Sign in to follow this  
Followers 0
turbochugz

Using AutoIT to call an msi? Major concern

5 posts in this topic

I have been wanting to use AutoIT to compile a script which entails running an msi file with administrator rights.

My concern is not so much the script, but the source file.

for example: i create a script that launces 123.msi with administrative credentials to install the 123 program. My question if one was to replace with the 123.msi with a differenent software product and call that 123.msi. Will my script continue to run and install the newly renamed 123.msi file? I dont see any methods or validation checks to prevent this from happening as it is simply a script.

I hope i was clear.

Thanks.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

use FileInstall() so that noone can rename until run.

use FileGet*Size() or something similar to identify file.

Edited by bogQ
1 person likes this

TCP server and client - Learning about TCP servers and clients connection
Au3 oIrrlicht - Irrlicht project
Au3impact - Another 3D DLL game engine for autoit. (3impact 3Drad related)



460px-Thief-4-temp-banner.jpg
There are those that believe that the perfect heist lies in the preparation.
Some say that it’s all in the timing, seizing the right opportunity. Others even say it’s the ability to leave no trace behind, be a ghost.

 

Share this post


Link to post
Share on other sites

Hi, turbochugz, welcome to the forum. Is this an issue you've actually run into, or just a "what if" question? I've been repackaging MSIs for a very long time, and cannot recall ever having two different products with the exact same MSI name (different versions of the same product, maybe).

As bogQ mentions above, you can look at the attributes of the MSI file to confirm you're interacting with the one you want, or better yet use FileInstall to include the MSI in your script and remove the possibility of the script installing the wrong product.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites

sounds like an integrity question. Maybe using MD5sum could be useful to you?

this would ensure that a renamed binary of the same name would not be able to run unless the checksum matched that of the original, which isn't impossible, but it's less probable.

1 person likes this

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

Thanks... Im not well versed in scripts and am currently reading the examples etc... Fileinstall() is definitely what i am looking for. Thanks for all the suggestions.

Edited by turbochugz

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0