Total_newbie

I'm using version v.1.8.4

Hi Jos, I think you spotted the problem. I have a scriptfile.ini which I read some config from it. I tried to create an Autoit section there with the UseAnsi info but still not working. Any other tip? thanks

Thanks Jos and Zedna for the tip. But even after changing the wrapper ini file I'm still receiving the same message when compiling my script. Is there anything else I should check?Thanks

thanks Jos. Can I change it and use for every script compilation or there is any special situation where I should remember that I've set the Wrapper to use ANSI?

Hello gurus, I'm receiving this error message now when compiling my script "Warning: This is an Unicode compiled script and will not run on Win9x/ME". the problem is that I believe that will be using this script in Win98 or ME. any workaround? Thanks

Hi Dale, I decide to play a little bit with IE.au3 and was trying the example 5 of the help. However I cannot submit the form after insertig the filename in the form. Any clue? CODE#include <IE.au3> $oIE = _IECreate ("http://10.0.0.108/cgi-bin/upload_form.cgi") $oForm = _IEFormGetCollection ($oIE, 0) $oInputFile = _IEFormElementGetObjByName ($oForm, "x_filename") _IEAction($oInputFile, "focus") $hIE = _IEPropertyGet($oIE, "hwnd") ControlSend($hIE, "", "Internet Explorer_Server1", "example.au3") $osubmit = _IEFormElementGetObjByName ($oForm, "Submit") _IEAction($osubmit, "click") _IEAction($oIE, "visible")

Hi Dale, you are right. I added the following line $oHttpRequest.setRequestHeader ("Content-Type", "multipart/form-data") and now it's complaining about the boundary parameter which should look like this ";boundary=---------------------------7d71f2d701e2". Based on some documentation that I read this information is generated automatically as well as the "Content-Lenght" parameter. Now I'm trying to find out how do I generate and pass that to my script. Any clue?

Hi all, I'm trying to post a binary file using WinHttp.WinHttpRequest.5.1 and the POST method. CODE $sUrl = "http://192.168.0.1/cgi-bin/upload_file.cgi" $PostData="executable.exe" ConsoleWrite($PostData) $oHttpRequest = ObjCreate("WinHttp.WinHttpRequest.5.1") $oHttpRequest.Open ("POST", $sUrl, False) $oHttpRequest.setRequestHeader("Connection", "Keep-Alive") $oHttpRequest.setRequestHeader("Referer", "http://192.168.0.1/cgi-bin/upload_file.cgi") $oHttpRequest.Send ($PostData) Since it's not working, I sniffed the traffic and got the following message by the time I was uploading the file. Can anybody point me to the documentation where I can see what this boundary variable should contain? HTTP Protocol - The multipart dissector could not find the required boundary parameter Thanks

That worked. I didn't know I had to wait for the window to become active. Thanks

Hi all, I'm trying to do the basic of testing if a Windows is active. The windows title would looks like "HexEdit - C:\filename.pst" but even activating the windows I still get the same error of Window not Active. Anybody could help me? Thanks CODE $message = "Please select PST file that you want to recover." $var = FileOpenDialog($message, "C:" & "\", "PST files (*.pst)", 1 + 4 ) Run("hexedit.exe " & $var) If WinActive("HexEdit - "& $var) Then MsgBox(0,"Windows","Active") ;ConsoleWrite ("OK" & @CRLF) Else MsgBox(0,"Windows","not active") ;ConsoleWrite("Windows is not active") EndIf

Hello dreadwolf2k, I am facing the exat problem. Do you know how to fix it? Thanks a lot. Regards,

Hi guys,I tried the options suggested by lod3n of encrypting every string before writing to file but got some problem with the crypto.au3 or DLLstruct.au3. here is my code CODE#include <crypto.au3> $password= "a" $file="file.enc" $linecounter=1 Func _WriteLine($text) ConsoleWrite("Text:" & $text & " Line coutner: "&$linecounter&@CRLF) $text=_EncryptString($text&@CRLF,$password) If FileWriteLine($file,$text Then $linecounter=$linecounter+1 If $linecounter>5 then ConsoleWrite("Counter exceeded maximum number of lines that it can write(5)=" & $linecounter&@CRLF) Exit EndIf EndFunc _WriteLine("test1") _WriteLine("test2") _WriteLine("test3") _WriteLine("test4") _WriteLine("test5") _WriteLine("test6") _WriteLine("test7") I have attached the error that I'm receiving. Strange enough the function is definitely there in crypto.au3 :-(. Thoughts? Regards, crypto_au3_error.bmp

thanks bert. I'm actually using it but it only works in the cases I mentioned before. when the script is killed I can't run the function that I want. I think the best option would be encrypting each text string...testing right now :-)

Sounds like a plan. I will check it slows down the script or any other side effect.thanks a lot lod3n

Hi, I'm writting a script that will encrypt the log whene exiting. It works ok if I close the script or when the script finishes Is there anyway to run a exit(encryption) script when the script is killed via taskmanager or pskill.exe? Thanks Total_newbie

Thanks for your help. It's working now with both your and MSCreatoR suggestions.

