Sign in to follow this  
Followers 0
PeterAtkin

Dynamic Read/Write Array from .ini [solved]

9 posts in this topic

#1 ·  Posted (edited)

I am trying to make a generic array reader / writer for .ini files this is for use within my logon script.

I currently have several read array function that I would like to bring into one function they all do the same thing just using different sections of the .ini file.

The code below is a working section, what I seem to be having issues with is;

Execute($str_var1 = $var[$i][0])
Execute($str_var2 = $var[$i][1])
As I have understood it if I use the Execute function I should be able to treat text as a variable? as below but this does not seem to be the case.

So I have commented these out just so I can move on with the programme, but would really like to get this solved as it would simplify the code / script tremendously.

$var_malware = generic_read_array(@ScriptDir & "\malware.ini", "Malware", "$malware[$i][0]", "$malware[$i][1]")
scan_malware($var_malware)

Func generic_read_array($vars_file, $ini_section, $str_var1, $str_var2)
    Local $var
    If FileExists($vars_file) Then
        $var = IniReadSection($vars_file, $ini_section)
        ConsoleWrite(@CRLF & ">>>> " & $ini_section & " <<<<" & @CRLF & @CRLF)
        If @error Then
            $error_code = 1
            ;MsgBox(1, "Section does not exist", $ini_section)
            _put_event(1, "The INI file " & $vars_file & " may not exist or the section [" & $ini_section & "] within may not exist", @error)
        Else
            For $i = 1 To $var[0][0] Step 1
                $malware[$i][0] = $var[$i][0]
                $malware[$i][1] = $var[$i][1]
                ;Execute($str_var1 = $var[$i][0])
                ;Execute($str_var2 = $var[$i][1])
                ConsoleWrite($var[$i][0] & " = " & $var[$i][1] & @CRLF)
            Next
            $nobj = $var[0][0]
            Return $nobj
        EndIf
    Else
    EndIf
EndFunc ;==>generic_read_array

Anyone any ideas.. Hope I been clear in this..

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites



A few problems with your script:

* The ConsoleWrite on line 8 will mean @error will not be set anymore on line 9, even if IniReadSection failed.

* In your for loop you're copying the entire array $var to $malware without any reason to do so.

* $malware is never declared. It would need to be declared as an array of the same size as $var.

* It's unlear what you are trying to do with the execute.

At the moment it looks like you're trying to overwrite the passed variables with the contents of $var multiple times, but that would make it useless to pass that variable in the first place, and you never do anything with those variables afterwards.

I am guessing your Inifile contains some commands that have to be executed, which can be done by just using Execute($var[$i][1])

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Sorry this was just a snippet of the specific code I am having issues with, what I am trying to do is..

Allow dynamic (if that the right word) change of the ($str_var1 and $str_var2] to represent the desired that I want variables/array that I wish to update in this case ($malware[$i][0] and $malware[$i][1]) as I had understood it using the execute function would have allowed me to do this.

Currently this script works fine, the issue I believe is my inability to understand the right way of doing this.

I have attached the logon script just so you can see the bigger picture but would like to focus on this issues at the present as everything else works.

The spoiler has a sample of the malware.ini contents within.

[Malware]

$sys$DRMServer.exe = XCP DRM

afinding.exe = AdClientDl A

AntiVirGear 3.8.exe = AntiVirGear

antvrs.exe = Win32/SillyDl.EMX

AUTOUPDATE.EXE = AproposMedia

av2009.exe = Spyware Antivirus 2009

B2BUpdate.exe = B2BUpdate

bargains.exe = Bargain Buddy

BLOCK-CHECKER.EXE = BLOCK-CHECKER

BO1HEL~1.EXE = Butterfly Oasis Screensav...

