Jump to content

USER/PASSWORD from .TXT

mukkacow
 Share

Recommended Posts

mukkacow Seeker

mukkacow

Posted
Posted

Hello ;-)

I'm new to Autoit and need some help. I'm trying to make a script that will get USER and PASSWORD from a .txt located somewhere in my network.
User/Password in the .TXT file should not be in clear text but at least coded with a simple XOR.

Hope somebody could help me figure out.... even starting with clear text would be nice ;-)

Thanks you!

  

Func _WinWaitActivate($title,$text,$timeout=10)
    WinWait($title,$text,$timeout)
    If Not WinActive($title,$text) Then WinActivate($title,$text)
    WinWaitActive($title,$text,$timeout)
EndFunc



Run('"C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe"')
Sleep(1000)
_WinWaitActivate("Login","Enter your VDI user ")
Send("}MYUSERNAME{TAB}MYPASSWORD{ENTER}")

 

iamtheky Universalist

iamtheky

Posted
Posted (edited)

If you can preset the file to be username on line1 and password on line2 then you could get away with just filereadline, and the helpfile for filereadline is pretty straight forward.  Do you also need the solution to unXor something?

I am super pleased that the function name rhymes, and that is now a requirement for all UDFs.

Edited by iamtheky 

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

spudw2k Universalist

spudw2k

Posted
Posted

Just a suggestion.  It looks like the vmware-view.exe client supports command line parameters to allow login.  It is "safer" to login this way rather than relying on manipulating/automating the login prompt.
  

;untested
Run('"C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe" -userName ' & $sUserName & ' -password ' & $sPassword)

 

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

spudw2k Universalist

spudw2k

Posted
Posted (edited)
19 minutes ago, JLogan3o13 said:

Or just set the view client to "Default to Login as Current User", it's a checkbox...

As long as the VMWare server is configured to support integrated Windows authentication and the logged in user has rights granted; but once again...i'd recommend doing so via command-line

  

;untested
Run('"C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe" -logInAsCurrentUser')

 

Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

  • Moderators
JLogan3o13 Universalist

JLogan3o13

Posted
  • Moderators
Posted (edited)

Agreed, but you have to assume the OP is the VDI Admin, and has the rights to do so. If not, then all this monkeying around to bypass someone else's security measures is only going to serve to piss off his IT team.

Edited by JLogan3o13

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

spudw2k Universalist

spudw2k

Posted
Posted (edited)

One could still be an Admin but not use Windows auth.   Not trying to be argumentative...just saying...   I don't think there is any "bypassing" going on here, per-se.

Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

  • Moderators
JLogan3o13 Universalist

JLogan3o13

Posted
  • Moderators
Posted

What I am saying is, if he wants to automate the local user login (as he obviously does with his script) then one would assume he is the VDI administrator in a position to make those decisions. As such, enabling the auto-login feature inherent to the client (both on the client and on the server) is a much easier way to accomplish what he is after.

If he is not the admin, then what he is trying to accomplish with his script is effectively bypassing the policies someone else has in place, and is not something we are prepared to support on this forum. n'cest pas?

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

iamtheky Universalist

iamtheky

Posted
Posted

 There will be obvious future issues with the code well beyond the hypothetical situations, of which the worst i can imagine is if this is an admin  (but to throw in my vote:  I'm hoping to crap its a user that is abandoning all security principles because some admin made them use unique credentials).  

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

spudw2k Universalist

spudw2k

Posted
Posted

Understood.  If the application supports providing login credentials via command-line, that does not seem to me to be a security bypass issue.  I think the concern would be if the user does not have proper credentials and attempts to break/bang on the auth.  If the user is looking to retrieve the credentials from a text file, that tells me they have valid creds.

 

Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

mukkacow Seeker

mukkacow

Posted
  • Author
Posted

Thanks for all suggestions!

@spudw2k Unfortunately our client is not vmware (I used just as example) and doesn't allow to enter user/password by command line.

