Jump to content

Trying to grab a secure password from SecureID.exe

JosiahBruns
 Share

Recommended Posts

JosiahBruns Seeker

JosiahBruns

Posted
Posted

Basically I have been writing a program to log into routers on a very large network and execute a command that will return the rip route info for a duplicate ip.

The problem I am having is the routers use a password that changes every minute. we have a program called SecureId.exe which uses a token and my pin and generates an 8 digit password which is good for one minute.

ShellExecute("C:\Program Files (x86)\RSA SecurID Token for Windows\SecurID.exe")
    sleep(4000) ;replace with loop looking for active window.
    ControlSend("000107726678 - RSA SecurID Token","","pinText",$RSA_Pin & @CR)
    sleep(2000)

here is the data from the window info

>>>> Window <<<<

Title: 000107726678 - RSA SecurID Token

Class: QWidget

Position: 1209, 141

Size: 249, 174

Style: 0x16CF0000

ExStyle: 0x0000010C

Handle: 0x0000000000550C0E

>>>> Control <<<<

Class: QWidget

Instance: 4

ClassnameNN: QWidget4

Name:

Advanced (Class): [CLASS:QWidget; INSTANCE:4]

ID:

Text: passcodeText

Position: 56, 52

Size: 143, 31

ControlClick Coords: 37, 18

Style: 0x56000000

ExStyle: 0x00000004

Handle: 0x0000000000150E42

>>>> Mouse <<<<

Position: 1306, 234

Cursor ID: 0

Color: 0xFDFDE0

>>>> StatusBar <<<<

>>>> ToolsBar <<<<

>>>> Visible Text <<<<

Passcode:

28 seconds remaining

Copy button

Current code is 7037 6743

Close button

Minimize button

Options menu

Re enter pin button

000107726678

>>>> Hidden Text <<<<

Here is some things i have tried that haven't worked. with the resultant data commented below the attempt.

$RSA_Text = WinGetText("[TITLE:000107726678 - RSA SecurID Token]", "")
;~ @error = 0

;~ $RSA_Text Passcode:

;~ 60 seconds

;~ Copy butto

;~ Current code

;~ Close butto

;~ Minimize butto

;~ Options menu

;~ Re enter

;~ 000107726678

$RSA_Text = WinGetText("[class:QWidget]", "")

;~ @error = 0

;~ $RSA_Text

$RSA_Text = WinGetText("[class:QWidget4]", "")

;~ @error = 0

;~ $RSA_Text 0

$RSA_Text = WinGetText("[class:QWidget; instance:4]", "")

;~ @error = 0

;~ $RSA_Text

$RSA_Text = WinGetText("000107726678 - RSA SecurID Token", "")

;~ @error = 0

;~ $RSA_Text Passcode:

;~ 24 seconds

;~ Copy butto

;~ Current code

;~ Close butto

;~ Minimize butto

;~ Options menu

;~ Re enter

;~ 000107726678

$RSA_Text = WinGetText("RSA SecurID Token", "")
;~ @error = 0

;~ $RSA_Text

Any help would be appreciated.

Link to comment
Share on other sites
guinness Universalist

guinness

Posted
Posted (edited)

I would read the forum rules first, plus I don't think Security Dynamics would be happy with this question either.

Edited by guinness

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites
PsaltyDS Universalist

PsaltyDS

Posted
Posted (edited)

@guinness: It's a locally run app, not a big deal.

@JosiahBruns: You need to distinguish between identifying the window and the control. Based on what you showed, you might try: 

$sText = ControlGetText("[CLASS:QWidget; TITLE:RSA SecurID Token]", "", "[CLASS:QWidget; INSTANCE:4]")
See the help file for the correct usage of the parameters.

The QWidget class means it was compiled from Qt, so it might not respond to standard Windows API messages. That might lead you to set focus to the control and copy instead: 

$hWin = WinGetHandle("[CLASS:QWidget; TITLE:RSA SecurID Token]", "")
WinActivate($hWin)

$hCtrl = ControlGetHandle($hWin, "", "[CLASS:QWidget; INSTANCE:4]")
ControlFocus($hWin, "", $hCtrl)

Send("^a")
Send("^c")
$sText = ClipGet()

:mellow:

Edit: Oops - @LastHopeLost called it - changed from ControlSend() to Send() without fixing the parameters.

Edited by PsaltyDS
Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Link to comment
Share on other sites
LastHopeLost Seeker

LastHopeLost

Posted
Posted

@guinness: It is not a keylogger, it passes a generated security code that changes every sixty seconds. I use the same application at work and have thought of doing something similar. He isn't breaking any forum rules, and I don't think Security Dynamics will mind. They haven't existed in over 12 years...

@JosiahBruns: It seems that PsaltyDS is on the right track for that, but you only need to put the keystrokes in the Send() function. I think they copy/pasted from the ControlFocus by mistake. Anyway, you will probably have to macro keystrokes to get it to work right rather than try to interact with the window controls. Please post your solution when you find one so I don't have to reinvent the wheel... :mellow:

$hWin = WinGetHandle("[CLASS:QWidget; TITLE:RSA SecurID Token]", "")
WinActivate($hWin)

$hCtrl = ControlGetHandle($hWin, "", "[CLASS:QWidget; INSTANCE:4]")
ControlFocus($hWin, "", $hCtrl)

Send("^a")
Send("^c")
$sText = ClipGet()
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...