Jump to content

[Solved] How can I detect manual execution of a script?


Recommended Posts

Hello everyone! I'm having problems with a tool I developed.

Said script was created as a maintenance  tool for a system. It's executed by a third party procedure, but it would be useful to run it manually if required, tough only by authorized personnel.

What I'd like to do is to detect if the tool was executed manually and in such case, ask for a password to run, but still be able to run when executed by the automatic procedure. 

Is there any way to detect this difference? I thought about detecting the windows user who is trying to run it, but the remote operators have Administrator access, so it'd be hard to limit with that.

 

Thank you!

Edited by Soulstriker
Link to post
Share on other sites

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

Link to post
Share on other sites
  • Developers

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad:

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to post
Share on other sites
21 minutes ago, Subz said:

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

I thought about that, but I don't know to implement that along with automatic execution without asking for password. I don't mind hardcoing the password into the script, it's just to prevent mindless, random clicking by some IT grunt.

6 minutes ago, Jos said:

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad:

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos

Hm, that could work. I'll check and will let you know.

 

Thank you both for your replies!

Link to post
Share on other sites
  • Developers

Forgot to include the fact that @AutoItPID contains the PID of the current script and could/should be used as the first level pid.

Jos

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to post
Share on other sites

@Soulstriker: Hi. Not sure if your tool needs to be protected from unauthorised tampering, but if you wish to avoid storing your password in any form inside your script, check out my CodeCrypter (keytype 1 = password query at startup).;)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...