Sign in to follow this  
Followers 0
darkerside

Send() does not work with ActiveX control?

10 posts in this topic

Hi,

I'm very new to AutoIt Scripting. I am trying to write a simple script to automate the username & password injection by using Send() to one of the bank web portal. Due to this portal has "Captcha", my expectation would be just to inject username & password into the field and leave the verification code in manual.

The code is simply like this and I was able to inject TESTUSER into username filed, but failed in password field, no value is filled. I am thinking it might have something to do with the ActiveX control as Activex needs to be installed for this web portal. And, this Activex control is prevent copy/paste from or to password field.

My question is, will Send() works if the field has ActiveX control that blocking keystrokes or copy/paste? Any idea?

 

Run ("C:\Program Files (x86)\Internet Explorer\iexplore.exe https://mybank1.icbc.com.cn/icbc/enperbank/index.jsp")

Sleep(8000)
Send("TESTUSER")
Sleep(3000)
Send("{Enter}")
Send ("PASSWORD123")

 

Share this post


Link to post
Share on other sites



Run ("C:\Program Files (x86)\Internet Explorer\iexplore.exe https://mybank1.icbc.com.cn/icbc/enperbank/index.jsp")
Sleep(8000)
Send("TESTUSER")
Sleep(3000)
Send("{Enter}")
Send ("PASSWORD123")

My guess is that the field needs to be selected before the text will go in the field. Have you tried a mouseclick? Maybe try to send ("{TAB}"). If you can get to the control without the mouse then I cannot think of any reason that autoit wont be able to send data to it.


Get Scite to add a popup when you use a 3rd party UDF -> http://www.autoitscript.com/autoit3/scite/docs/SciTE4AutoIt3/user-calltip-manager.html

Share this post


Link to post
Share on other sites

In fact, hitting enter has a same effect like send ("{TAB}") in this web portal. Both send enter or tab will bring me to next field but without filling the keystrokes (PASSWORD123) as expected.

Ok, I had changed a bit of the script, by send ("{TAB}") instead of send ("{ENTER"}), still hitting the same problem, password field remains unfilled.

 

Run ("C:\Program Files (x86)\Internet Explorer\iexplore.exe https://mybank1.icbc.com.cn/icbc/enperbank/index.jsp")

Winwait("ICBC New Generation of Internet Banking - Internet Explorer")
Sleep(5000)
Send("TESTUSER")
Sleep(1000)
Send("{TAB}")
Sleep(1000)
Send ("PASSWORD123")

 

As you can see, username field is auto-filled, TAB is sent to next field, and remains unfilled.

image.png

Share this post


Link to post
Share on other sites
Sorry, your current version of Firefox cannot access ICBC Internet Banking. Download official version of Firefox (version 10.0-21.0 or under) if you wish to use ICBC Internet Banking.

 

What online bank uses a previous version of firefox?


Get Scite to add a popup when you use a 3rd party UDF -> http://www.autoitscript.com/autoit3/scite/docs/SciTE4AutoIt3/user-calltip-manager.html

Share this post


Link to post
Share on other sites

What online bank uses a previous version of firefox?

It said the same thing for the latest version of Chrome too. Go figure.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

I cant get it to work. I tried to remote in with teamviewer and VNC and when I do the password does not send with my physical keyboard. The activex control must be monitoring the keyboard bus directly. Im out of ideas.


Get Scite to add a popup when you use a 3rd party UDF -> http://www.autoitscript.com/autoit3/scite/docs/SciTE4AutoIt3/user-calltip-manager.html

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Everyone,

   I work at a bank. Banks go out of their way to keep people from automating logins to portals. It is a security feature to keep maulware writers from stealing funds from people. I would not touch this idea of automating it with anything known to man. This is a bad idea all the way around. I ask everyone for safety sake - please do not automate this. The OP should manually login to the portal. Thank you.

Edited by Bert

Share this post


Link to post
Share on other sites

Couldn't agree more. Avoiding security features is a very bad idea.

OTOH it is your money you lose.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Thanks for everyone helping out anyway. I couldn't agree more from security perspective. I would just say there was a reason and justification my client wanted to do that. Well, it seems like no other way to inject a password with this security restriction.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0