CDProxyServ.exe = XCP.Sony.Rootkit

cmesys.exe = GAIN / Gator

cool.exe = cool.exe

cproc.exe = cproc.exe

crss.exe = Part of W32.AGOBOT.GH Crss.exe is a process forming part of the W32.AGOBOT.GH worm

ctfmon.exe = ctfmon.exe - threat

CXTPLS.EXE = AproposMedia

DateManager.exe = Gator adware

DC6cw.exe = DC6cw

dcmon.exe = SystemDoctor 2006 Free

dcsm.exe = DriveCleaner

desktop.exe = Desktop Search

dllhost.exe = Possible Virus

DNSE.exe = DriveCleaner Free

DSSAGENT.EXE = Broderbund DSSagent

flashget.exe = FlashGet

FreezeScreenSaver.exe = FreezeScreenSaver

gamevance32.exe = Gamevance

icmntr.exe = Zlob Trojan

Icon.exe = icon.exe

istsvc.exe = IST adware/hijacker

lsasss.exe = W32/Sasser.E Worm

lssas.exe = Optix.Pro trojan

m3IMPipe.exe = MyWebSearch

mrofinu1188.exe = VirusprotectPro

mrofinu572.exe = Trojan-Downloader.Win32.A...

msasvc.exe = Microsoft authenticate se...

msnmsgr.exe = Win32.Agobot.AGM

nvcpl.exe = Part of W32.SpyBot.S Worm Nvcpl.exe is a process which is registered as the W32.SpyBot.S

qttask.exe = Win32.Drugtob

rlvknlg.exe = Relevant Knowedge

scvhost.exe = Part of W32/Agobot-S virus The scvhost.exe file is a component of the W32/Agobot-S virus

SearchSettings.exe = Search Settings

slsk.exe = soulseek

soproc.exe = soproc

Srv.exe = Zango Search Assistant

StillMnt.exe = StillMnt.exe

stm.exe = PCPrivacy Tool (CA)

stopthepop.exe = stopthepop

spooldr.sys = The Trojan.Packed.13 is a malicious process that is distributed through Glossary Link spam known as Peacomm.

strpmon.exe = SafePCTool (CA)

svdhost.exe = Win32/Lioten.GG

svehost.exe = WORM_SPYBOT.H

svhost.exe = Part of W32.Mydoom.I@mm Svhost.exe is a process which is associated with the W32.Mydoom.I@mm worm

svrse.exe = W32/IRCbot.gen.a!a38744c9...

Sync.exe = WhenU ClockSync

tbon.exe = Best Offers

TSADBOT.EXE = Conducent

udcpas.exe = DriveCleaner

udcsdr.exe = DriveCleaner

USS.exe = USS.exe Trojan

VistaDrive.exe = VistaDrive

WeatherStudio Desktop.exe = WeatherStudio Desktop

webbuying.exe = Web Buying

webrebates.exe = Win32.Agent.bf

wfxcwr.exe = WinFixer

wfxqhv.exe = wfxqhv.exe

whagent.exe = Webhancer

whse.exe = WhenUsearch Bar

whSurvey.exe = WebHancer

winable.exe = TROJ_AGENT.AAWZ

WinAV.exe = Win32/WinSoftware.WinAnti...

windupd.exe = Downloader.Bancos!gen

WinForm.exe = Adware, WinForm.exe and WinFormKeep.exe run together

WinFormKeep.exe = Adware, WinForm.exe and WinFormKeep.exe run together

winlog.exe = W32/Agobot-LF

winsys2.exe = winsys2

wserving.exe = AdClientDl A

WSup.exe = HuntBar

WToolsA.exe = HuntBar

WToolsS.exe = HuntBar

Xhrmy.exe = LinkTracker spyware

xpupdate.exe = xpupdate.exe

xpuupdate.exe = Oneraw BN

zango.exe = Zango / 180Search

ZangoSA.exe = Zango Search Assistant

ZbSrv.exe = Zango

This is the vars.ini file

[Computer Facilities]

url = www.computer-facilities.com

e-mail = support@computer-facilities.com

tel = 0414-533784

[Group Printers]

; Group = Printer \\host\printer share name

Domain Users = \\dc-pri-cfu\hp4250n

Core = \\dc-pri-cfu\hp4700n

[Domain Users]

p: = \\NSA-Core\Public

[core]

; drive and share in this format x: = \\host\share

x: = \\NSA-Core\core

q: = \\NSA-Core\quickbooks

t: = \\NSA-Core\clients

u: = \\NSA-Core\suppliers

n: = \\NSA-Core\localcoms

[engineers]

s: = \\NSA-Core\source

w: = \\NSA-Core\quotewerks

[Domain Admins]

s: = \\NSA-Core\source

r: = \\dc-pri-cfu\Remote Installs

[peter]

k: = \\temp\download

j: = \\temp\work

m: = \\temp\music

[Groups]

; as default a global group is used that should have all users that are allowed to use this script in.

