Jump to content

[Solved] How can I detect manual execution of a script?

Soulstriker
 Share

Recommended Posts

Soulstriker Seeker

Soulstriker

Posted
Posted (edited)

Hello everyone! I'm having problems with a tool I developed.

Said script was created as a maintenance  tool for a system. It's executed by a third party procedure, but it would be useful to run it manually if required, tough only by authorized personnel.

What I'd like to do is to detect if the tool was executed manually and in such case, ask for a password to run, but still be able to run when executed by the automatic procedure. 

Is there any way to detect this difference? I thought about detecting the windows user who is trying to run it, but the remote operators have Administrator access, so it'd be hard to limit with that.

 

Thank you!

Edited by Soulstriker
Subz Universalist

Subz

Posted
Posted

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

  • Developers
Jos Universalist

Jos

Posted
  • Developers
Posted

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad: 

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.  :)

Soulstriker Seeker

Soulstriker

Posted
  • Author
Posted
21 minutes ago, Subz said:

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

I thought about that, but I don't know to implement that along with automatic execution without asking for password. I don't mind hardcoing the password into the script, it's just to prevent mindless, random clicking by some IT grunt.

6 minutes ago, Jos said:

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad: 

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos

Hm, that could work. I'll check and will let you know.

 

Thank you both for your replies!

Soulstriker Seeker

Soulstriker

Posted
  • Author
Posted

Jos, your solution worked like a charm!

I just check that the parent Process is the third party program that runs maintenance and if it isn't, it asks for a password.

Thank you very much!

RTFC Universalist

RTFC

Posted
Posted

@Soulstriker: Hi. Not sure if your tool needs to be protected from unauthorised tampering, but if you wish to avoid storing your password in any form inside your script, check out my CodeCrypter (keytype 1 = password query at startup).;)

My Contributions and Wrappers

Spoiler

BitMaskSudokuSolver  BuildPartitionTable   CodeCrypter   CodeScanner   DigitalDisplay   Eigen4AutoIt   FAT Suite    HighMem   MetaCodeFileLibrary   OSgrid   Pool   RdRand   SecondDesktop   SimulatedAnnealing   Xbase I/O

Soulstriker Seeker

Soulstriker

Posted
  • Author
Posted

@RTFC: Thank you. I was looking for something like that. I'm an absolute noob at encryption and security. I was thinking about obfuscation and some other tools that could help me with that. I'll definitely check your CodeCrypter.

Thank you!

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...