Hide some of the payload menu entries

Individual payload files can be made 'secret' and so will not be listed in the menu unless the user takes a special action (e.g. enters a password).
 
For instance, we could hide a WindowsToGo .VHD file and a confidential, licensed repair .ISO file so they are not listed in the Main Menu. However, if you know the secret, you can enable them so that they are all listed in the menu and you can use any of them.
 

We can stop any file from being listed as a payload in E2B by using a .txt file and the iftitle test feature. For instance, we can test for the environment variable 'SECRET' and if it does not exist then the menu entry will not be shown...

\_ISO\WNDOWS\WIN10\Win1032.txt

iftitle [if exist SECRET] Windows 10 English International (32-bit)\n My Secret ISO

We can set the SECRET variable using a hotkey + password.

In the example below, if you type CTRL+F9 (in any menu) then a blank screen will appear with a password prompt.

You can then type the password  EASY (in capital letters), and the hidden menu items will then magically appear in the E2B menus!

To make them disappear again, type CTRL+F9 again and press ENTER instead of entering the correct password. Or you could define a CTRL+F10 key to hide them all again more quickly (see below). Another alternative is to reload the Main menu again from the Main menu by pressing F8.

In addition, you could also set the Hidden and System Attributes to hide the files from Windows users.

Here is how to set this up...

1. Add this single line to your \_ISO\MyE2B.cfg file (if you don't have one already then start the MyE2B.cfg text file with !BAT as the first line). Change the password EASY (shown in red below) to whatever password you want to use...

()/%grub%/hotkey [Ctrl+F9] "clear && echo -e \nSecret Menu\n===========\n\n && set SECRET= && password EASY && set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul

For other variations, see the section below. We can use 'call Fn.70 3 ;; clear' to preserve the wallpaper background, or redirect the password prompt to > nul so it is not seen by the user, and even switch the wallpaper to a different one if the password was correct, etc.
 
Tip: Don't forget that you must also configure E2B for the correct keyboard - e.g. a password of 'easy' will not work if a QWERTZ keyboard is being used and E2B is set up for a US keyboard (see the \_ISO\Sample_MyE2B.cfg file for details on how to change the keyboard)! 
 
2. For each payload that you want to be hidden, create a .txt file (same name as payload) with an iftitle test for the SECRET environment variable as follows:
 
e.g. #1
\_ISO\WINDOWS\WIN10\Win10_1607_EnglishInternational_x32.iso
\_ISO\WINDOWS\WIN10\Win10_1607_EnglishInternational_x32.txt  - containing...
iftitle [if exist SECRET] Windows 10 English International (32-bit)\n My Secret ISO

e.g. #2
\_ISO\MAINMENU\WinToGo10.imgPTN
\_ISO\MAINMENU\WinToGo10.txt  - containing...
iftitle [if exist SECRET] Windows To Go 10\n My Secret WinToGo
 
e.g. #3
\_ISO\MAINMENU\WinToGo1064.VHD
\_ISO\MAINMENU\WinToGo1064.txt  - containing...
iftitle [if exist SECRET] Windows To Go 10 VHD\n My Secret WinToGo

Alternative hotkey prompts for MyE2B.cfg

 
Remove the ### comment characters from one or more of these lines:
 
# To hide a menu entry, create a .txt file of same filename as ISO and use:   iftitle [if exist SECRET] here is title\n here is help text
# Then define Ctrl+F9 and Ctrl+F10 hot keys (password is E2B)
# Ctrl+F9 - Clear menu with wallpaper and prompt user for password in German language, switch to blue wallpaper if success
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && echo -e -n \nPasswort:\x20 && set SECRET= ;; call Fn.5 0 128 ;; password E2B > nul && set SECRET=1 && splashimage /_ISO/docs/Templates/blue/blue.bmp.gz ;; configfile (md)0x3000+0xA0" > nul
# Ctrl+F10 - Reset pwd and background, reload menu
###()/%grub%/hotkey [Ctrl+F10] "set DONEMENU= ;; configfile /menu.lst" > nul
 
 
# No password - Ctrl+F9 shows secret items always
###()/%grub%/hotkey [Ctrl+F9] "set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul
 
# Blank screen (no wallpaper), heading and password prompt
###()/%grub%/hotkey [Ctrl+F9] "clear && echo -e \nSecret Menu\n===========\n\n && set SECRET= && password EASY && set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul

# Clear menu only - user just sees wallpaper and cursor
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear ;; set SECRET= && password EASY > nul && set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul

# Clear menu with wallpaper and prompt user for password
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && set SECRET= && password EASY && set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul
 
# Clear menu with wallpaper and prompt user for password in German language
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && echo -e \nPasswort\n\n && set SECRET= && password EASY > nul && set SECRET=1 ;; configfile (md)0x3000+0xA0" > nul

# Clear menu and prompt user for password, change background if successful to GreatLakes.bmp
###()/%grub%/hotkey [Ctrl+F9] "call Fn.70 3 ;; clear && set SECRET= && password EASY && set SECRET=1 && splashimage /_ISO/GreatLakes.bmp ;; configfile (md)0x3000+0xA0" > nul
 
# Reset (quick) No password - Ctrl+F10 hides secret items always - does not change wallpaper
###()/%grub%/hotkey [Ctrl+F10] "set SECRET= ;; configfile (md)0x3000+0xA0" > nul

 

.txt file for 64-bit files

Use this if you don't want to see any menu entry on a 32-bit system (for use with 64-bit payload files)

iftitle [checkrange 2,3 is64bit && if exist SECRET] Windows 10 64-bit \n Only displayed on 64-bit systems
 
 

Hide file enumeration

You can prevent the user from seeing the payload file names as they are enumerated/listed, by setting the redir variable - see here for details.

You could also set the Hidden and System Attributes to hide the files from Windows.