Sign in to follow this  
Followers 0
rcmaehl

User Detection

15 posts in this topic

I need a few ways to detect if the computer a script is running on is a shared computer. Like: User Count, Login Server, Access Restrictions. I'm trying to secure my script from abuse on shared computers using shared computer detection.


My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

So far I have:

;
; AutoIt Version:   3.0
; Language:         English
; Platfrom:         Win9x/NT
; Author:           Robert C. Maehl (rcmaehl@aol.com)
; Thanks to:        Jos & UEZ on Autoit Forums
;
; Function:
;   Detects if computer is a shared computer,
;   useful for detecting if the computer is a
;   school or work computer.
;
; Return Value:
;   Higher Return Value means the computer is
;   more likely a shared computer.
;

Func _IsPCShared()
    ; Clear Return Value
    $Return = 0
    ; Detect if Non-standard Home Drive
    If Not (@HomeDrive = "C:") Then $Return += 1
    ; Detect if the user doesn't log on to Localhost
    If Not (@LogonServer == "\\" & @ComputerName) Then $Return += 2
    ; Check to see if a Log on Domain exists
    If Not (@LogonDomain = "") Then $Return += 4
    ; Check if the drive the script is running on is not local
    If DriveGetType(@ScriptDir) <> "Fixed" Then $Return +=8 ; Thanks to UEZ for this.
    ; Return Return Value
    Return $Return
EndFunc
Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

Id imagine if you keep bumping your threads without waiting 24 hrs you might get something you dont want, possibly a warning.

You have been here a while now so you should know

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

It does look as though you're trying to bump. I've stared at that function for 10 minutes and I'm still scratching my head at how this is achieving what you set out to find. Perhaps this is a better approach >>

#AutoIt3Wrapper_Au3Check_Parameters=-d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6 -w 7
#include <WinAPIEx.au3>

ConsoleWrite(_IsShared(@ScriptDir) & @LF)

Func _IsShared($sFileName)
    Local Const $SFGAO_SHARE = 0x00020000
    Local $iAttributes, $tSHFILEINFO

    $tSHFILEINFO = DllStructCreate($tagSHFILEINFO)
    _WinAPI_ShellGetFileInfo($sFileName, $SHGFI_ATTRIBUTES, 0, $tSHFILEINFO)
    $iAttributes = DllStructGetData($tSHFILEINFO, "Attributes")
    Return BitAND($iAttributes, $SFGAO_SHARE) > 0
EndFunc   ;==>_IsShared

But I would have a look at TCP/UDP and/or WM_COPYDATA and/or _Singleton(), though I've never wanted to limit my programs :mellow:

Edited by guinness

_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

@guinness What I'm trying to achieve was to see if the computer was shared, as in a school computer or work computer. so far I have the code below, but only checking for 3 things that COULD indicate a shared computer might not be too accurate, so I need some more ideas/suggestions for more ways to check.

;
; AutoIt Version:   3.0
; Language:         English
; Platfrom:         Win9x/NT
; Author:           Robert C. Maehl (rcmaehl@aol.com)
; Thanks to:        Jos & UEZ on Autoit Forums
;
; Function:
;   Detects if computer is a shared computer,
;   useful for detecting if the computer is a
;   school or work computer.
;
; Return Value:
;   Higher Return Value means the computer is
;   more likely a shared computer.
;

Func _IsPCShared()
    ; Clear Return Value
    $Return = 0
    ; Detect if Non-standard Home Drive
    If Not (@HomeDrive = "C:") Then $Return += 1
    ; Detect if the user doesn't log on to Localhost
    If Not (@LogonServer == "\\" & @ComputerName) Then $Return += 2
    ; Check to see if a Log on Domain exists
    If Not (@LogonDomain = "") Then $Return += 4
    ; Check if the drive the script is running on is not local
    If DriveGetType(@ScriptDir) <> "Fixed" Then $Return +=8 ; Thanks to UEZ for this.
    ; Return Return Value
    Return $Return
EndFunc
Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

May I ask why I should use Parenthesis with If statements? Is it faster, better syntax, easier to read, preferred by coders/developers, etc.?


My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

May I ask why I should use Parenthesis with If statements? Is it faster, better syntax, easier to read, preferred by coders/developers, etc.?