; the default group name is the 'Domain Users' this group will also need to be added within this as per groups below.

1 = Domain Users

2 = core

3 = Domain Admins

4 = Engineers

5 = quoteworks

[settings]

; Verble welcome but is switched off when in 'RDP' or 'nComputing' session

voice_welcome = No

homebase = \\CF-NAS1\user$\

homebase_drive = h:

homebase_post =

tempfile_clean = Yes

IE_clean = Yes

empty_bins = Yes

Company = Computer Facilities

Splash = No

Diags = 0

Hope this is more en-lighting

logon.au3

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

I'm still pretty confused about this, but It looks like you're trying to do this:

Execute($str_var1 & " = $var[$i][0]")
;Equals
Execute("$malware[$i][0]" & " = $var[$i][0]")
;Equals
Execute("$malware[$i][0] = $var[$i][0]")
;Equals
$malware[$i][0] = $var[$i][0]

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

Wow would never have guessed that, i have a go and get back. The reason for this is to simply my code, I have several function like this and the only difference is that the variable for the array changes, seems just a bit clumsy to have a new function every time I need to read data into a different array.

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Yes just looked at the code, this will not work and has not Execute($str_var1 & " = $var[$i][0]") should work logically (maybe) but unfortunately does not update the array that ($str_var1) point to in this case ($malware[$i][0])..

As said before a I have several routine/functions withing the same script that do very similar jobs it's only the array names that changes, I would like to avoid repetition if possible.

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

You might want to use Byref. Here's an example:

#include<array.au3>
Local $aSomeName[20]
_AddToArray($aSomeName) ;arrayname is passed as a parameter
_ArrayDisplay($aSomeName) ;the data is added to the array you passed.

Func _AddToArray(ByRef $array)
    Local $aData[4] = [1,2,3,4] ;this is the data you want to give to the array you passed. Could be the result of IniReadSection for example.
    For $i = 0 To 3
        $array[$i] = $aData[$i]
    Next
EndFunc

Share this post


Link to post
Share on other sites

Thanks Tvern,

I tried to incorperate your suggestion but seems I cannot find where I am going wrong, the below script should be self contained except for the above malware.ini file, I get an error malware.au3 (45) : ==> Subscript used with non-Array variable.:, while I understand the error I do not understand how to solve it..

#include<array.au3>

Global $malware[499][2], $str_var1[499][2], $str_var2[499][2]

$var_malware = generic_read_array(@ScriptDir & "\malware.ini", "Malware", $malware[0][0], $malware[0][0])
scan_malware($var_malware)

Func scan_malware($var_malware)
    For $mw = 1 To $var_malware Step 1
        Local $mwf = 0
        If ProcessExists($malware[$mw][0]) Then
            ProcessClose($malware[$mw][0])
            Switch @error
                ;_put_event(1, "Kill Process Faile [" & $malware[$mw][0] & "] failed to terminate hostile process, you may need Administrator rights", @error)
                Case 1
                    MsgBox(11, "OpenProcess Failed", "Process [" & $malware[$mw][0] & "] failed to terminate hostile process, call support")
                    ConsoleWrite("OpenProcess Failed [" & $malware[$mw][0] & "] you may need Administrator rights")
                Case 2
                    MsgBox(11, "AdjustTokenPrivileges Failed", "Process [" & $malware[$mw][0] & "] failed to terminate hostile process, call support")
                    ConsoleWrite("AdjustTokenPrivileges Failed [" & $malware[$mw][0] & "] you may need Administrator rights")
                Case 3
                    MsgBox(11, "TerminateProcess Failed", "Process [" & $malware[$mw][0] & "] failed to terminate hostile process, you may need Administrator rights")
                    ConsoleWrite("Terminate Process Failed [" & $malware[$mw][0] & "]" & @CRLF)
                Case 4
                    MsgBox(11, "Cannot verify if process exists", "Process [" & $malware[$mw][0] & "] failed to terminate hostile process, call support")
                    ConsoleWrite("Cannot verify if process exists [" & $malware[$mw][0] & "] you may need Administrator rights")
            EndSwitch
            $mwf = $mwf + 1
        EndIf
    Next
EndFunc ;==>scan_malware

