TimR Posted June 23, 2018 Share Posted June 23, 2018 First off, I wanted to say, AutoIT is AMAZING and I have learned a lot from these forums. I searched ALL over the forum and could not find this topic so I am going to post this one in hopes there is nothing already out there. We have an Anti Virus piece of software that requires a password to be passed in a gui during the regular windows uninstall. They call this "Tamper Protection". The problem is I have to uninstall this software on nearly a thousand machines and thought that AutoIt would work. I believe that Check Point Endpoint Security may have built some logic that makes it impossible to uninstall the software even with AutoIT. I wanted to know if anyone has had this issue in the past? I have been spinning wheels and I hate asking. I have tried to create this script manually using classes defined within the AutoIt v3 Window Information tool. After several hours, I gave up and thought that I would try Au3Record. That didn't even work. In a nutshell, the AU3Record does not even really seem to record data typed in the password field. Could there be protections against AutoIT or am I just too green with the product? Run("C:\Windows\System32\control.exe appwiz.cpl") WinWait("Programs and Features") WinActivate("Programs and Features") Send("Check Point Endpoint Security") Send("{Enter}") Sleep(1000) ControlClick("Programs and Features", "&Yes", "[CLASS:Button; INSTANCE:1]") Sleep(2000) ControlFocus("Check Point Endpoint Security", "Please enter administrative password", "Edit1") ControlSetText("Check Point Endpoint Securty", "Please enter administrative password", "Edit1", "the uninstall password") Sleep(15000) ControlClick("Check Point Endpoint Securty", "OK", "[CLASS:Button; INSTANCE:1]") Exit Link to comment Share on other sites More sharing options...
FrancescoDiMuro Posted June 23, 2018 Share Posted June 23, 2018 Good morning @TimR So, the issue you are having, is that, in the "final part", the password is not typed in the input box, is it right? I always suggest to check return value of functions that you're using, so you can say: "Ok, calling this function, there is an issue" Best Regards. Click here to see my signature: Spoiler ALWAYS GOOD TO READ: Forum Rules Forum Etiquette Link to comment Share on other sites More sharing options...
AndyG Posted June 23, 2018 Share Posted June 23, 2018 (edited) Hi, there are many socalled "controls" in software products, that are definetly no "typically" windows controls! Sometimes the only way to place some text into an input-field is the send()-command. If you are sure that the password-input-control is active ( ! ) try to use the "send()"-command to send the text. "Active" means, the cursor is blinking into the input-control. If ControlFocus() does´nt work, you could try to activate the input-control via the TAB´s. ...and use more Sleep()´s between your lines of code, because your AutoIt-Script is normally way faster than the most Windows-Programs. Edited June 23, 2018 by AndyG Link to comment Share on other sites More sharing options...
orbs Posted June 23, 2018 Share Posted June 23, 2018 @TimR, welcome to AutoIt and to the forum. Check Point Endpoint Security - like all enterprise security products - has a central management console, through which you can uninstall the clients. no other method is going to be simpler, or feasible at all. do NOT attempt it by simulating mouse clicks and key presses - this will fail in 99.9% of your targets (the rest 0.1% are your test targets), which will generate a lot more work for you to explain to users WTF is going on, then connect to their workstations and perform the process manually. you have revealed your lack of experience in scripting by simulating opening the Control Panel applet of "Programs and Features", then trying to locate the software products for uninstall. if scripting is your way, you'd be using the formal uninstall command from the registry (typically handled by msiexec). script-wise, what you are dealing here is more complicated than usual; this be the second reason i advise you do not follow that path. if, for some reason, you do not have access to the central management console, then either make such access for yourself, or ask the person in charge of it to do the remote uninstallation for you. if none of that is possible, consult Check Point support for other options. if manual uninstall is your only option, inform your boss you'd have to do it manually, and it will take as much as it will take. once your boss understands that, trust me - you'd have your access in no time and you will complete the uninstall in a few hours. Signature - my forum contributions: Spoiler UDF: LFN - support for long file names (over 260 characters) InputImpose - impose valid characters in an input control TimeConvert - convert UTC to/from local time and/or reformat the string representation AMF - accept multiple files from Windows Explorer context menu DateDuration - literal description of the difference between given dates Apps: Touch - set the "modified" timestamp of a file to current time Show For Files - tray menu to show/hide files extensions, hidden & system files, and selection checkboxes SPDiff - Single-Pane Text Diff Link to comment Share on other sites More sharing options...
Moderators Melba23 Posted June 23, 2018 Moderators Share Posted June 23, 2018 TimR, Welcome to the AutoIt forums. Quote I believe that Check Point Endpoint Security may have built some logic that makes it impossible to uninstall the software even with AutoIT. I quite agree and so your question falls foul of the Forum rules - specifically the prohibition on discussing "Bypassing of security measures - log-in and security dialogs". I realise that your intentions are good, but you must realise that these features are put there for a reason and we are not going to help you - and therefore anyone else with less honest goals - to get around them. Thread locked. I heartily endorse orbs proposal above - use the correct method to uninstall and forget trying to script it by simulation mouseclicks, etc. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area Link to comment Share on other sites More sharing options...
Subz Posted June 23, 2018 Share Posted June 23, 2018 Agree with orbs, a quick google search for Uninstall Checkpoint returns the Endpoint Security Management Guide, search for Uninstalling Endpoint Security Clients, which gives you the command line to uninstall the client using: Quote Msiexec /X /qn <Product Code> INSTALLPASSWORD= Obtaining the product code To obtain the product code, (GUID), examine this registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm\MsiProductCode. The product key is the value for MsiProductCode.. You can verify this code by checking for a subfolder named with the product key Using the vbscript at the end of the guide and translating it to AutoIt, however this is compatible with both x86/x64 systems. #NoTrayIcon #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_UseX64=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** Global $g_sCheckPassword = "<Enter Password Here>" Global $g_sProductCode = @OSArch = "x64" ? RegRead("HKLM64\SOFTWARE\Zone Labs\ZoneAlarm", "MSIProductCode") : RegRead("HKLM\SOFTWARE\Zone Labs\ZoneAlarm", "MSIProductCode") If $g_sProductCode = "" Then Exit ;~ CheckPoint is not installed on the system If @OSArch = "x64" Then DllCall("kernel32.dll", "boolean", "Wow64DisableWow64FsRedirection", "boolean", 1) ;~ Turns Off 64 Bit Redirection RunWait("MsiExec.exe /x " & $g_sProductCode & " /qn INSTALLPASSWORD=" & $g_sCheckPassword, "", @SW_HIDE) DllCall("kernel32.dll", "boolean", "Wow64DisableWow64FsRedirection", "boolean", 0) ;~ Turns On 64 Bit Redirection Else RunWait("MsiExec.exe /x " & $g_sProductCode & " /qn INSTALLPASSWORD=" & $g_sCheckPassword, "", @SW_HIDE) EndIf Link to comment Share on other sites More sharing options...
Recommended Posts