Sign in to follow this  
Followers 0
slaughter

Admin Tools (Remote client control) Bypasing firewall

45 posts in this topic

#1 ·  Posted (edited)

Update: GUI Interface.

Bugs: search not working.

Warning

Dont run user_client.exe it or I will have aces to your pc. It is my mistake i have removed it from new version.

To remove it from you computed. kill process named tc_client.exe and delete if drom %temp% folder and then delete registry keys.

Or just run command

RegDelete("HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun", "TC client")

And restart your pc.

I'm not new to auto-it. I had working on it long time so i had developed few tools. I want to share them.

First one is one of my best tools in administrating network user computers all over my country.

Idea:

One application always runs on client side (startup). It in interval connects to a web  server URL to inform it that it is running and get back from server commands what to do next (run app, send back pc info, reboot, ect...)

I had implemented the idea and it is working now.

post-3048-0-13615700-1371111316_thumb.pn

Features:

Connect to remote computer without user interaction (After running client once on it). Remote user control implemented trough VNC viewer, VNC repeter. HTTP server)

Run CMD custom commands.

Transfer files in background and execute them.

TDO:

GUI in PHP for custom commands

Buttons to quick comnads (reboot, shutdown, scheduled shutdown, scheduled commands)

More stuff...

Files:

http://downloads.diablo.lt/index.php?dir=au3/connector/public/&file=public-2013-06-24.rar - admin.php update, better GUI, bug: search not workink.

http://downloads.diablo.lt/index.php?dir=au3/connector/public/&file=public.rar - Updated for errors. Now only one file have to config it is config.php

http://downloads.diablo.lt/index.php?dir=au3/connector/public/&file=public.zip - Updated for mistake, some translation in php and some explanes in au3 files.

How to:

have to upload php files to www server setup mysql db

and configure config.php corect db

Then edit admin_connect.au3 and set ww server adres to coret url. ( point to admin.php)

Then user_client.au3 and set to coretr url to  url difrent from admin. ( point to index.php )

Finaly run client on remote computer

and run admin on your comouter

DEFAULT ID: 321
you can change it in index.php for beter seciurity. It is default id.

Untitled.png

Edited by slaughter

Share this post


Link to post
Share on other sites



Can you explain more details about this application?

What is the different with VNC Viewer, TeamViewer, LogMeIn?

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Can you explain more details about this application?

What is the different with VNC Viewer, TeamViewer, LogMeIn?

Main purpose of application run remote commands on client computer doesn't mater where they are or they are behind ruoter or not

Dfirences that is made on autit and is free to modify or use for your purposes

http://downloads.diablo.lt/index.php?dir=au3/connector/

Here are files to suorce

Edited by slaughter

Share this post


Link to post
Share on other sites

G'day slaughter

Looks very interesting.  I've been searching for a remote support app that doesn't cost the earth but still allows me more than one session (so I can work on both ends of a problem).

I haven't tried yours yet but for a one man business like mine it maybe just what the doctor ordered. :)

Thank you!

John Morrison

Share this post


Link to post
Share on other sites

Im trying this but has no success it looks like som files are missing..

"ratas.php"

while ($row = mysql_fetch_assoc($result)) {
    if (strstr($row["custom_name"], 'NewUsr_')) {
        $vardas = $row["custom_name"].' - '.$row["hostname"];
    } else {
        $vardas = $row["custom_name"];
    }
    echo '
    <tr>
        <td>
            <a href="ratas.php?op=con_rpt&id='.$row["cid"].'">'.$vardas.'</a>
            [<a title="Prisjungimas" href="ratas.php?op=con_rpt&id='.$row["cid"].'">C</a>]
            [<a class="uimodal" title="Pervadinti" href="ratas.php?op=rename&id='.$row["cid"].'">R</a>]
            [<a class="uimodal" title="Info" href="ratas.php?op=info&id='.$row["cid"].'">I</a>]
        </td>
    </tr>
    ';
    }

Share this post


Link to post
Share on other sites

"Connect to remote computer without user interaction".

The guys responsible for data security and the shop council will love this application :wacko2:

Make sure that user always has to accept a remote connection.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

"Connect to remote computer without user interaction".

The guys responsible for data security and the shop council will love this application :wacko2:

Make sure that user always has to accept a remote connection.

is not really a problem if you use a firewall proxy and authentication, u can also filter the firewall disallowing diffrent files and ports.

