Jump to content
Sign in to follow this  
Wolfteeth

Runwait and ProcesswaitClose doesn't work!

Recommended Posts

Wolfteeth

Very Interest in the topic problems, I am writing a program which need to promote the permission via LSrunase.exe program and below is my sample script.

for $i =1 to 5
  $rpath = "C:\Temp\"
  $strcommand = "notepad.exe"
  $strrun=$rpath & "lsrunase.exe /user:adminTemp /password:****** /domain:MYDOMAIN /command:" & """" & $strcommand & """" & " /runpath:" & $rpath
  $pid = Run($strrun)
  ProcessWaitClose($pid)
Next

Runwait absolutely doesn't work and refer to the manual that I used ProcessWaitClose, but it still not works.

as my thought that the notepad.exe should be opened once I close the last one, but it didn't, it just run and run with no wait. because the running user name is not the the one who login the machine.

anyone who has experience on this?

Share this post


Link to post
Share on other sites
Aarstad

The processwaitclose variable which is a run execution. Change it with a processname and it will work.

Share this post


Link to post
Share on other sites
careca

What you could also do is set the variable $strcommand to the process close instruction, and remove the $pid variable alltogether

Run($strrun)
  ProcessWaitClose($strcommand)
Next

Spoiler

Paster - Main function is to paste text, but has more functions. (No longer mantained, switched to String Trigger)

Renamer - Rename files and folders, remove portions of text from the filename etc.

GPO Tool - Export/Import Group policy settings.

BeatsPlayer - Music player.

Params Tool - Right click an exe to see it's parameters or execute them.

String Trigger - Triggers pasting text or applications or internet links on specific strings.

Inconspicuous - Hide files in plain sight, not fully encrypted.

Regedit Control - Registry browsing history, quickly jump into any saved key.

Time4Shutdown - Write the time for shutdown in minutes.

Power Profiles Tool - Set a profile as active, delete, duplicate, export and import.

Firefox Profile Backup - Backup/restore previously saved profile.

Finished Task Shutdown - Shuts down pc when specified window/Wndl/process closes.

NetworkSpeedShutdown - Shuts down pc if download speed goes under "X" Kb/s.

IUIAutomation - Topic with framework and examples

Au3Record.exe

Share this post


Link to post
Share on other sites
Wolfteeth

The processwaitclose variable which is a run execution. Change it with a processname and it will work.

it doens't work even use the "program name", it seems if run on different crendation, the processwaitclose can't recognize the token and doens't work.

Share this post


Link to post
Share on other sites
Wolfteeth

What you could also do is set the variable $strcommand to the process close instruction, and remove the $pid variable alltogether

Run($strrun)
ProcessWaitClose($strcommand)
Next

this is what I did at the first time.. but it doens't work.

Share this post


Link to post
Share on other sites
careca

Try this way. If i got your problem right, this should work.

For $i = 1 To 5
$rpath = "C:Temp"
$strrun=$rpath & "lsrunase.exe /user:adminTemp /password:****** /domain:MYDOMAIN /command:" & """" & "C:\Windows\System32\notepad.exe" & """" & " /runpath:" & $rpath
MsgBox (4096, "info", $strrun)
If Not ProcessExists("notepad.exe") Then
ShellExecuteWait("C:\Windows\System32\notepad.exe")
EndIf
Next

Spoiler

Paster - Main function is to paste text, but has more functions. (No longer mantained, switched to String Trigger)

Renamer - Rename files and folders, remove portions of text from the filename etc.

GPO Tool - Export/Import Group policy settings.

BeatsPlayer - Music player.

Params Tool - Right click an exe to see it's parameters or execute them.

String Trigger - Triggers pasting text or applications or internet links on specific strings.

Inconspicuous - Hide files in plain sight, not fully encrypted.

Regedit Control - Registry browsing history, quickly jump into any saved key.

Time4Shutdown - Write the time for shutdown in minutes.

Power Profiles Tool - Set a profile as active, delete, duplicate, export and import.

Firefox Profile Backup - Backup/restore previously saved profile.

Finished Task Shutdown - Shuts down pc when specified window/Wndl/process closes.

NetworkSpeedShutdown - Shuts down pc if download speed goes under "X" Kb/s.

IUIAutomation - Topic with framework and examples

Au3Record.exe

Share this post


Link to post
Share on other sites
Wolfteeth

Not..the root cause I found that it is because of the "Program" is running on the prompted authentication session via "LSrunase.exe", thus, the user session is different, which caused ProcessList cannot see the "Program" even its running on task manager and got the proceessID, but our Procssexist("Program") cannot return the PID to autoit... sucks...I am still checking to see...

what I am doing now is to try:

for $i =1 to 5
$rpath = "C:Temp"
$strcommand = "notepad.exe"
$strrun=$rpath & "lsrunase.exe /user:adminTemp /password:****** /domain:MYDOMAIN /command:" & """" & $strcommand & """" & " /runpath:" & $rpath
Run(@ComSpec & " /k " & $strrun)
Next

this does works but the new opened @ComSpec window will not be terminated....still thinking...

Edited by Wolfteeth

Share this post


Link to post
Share on other sites
Wolfteeth

Try this way. If i got your problem right, this should work.

For $i = 1 To 5
$rpath = "C:Temp"
$strrun=$rpath & "lsrunase.exe /user:adminTemp /password:****** /domain:MYDOMAIN /command:" & """" & "C:\Windows\System32\notepad.exe" & """" & " /runpath:" & $rpath
MsgBox (4096, "info", $strrun)
If Not ProcessExists("notepad.exe") Then
ShellExecuteWait("C:\Windows\System32\notepad.exe")
EndIf
Next

sorry, it's wrong.

Share this post


Link to post
Share on other sites
Wolfteeth

still not found good ideas...

.the root cause I found that it is because of the "Program" is running on the prompted authentication session via "LSrunase.exe", thus, the user session is different, which caused ProcessList cannot see the "Program" even its running on task manager and got the proceessID, but our Procssexist("Program") cannot return the PID to autoit... sucks...I am still checking to see...

Share this post


Link to post
Share on other sites
UEZ

FYI: my experience with ProcesswaitClose() was that it caused a high cpu usage whereas Runwait() worked properly.

Br,

UEZ


Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Share this post


Link to post
Share on other sites
JLogan3o13

I would agree with JohnOne, RunWait is usually a better alternative. Also, I would suggest taking LSrunase out of the mix; it's pupose is to allow you to run an install as another account, but you can do the same natively with RunAsWait. Even if your goal is to use the encryption methods in LSrunase, I would try it without, just to help narrow down the problem.


√-1 2^3 ∑ π, and it was delicious!

Share this post


Link to post
Share on other sites
Wolfteeth

it is a quite good article to have a test to use LSrunase instead of RunAsWait, sometimes, especial for enterprise user, the encrypted pwd is very important. and should not be plain text always.

besides, our AutoIT.exe still is able to be cracked...sigh...

Edited by Wolfteeth

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×