The paranthesis are not for the If statement but for the Not operator. If you put the expression into paranthesis then the whole expression is evaluated before the Not operator checks if the result is True or False.

In your example AutoIt checks if @HomeDrive is true or False (necessary conversions are done behind the scene). Then the result is compared with "C:"

Just do this little test:

$sHomeDrive = "C:"
If Not $sHomeDrive = "C:" Then
    ConsoleWrite("is not C:" & @LF)
Else
    ConsoleWrite("Is C:" & @LF)
EndIf
If Not ($sHomeDrive = "C:") Then
    ConsoleWrite("is not C:" & @LF)
Else
    ConsoleWrite("Is C:" & @LF)
EndIf

Set $sHomeDrive = "C:". The result is:

Is C:

Is C:

Set $sHomeDrive = "X:". The result is:

Is C:

is not C:

So your code would return an invalid result.

When more than one operator is used in an expression (in your case Not and =) the order in which things happen is controlled by operator precedence. This can be found in the help file under Language Reference -> Operators.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

rcmaehl.

I don't know about others. But if you ask a question and you get a clear answer. I think is a good thing to show you got it. Kinda like a alternative 'Thanks'.


"Straight_and_Crooked_Thinking" : A "classic guide to ferreting out untruths, half-truths, and other distortions of facts in political and social discussions."
"The Secrets of Quantum Physics" : New and excellent 2 part documentary on Quantum Physics by Jim Al-Khalili. (Dec 2014)

"Believing what you know ain't so" ...

Knock Knock ...
 

Share this post


Link to post
Share on other sites

I don't know about others. But if you ask a question and you get a clear answer. I think is a good thing to show you got it. Kinda like a alternative 'Thanks'

Oh. I'm trying no to post like a 1 word reply even if it is just "thanks", as I've been sassed for it on a few other forums and even been banned from one because they said I "Bumped the thread" when I said thanks.


My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

I see. That sucks. Just remember not all forums are the same.

Don't think there is much change of something like that around here. Although, yea, 'one word' replay's are kinda short. Was personally thinking about a little bit more than that. :mellow:

Give all points some thought. Other than that 'Its not mandatory' if your not sure.

Edited by iEvKI3gv9Wrkd41u

"Straight_and_Crooked_Thinking" : A "classic guide to ferreting out untruths, half-truths, and other distortions of facts in political and social discussions."
"The Secrets of Quantum Physics" : New and excellent 2 part documentary on Quantum Physics by Jim Al-Khalili. (Dec 2014)

"Believing what you know ain't so" ...

Knock Knock ...
 

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

I'm using this check to see if the exe is called from remote:

#RequireAdmin
If DriveGetType(@ScriptDir) <> "Fixed" Then Exit Msgbox(16, "ERROR", "No remote call is allowed!", 30)

Br,

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites

I'm using this check to see if the exe is called from remote:

#RequireAdmin
If DriveGetType(@ScriptDir) <> "Fixed" Then Exit Msgbox(16, "ERROR", "No remote call is allowed!", 30)

Br,

UEZ

Thanks! Forgot that some shared computers use a remote/shared network drive for storage. This'll be really helpful.

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

Maybe you should focus more on what makes a PC a "shared PC" vs. a "workstation". Is it the number of users accounts registered? Is it that it belongs to a specific domain?

Counterpoint: any PC with a couple of registered accounts can be tought of as a shared computer, which makes it hard to devise a failproof set of criterions to determine which is which.

For instance, there are setups where the PC only has one user account and where an unbounded number of users log in using a webpage to the cloud.

In short: what is a shared PC?


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Maybe you should focus more on what makes a PC a "shared PC" vs. a "workstation". Is it the number of users accounts registered? Is it that it belongs to a specific domain?

Counterpoint: any PC with a couple of registered accounts can be tought of as a shared computer, which makes it hard to devise a failproof set of criterions to determine which is which.

For instance, there are setups where the PC only has one user account and where an unbounded number of users log in using a webpage to the cloud.

In short: what is a shared PC?

I'd like to base it on a large number of accounts (25+), most of them not admin (only like 2-4 admins), if the user account isn't a local account on the computer, if the home drive is not a local drive, if there is a session limit, if the user can't access taskmgr/cmd, etc.


My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

MY PROJECTS


Active: IRC UDF, WindowEx UDF
Discontinued: GithubBubbleSort UDF

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0