Func generic_read_array($vars_file, $ini_section, ByRef $str_var1, ByRef $str_var2)
    Local $var, $i
    ;MsgBox(1,"Varibles", "Var1 :" & $var1 & @CRLF & "Var2 :" & $var2 & @CRLF & "Type :" & VarGetType($var2)& @CRLF & "str_var1 :" & $str_var1 & @CRLF & "str_var2 :" & $str_var2 & @CRLF & "Type :" & VarGetType($str_var2))
    If FileExists($vars_file) Then
        $var = IniReadSection($vars_file, $ini_section)
        ConsoleWrite(@CRLF & ">>>> " & $ini_section & " <<<<" & @CRLF & @CRLF)
        If @error Then
            $error_code = 1
            ;MsgBox(1, "Section does not exist", $ini_section)
            ;_put_event(1, "The INI file " & $vars_file & " may not exist or the section [" & $ini_section & "] within may not exist", @error)
        Else
            For $i = 1 To $var[0][0] Step 1
                $str_var1[$i][0] = $var[$i][0]
                $str_var2[$i][1] = $var[$i][1]
                ConsoleWrite($str_var1[$i][0] & " = " & $str_var2[$i][1] & @CRLF)
                ConsoleWrite("> " & $malware[$i][0] & " = " & $malware[$i][1] & @CRLF)
            Next
            $nobj = $var[0][0]
            Return $nobj
        EndIf
    Else
    EndIf
EndFunc ;==>generic_read_array

I'm really trying but seems I am missing something rather basic.. any nudge would be appreciated.


[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

OMG just solved by using ByRef as you suggested a much neater solution thanks.. just in case anyone else is interested here the working final script (snippet) you will need to include Array.au3 in your script to use this..

Func generic_read_array(ByRef $file_location, $ini_section, ByRef $array_ptr)
    #cs

    for: To read from any standard .ini files extract the settings from a paticulare section and
    then read values into 2D array, also will return total number of records stored within the section being read.

    usage: $var = generic_read_array($vars_file, "[Section]", $array)

    [$var] will contain a value equile to the total number of recoreds read, vey useful to know the number of valid
    recoreds within the the array

    variables:
    $file_location = ini file, to be used
    $ini_section = the section, to be used within the ini. file
    $array_ptr =    2D array that section variables to be put into, this will need to be declared before hand
    something like $users[99][2]

    #ce

    Local $var, $i
    If FileExists($vars_file) Then
        $var = IniReadSection($file_location, $ini_section)
        ConsoleWrite(@CRLF & ">>>> " & $ini_section & " <<<<" & @CRLF & @CRLF)
        If @error Then
            $error_code = 1
            ;MsgBox(1, "Section does not exist", $ini_section)
            _put_event(1, "The INI file " & $vars_file & " may not exist or the section [" & $ini_section & "] within may not exist", @error)
        Else
            For $i = 1 To $var[0][0] Step 1
                $array_ptr[$i][0] = $var[$i][0]
                $array_ptr[$i][1] = $var[$i][1]
                ConsoleWrite($array_ptr[$i][0] & " = " & $array_ptr[$i][1] & @CRLF)
            Next
        EndIf
    EndIf
    $how_many_records = $var[0][0]
    Return $how_many_records
EndFunc ;==>generic_read_array

Edited by PeterAtkin

[topic='115020'] AD Domain Logon Script[/topic]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0