Hi all, I was wondering if there is a easy way of having the same functionality of "ConsoleWrite" (writing the defined data to the screen in a way you can see the history). I'm playing with GUICtrlCreateEdit and GUICtrlSetData but what is currently happening is that I have the previous data replaced by the new data so I can effectivelly only see the last data that I want to show in my GUI. Any idea? Thanks

Thanks a lot guys.

oops. Yes sorry. Just fixed it. Even though the problem remains :-(. Any idea if I would need to do something to have the function properly run and returning control to the GUI? thanks for your time reading this.

HI all, I'm trying to call a script (included) to execute a function and then return to the GUI. However the function doesn't run properly when called from a GUI. If I just Run from another script it works fine. Do I need to do something else to make sure a function called from a included script runs properly and when finished return control to the GUI? Please see my code below: CODE;scriptname: slave.au3 ;function used to run commands Func _RunCommand($command,$tool) if $debug=1 then ConsoleWrite(" Starting " & $tool & @CRLF) $ourproc = Run(@ComSpec & " /c " & $command, "", @SW_HIDE,$STDERR_CHILD) While 1 $line = StderrRead($ourproc) If @error Then ExitLoop ConsoleWrite(" [X] WARNING: " & $line) Wend EndFunc ;scriptname=master.au3 #include <slave.au3> #include <GUIConstants.au3> #include <Constants.au3> $mainwindow = GUICreate("Livelab Tool", 400, 300) GUISetOnEvent($GUI_EVENT_CLOSE, "_CloseClicked") $button = GUICtrlCreateButton("Run", 20, 70, 80) GUICtrlSetOnEvent($default_scan, "_MainFunction") Func _MainFunction() ;Running NETSTAT $command = "netstat -a >> netstat-a.log" ; Run command that will schedule installation of agentmon.exe $tool="NETSTAT" _RunCommand($command,$tool) EndFunc

Hi, I have created a basic GUI(master.au3) which contains a button that calls a specific function from a Include file(slave.au3). The problem is that the execution of the command netstat -a >> netstat-a.log hangs, apparently doesn't run properly and also does not return control to the GUI. I made a test where I call the same function from the included script using one main script and it works perfectly. I think I'm missing something regarding the GUI piece. Can somebody help me? Thanks Below are the two codes that I'm using. ;scriptname=master.au3 Opt("GUIOnEventMode", 1) #include <slave.au3> #include <GUIConstants.au3> $mainwindow = GUICreate("Livelab Tool", 300, 200) GUISetOnEvent($GUI_EVENT_CLOSE, "_CloseClicked") GUISetState(@SW_SHOW,$mainwindow) $button = GUICtrlCreateButton("Run", 20, 70, 80) While 1 Sleep(1000) ; Idle around WEnd GUICtrlSetOnEvent($button, "_MainSlave") Func _CloseClicked() Exit EndFunc ;scriptname: slave.au3 #include <Constants.au3>; Required for $STDERR_CHILD use Func _RunCommand($command,$tool) ConsoleWrite(" [i] Starting " & $tool & @CRLF) $ourproc = Run(@ComSpec & " /c " & $command, "", @SW_HIDE,$STDERR_CHILD) While 1 $line = StderrRead($ourproc) If @error Then ExitLoop ConsoleWrite(" [X] WARNING: " & $line) Wend EndFunc Func _MainSlave() Consolewrite("This is the _MainSlave function") ;Running NETSTAT $command = "netstat -a >> netstat-a.log" $tool="NETSTAT" _RunCommand($command,$tool) EndFunc

Hi SpookMeister, you are correct with your forensic statements. I have actually finished the script to run from the FlashDrive(which will leave only the trace of the flashdrive recognition). There are some other scenarios where I still need to have the script to be self-contained but looks like I will need to spend more time trying to write some other scripts that will do the job for me. thanks guys for your inputs.

Hi SmOke_N, the legitimate reason is live forensic investigation where we should not install any file in the infected machine. so if I send my autoit script that will run listdlls.exe (sysinternals), it's actually running from within the script and not from a file copied to the malware infected machine. If there is no other way I will need to find another way of doing it :-)

thanks for the reply Saldous, But I'm looking for a solution where somehow I can run a .exe without installing/copying the exe to the destination machine. Maybe some function that packs the exe inside my script and I can run from inside it without copying any data to the destination machine. tks

Hi dragonlord, I need to do the same. I can do it easily with other .au3 by using #include <scriptname.au3> but I can't do it with .exe. Did you find a way to do it? thanks