Soulstriker

[Solved] How can I detect manual execution of a script?

8 posts in this topic

#1 ·  Posted (edited)

Hello everyone! I'm having problems with a tool I developed.

Said script was created as a maintenance  tool for a system. It's executed by a third party procedure, but it would be useful to run it manually if required, tough only by authorized personnel.

What I'd like to do is to detect if the tool was executed manually and in such case, ask for a password to run, but still be able to run when executed by the automatic procedure. 

Is there any way to detect this difference? I thought about detecting the windows user who is trying to run it, but the remote operators have Administrator access, so it'd be hard to limit with that.

 

Thank you!

Edited by Soulstriker

Share this post


Link to post
Share on other sites



#2 ·  Posted

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

Share this post


Link to post
Share on other sites

#3 ·  Posted

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad:

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos


Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

#4 ·  Posted

21 minutes ago, Subz said:

You could use something like _AD_IsMemberOf from the AD UDF within your script and either add only authorized users/systems to this group within AD.  If the user isn't a member of the group then prompt for a username and password otherwise force the script to exit.

I thought about that, but I don't know to implement that along with automatic execution without asking for password. I don't mind hardcoing the password into the script, it's just to prevent mindless, random clicking by some IT grunt.

6 minutes ago, Jos said:

One approach could be to test for the parents of the executed script. Example when a Script ran from SciTE shells Notepad:

#include <WinAPIProc.au3>
$pid = Run("notepad.exe")
$pPid = _WinAPI_GetParentProcess($PID)
$p2Pid = _WinAPI_GetParentProcess($pPID)
$p3Pid = _WinAPI_GetParentProcess($p2PID)
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($PID) = ' & _WinAPI_GetProcessName($PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($pPID) = ' & _WinAPI_GetProcessName($pPID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p2PID) = ' & _WinAPI_GetProcessName($p2PID) & @CRLF) ;### Debug Console
ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : _WinAPI_GetProcessName ($p3PID) = ' & _WinAPI_GetProcessName($p3PID) & @CRLF) ;### Debug Console
If _WinAPI_GetProcessName($p2PID) = "AutoIt3.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 2 => AutoIt3"' & @CRLF) ;### Debug Console
EndIf
If _WinAPI_GetProcessName($p3PID) = "SciTE.exe" Then
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : "Level 3 => SciTE"' & @CRLF) ;### Debug Console
EndIf

Jos

Hm, that could work. I'll check and will let you know.

 

Thank you both for your replies!

Share this post


Link to post
Share on other sites

#5 ·  Posted

Forgot to include the fact that @AutoItPID contains the PID of the current script and could/should be used as the first level pid.

Jos

1 person likes this

Visit the SciTE4AutoIt3 Download page for the latest versions        Beta files                                                          Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

#6 ·  Posted

Jos, your solution worked like a charm!

I just check that the parent Process is the third party program that runs maintenance and if it isn't, it asks for a password.

Thank you very much!

Share this post


Link to post
Share on other sites

#7 ·  Posted

@Soulstriker: Hi. Not sure if your tool needs to be protected from unauthorised tampering, but if you wish to avoid storing your password in any form inside your script, check out my CodeCrypter (keytype 1 = password query at startup).;)

Share this post


Link to post
Share on other sites

#8 ·  Posted

@RTFC: Thank you. I was looking for something like that. I'm an absolute noob at encryption and security. I was thinking about obfuscation and some other tools that could help me with that. I'll definitely check your CodeCrypter.

Thank you!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now