solar mentioned even the 'MBR protection' can be cracked.
So I'd suggest the OP to try something more fruitful than this. Of course, I don't mean to forbid him for writing a 'bootloader' but a better approach would be just awesome.

Cheers.

opc0de wrote:First of all thanks for trying to help me. Second thought i think i figured out a way for loading windows after the password prompt but i have trouble implementing it.Maybe you guys know my mistake.

[*]Write the MBR at 0/0/0 with my password proggy
[*]After the password is validated execute a routine that will load from sector 2 another prog at 200h
[*]jump to that memory location
[*]the program will load the MBR at address 0x7c00 located at sector 4 and then jump to 0x7c00 booting normaly...

I hope it makes sense... The problem i encountered is that i wrote a simple proggy that i stored on sector 3 but anythink doesn't happen here is the routine that loads it to the preffered address and the proggy that should print a character on the screen...

Code: Select all

	MOV AH,0x02  ;what is wrong here i am not loading it to 200h i don't load the sector ok   i don't jump ok please help?? 
	MOV AL,1
	MOV CH,0
	MOV CL,2
	MOV DX,0x0080 	
	MOV BX,200h
	INT 13h
	CMP AH,0
	JNE Done
	MOV AX,200h
	PUSH AX
	RETF

Proggy in NASM

Code: Select all

[BITS 16]

[ORG 200h]

Start:

	MOV AL,'A'
	MOV AH,0x0E
	MOV BH,0x04
	MOV BL,0x10
	INT 0x10

times 512 - ($ - $$) DB 0

Good work man my comments:
1- I agree with Chandra, you need to mov ES, 0.
2- Check if u really stored it on sector 2, you say:

The problem i encountered is that i wrote a simple proggy that i stored on sector 3

3- You don't need to put another MBR on Sector 4, your program can just check partition table and load the boot sector of the active partition directly and fast.

Regards,

I am making progress i succeded in loading the other program from the sector 2 and load it now the problem is that it doesn't work correctly how to fix it i am using the following implementation to load the program in memory
and the program wich is loaded is this i don't think the ORG directive is correct but what should i put there if it's loaded at 0x1000:0x0000 ?