(Skip to bottom for challenge)
Schools always seem to be places where IT is incompetent and and things never work as well as they're supposed to. I just finished high school, and also have come from one of the worse computer security systems I've seen over the years. Here's how their security worked: everything was locked down. That is, no right clicking on the desktop or the taskbar, minimal start menu, no browsing the C: drive (not even through shortcut), no storing EXEs, Word, Excel, PowerPoint, scripts, etc. on the student drive... you get the idea. Unless you mess with computers frequently, the best you can do is use Chrome and run a few school-approved apps. Of course, you could plug in a USB drive on the few computers that had unlocked cabinets.
I did some research on what the various lockdown techniques were, and how they were applied. Turns out most of them were policies, and a number of them are defined as registry keys in HKCU. Now that made things easier, because the user has access to HKCU all the time. I wrote a quick AutoIt script to delete the policies, and presto! the computer was more or less unlocked. Now, that had to be run from a USB stick, and not every computer you can plug one in. So the next year, I decided to write some sort of script that wasn't blocked so I can run it quickly from the student drive. Turns out, out of all the script types that were blocked, HTA was not. Not sure what those IT people were thinking, but HTA is a nice vector for VBA and JavaScript code. So for the first month, I wrote a HTA script (completely at school, BTW), tested, made sure it worked, and stuck it inside my student share. For good measures, I obfuscated the code (which you will be decrypting). It's not tough obfuscation, and will take all of 5 minutes to reverse it, but I wagered that the IT people are too stupid to figure it out.
So, some exploration reveals a nice WTF. Apparently everyone is an admin on the computers. That means once the lockdown is removed, users can install/remove software, write to anywhere on the hard drive, change any registry keys, and all that good stuff. This is security by obscurity at its best. I took advantage by installing Visual C# on the few computers I regularly use so I can write random programs. To get by the file extension restrictions on the student share, I made a TrueCrypt container there and installed TrueCrypt whenever I needed it. Cleanup is easy (just delete the container), and if there was anything incriminating they wouldn't know about it.
Here's another WTF from the same school: they have a Googles Apps Site (Google Apps was a side effect of "cost cutting" switching from Microsoft Office, and it really sucked for most of the time it was there; the techs hid Office... by deleting their shortcuts) that had a whole bunch of IT info regarding the school. Although it was internal, it was accessible by anyone within the school division. That means not only techs, but all students, even those from different schools, can access it. There were calendars with what they plan on doing in the summer, usage diagrams for lab bookings, and some server hardware info. But the most interesting was the hardware database, which listed all the computers in the school, all monitors, printers, and peripherals, and repair records dating back to the late 90's. Amazingly, they also stored student accommodation info (for those who requested the use of computers for midterms), complete with name, teacher, course, and what room they were in. Some security by these people.
(Tip: if you want to prevent Faronics Insight from spying on you, get a third-party task manager, pause Student.exe, use services.msc to disable its service, and then kill the process. It'll try to restart, but fail every time. Some teachers don't know better that you've dropped off the radar.)
Other WTFs from previous schools:
-My elementary/junior high school had user folders set up in a common folder on their server. They were hidden using some Windows naming convention involving '$'. Of course, they failed to secure the folders, and as long as you knew someone else's login name, you can do whatever you want to their files.
-In grade 2 I asked my computer teacher why the lab Macs were so slow. She replied that the computers probably had viruses or something, whatever. (The same teacher also taught music, and had the class give me a round of applause when I showed her how to use the Repeat button.)
So, the decrypt this code challenge:
This link is to the "release" version of my lockdown remover. It's obfuscated. Your task is to deobfuscate it back to the original code. You can do it with such accuracy that I am supplying the MD5 and size of the source. First person to get it right gets one of my random programming projects (TBD). Upload it somewhere so I can check
Release file: http://dl.dropbox.com/u/29365870/FreedomDeliverer_release.hta
Source MD5: dfc6b72a58968c65f17c811c1f2a08a2
Source length: 2153 bytes