I think easiest solution will be for me to just encrypt the .exe and use hw id protection to associate it to the workstation

;-)

  • Moderators
JLogan3o13 Universalist

JLogan3o13

Posted
  • Moderators
Posted

@mukkacow when you throw something like an application name in there, and don't specify "this is just an example" until half a dozen posts later, you waste the time of people who are trying to assist you.

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

spudw2k Universalist

spudw2k

Posted
Posted (edited)

@mukkacow Well, glad I wasn't totally useless; how funny.  @JLogan3o13 has a good point though:

help me solve for X?
here's a solution.
...well, I really wanted to solve for Y.

Just something to keep in mind when asking for help later.  

The more direct the question is, the more precise an answer can be given.

Edited by spudw2k
Spoiler

Things I've Made: Always On Top Tool ◊ AU History ◊ Deck of CardsHideItICUIcon FreezerIpod EjectorJunos Configuration ExplorerLink DownloaderMD5 Folder EnumeratorPassGen ◊ Ping ToolQuick NICRead OCRRemoteITSchTasksGuiSpyCamSystem Scan Report ToolSystem UpTimeTransparency Machine VMWare ESX Builder
Misc Code Snippets: ADODB ExampleCheckHover ◊ Detect SafeModeDynEnumArrayGetNetStatData ◊ HashArrayIsBetweenDates Local AdminsMake ChoiceRecursive File ListRemove Sizebox StyleRetrieve PNPDeviceIDRetrieve SysListView32 ContentsSet IE Homepage Tickle Expired PasswordTranspose Array
Projects: Drive Space Usage GUI ◊ LEDkITPlasma_kIt ◊ Scan Engine BuilderSpeeDBurnerSubnetCalc
Cool Stuff: AutoItObject UDF Extract Icon From ProcGuiCtrlFontRotateHex Edit FuncsRun binaryService_UDF

 

mukkacow Seeker

mukkacow

Posted
  • Author
Posted

Hi spudw2k! You're right sorry! :-/

My other problem is that Citrix Receiver 14.4 windows looks like "Internet Explorer_Server"and "User" & "Password" are not listed separately. The Citrix Receiver show always the last Username. The only way I've discovered to clear it is to change everytime before starting the client this registry key:

  

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\AuthManager]
"Guid"="....."

to alternate from 1 or 0. 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\AuthManager]
"Guid"="0"

and then

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\AuthManager]
"Guid"="1"

So before starting my code:

if 0 or 1 not present change the Guid key to 0
if 0 is present change key to 1
if 1 is present change key to 0

then run the program. 

Run('C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe')
_WinWaitActivate("Citrix Receiver","")
Send("username{TAB}")
Send("password"{ENTER})


Thanks for any precious help

2016.PNG

mukkacow Seeker

mukkacow

Posted
  • Author
Posted

Hi Sad,

I need to change the registry key to 0 and if it's already 0 to 1 and if it's 1 to 0.
  

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\AuthManager]
"Guid"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\AuthManager]
"Guid"="1"
SadBunny Universalist

SadBunny

Posted
Posted

Something like this: 

$currentValue = RegRead("keyname", "valuename")
RegWrite("keyname", "valuename", "type", ($currentValue = "0" ? "1" : "0"))

 

Roses are FF0000, violets are 0000FF... All my base are belong to you.

mukkacow Seeker

mukkacow

Posted
  • Author
Posted

Thanks I solved this way. I just noticed an error. When Citrix has been never run at least on time script doesn't work, seems doesn't detect it. If already started 1 time and it's in tray icon, when running the script it works and enter the passwrod correctly. Tried also increasing the Sleep (1000) but not working.

SadBunny Universalist

SadBunny

Posted
Posted

Maybe the window is slightly different when it opens the first time? (Title different?)

Roses are FF0000, violets are 0000FF... All my base are belong to you.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...