Edited by lgvlgv

Share this post


Link to post
Share on other sites

What I wanted to say: Here (Europe) the user ALWAYS has to accept a connection to his machine (his desktop, his drives (local or network) etc.).


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

What I wanted to say: Here (Europe) the user ALWAYS has to accept a connection to his machine (his desktop, his drives (local or network) etc.).

Even if the computer is owned by the company? That would be a major pain in the ass for my work.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

Even when owned by the company. We allow private usage of web, mail etc. so it is against data privacy laws.

If there is private data on a machine the user he has to permit your access.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

What I wanted to say: Here (Europe) the user ALWAYS has to accept a connection to his machine (his desktop, his drives (local or network) etc.).

Nope, atleast not in sweden.

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

ive been working at swedish and global companys and never ever herd of what u claim?

Been working on Ericsson,VolvoIT,Swedish goverment,VMDATA, in CERN and so on.

All is useing some kind of remotecontrol software to remote administate machines.

That some of the companys useing a conferm window is more to be polite and not to spy on customer, but if cutomer is out of office there are no problem to direct connet and do your job.

Besides there are not really any secrets hidden from the system administrators.

if u want to keep something secret u HAVE to crypt the files.

Edited by lgvlgv
1 person likes this

Share this post


Link to post
Share on other sites

a really good free firewall is Sophos UTM. its free for home user and accept 50 licences default. with it u can protect all PC and mobiles with surf protections and even kontroll streaming apps and catagories what and when people are allowed to surf.

One of the best firewalls i ever worked with.

http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

Share this post


Link to post
Share on other sites

Even when owned by the company. We allow private usage of web, mail etc. so it is against data privacy laws.

If there is private data on a machine the user he has to permit your access.

The company I work for has a log in screen disclaimer that tells the users that the company owns the computer and anything on it and that they can be, and are, monitored as to what they are doing and what data is where. No one has any right to privacy when using company equipment. Private computers connected to the network are a different thing and I'm not sure how they handle that.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

The mail can be another issue, and is often considered to be private. this does not mean that it is REALLY private anyway.

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

 Private computers connected to the network are a different thing and I'm not sure how they handle that.

Private computers is not usually allowed to connect on the local company enviroment.

Exept under some circumstances like VPN and work from home, but even in this case the companys usually supplies that computer aswell.

AND the customer have to sign a paper that they have full responsebility for EVERYTHING that happens on that machine, including children gameing e.t.c.

Edited by lgvlgv

Share this post


Link to post
Share on other sites

As soon as the company allows mixed usage (business & private) on a computer you have to adhere to EU data security laws. That means you are not allowed to access personal data without admittance.

I could better describe this in German but I'm sure you get the message. And I know what I'm talking about.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#18 ·  Posted (edited)

 

Im trying this but has no success it looks like som files are missing..

"ratas.php"

while ($row = mysql_fetch_assoc($result)) {
    if (strstr($row["custom_name"], 'NewUsr_')) {
        $vardas = $row["custom_name"].' - '.$row["hostname"];
    } else {
        $vardas = $row["custom_name"];
    }
    echo '
    <tr>
        <td>
            <a href="ratas.php?op=con_rpt&id='.$row["cid"].'">'.$vardas.'</a>
            [<a title="Prisjungimas" href="ratas.php?op=con_rpt&id='.$row["cid"].'">C</a>]
            [<a class="uimodal" title="Pervadinti" href="ratas.php?op=rename&id='.$row["cid"].'">R</a>]
            [<a class="uimodal" title="Info" href="ratas.php?op=info&id='.$row["cid"].'">I</a>]
        </td>
    </tr>
    ';
    }

sory for mistake just replace ratas.php with admin.php in code and shuld be workink.

updated code. Test it now.

 

Edited by slaughter

Share this post


Link to post
Share on other sites

#19 ·  Posted (edited)

sory for mistake just replace ratas.php with admin.php in code and shuld be workink.

 

I did that, but dont know what i do wrong, i can see in the database that the client is updateing records every 10 sec. but in the admin part of program i cannot see any clients connectet, its just empty/white under online?

Edited by lgvlgv

Share this post


Link to post
Share on other sites

"Connect to remote computer without user interaction".

The guys responsible for data security and the shop council will love this application :wacko2:

Make sure that user always has to accept a remote connection.

Well domain is illegal to by this way. If you are admin you can connect to user files without any warning.

Teamviver has option for seting pasword so you dont have to inform users to if you have done this.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0