Can a program block control by AutoIt scripts?

timmy2 · November 9, 2018

I'm trying (and failing) to type or paste a password into Deep Freeze Standard's logon window. It's a simple window with a single text entry field, ready to receive text after the program is open.

My first script used Send("password") to type it in, but when that failed I figured maybe DFS has its own keyboard scanning routine. (I even tried ControlSend() but it did nothing either.)

I manually copied the password to the Windows clipboard and found that I can manually paste it in using Control+V, so my next script (below) uses Send ("^v").

As you'll see below I switch to Notepad midstream to verify that pasting works, then switch back to the DFS window to try one more time.

Send("^+!{F6}") ; run Deep Freeze Standard

If Not WinWaitActive("Deep Freeze Standard","",2) Then
       MsgBox($MB_SYSTEMMODAL + $MB_ICONERROR, "Error", "Window not found")
EndIf

ClipPut("password") ; put password on clipboard

WinActivate("Deep Freeze Standard","") ; ensure DFS is active
Sleep(1000) ; allow plenty of time
Send ("^v")  ; paste clipboard contents (since I can do it manually; what's the difference??)

Sleep (1000)  ; wait
Run("notepad") ; switch to Notepad and verify pasting works
WinWaitActive("Untitled - Notepad")
Send("^v")

Sleep (1000) ; wait
WinActivate("Deep Freeze Standard","")  ; I can see the title bar darken so I know it's active
Sleep(500)
Send ("^v")  ; try one more time before I bang my head on the table

Neither attempt to paste the password into DFS works.

Are there any other AutoIt commands or approaches I should try for typing or pasting the password, or have they figured out a way to be impervious to scripted control?

iamtheky · November 9, 2018

can you send TAB and see your cursor move to that control?

AdamUL · November 9, 2018

Try using ControlSetText, and see if it works.

Do you have access to DFC.exe?

Adam

Edited November 9, 2018 by AdamUL

Nine · November 9, 2018

after ^v shouldn't you send a {enter} key ?

or do before pasting a MouseClick ("left",$x,$y,1) in the middle of the pw field to see if that helps

Edited November 9, 2018 by Nine

orbs · November 9, 2018

@timmy2, yes, a program can block simulated keyboard input.

Deep Freeze - like all enterprise security products - has a central management console, through which you can configure the endpoint clients. no other method is going to be simpler, or feasible at all.

do NOT attempt simulating mouse clicks and key presses - this will fail, and will generate a lot more work for you to explain to users WTF is going on. "hello, IT? someone is controlling my workstation! they have started the Deep Freeze program and trying to hack it!". then you need to connect to their workstations and perform the process manually.

timmy2 · November 9, 2018

7 hours ago, iamtheky said:

can you send TAB and see your cursor move to that control?

@iamtheky, thank you for replying. The cursor starts out in that control. But I tried your suggestion to see if the anything would change in the window, but nothing changed.

Edited November 9, 2018 by timmy2

timmy2 · November 9, 2018

6 hours ago, Nine said:

after ^v shouldn't you send a {enter} key ? or do before pasting a MouseClick ("left",$x,$y,1) in the middle of the pw field to see if that helps

Thank you for replying, @Nine

The cursor is already in the password field and if I press Control+v on the keyboard the password immediately pastes into the field (indicated by asterisks). I want to get that far before sending an Enter.

Edited November 9, 2018 by timmy2

timmy2 · November 9, 2018

5 hours ago, orbs said:

@timmy2, yes, a program can block simulated keyboard input.

Deep Freeze - like all enterprise security products - has a central management console, through which you can configure the endpoint clients. no other method is going to be simpler, or feasible at all.

do NOT attempt simulating mouse clicks and key presses - this will fail, and will generate a lot more work for you to explain to users WTF is going on. "hello, IT? someone is controlling my workstation! they have started the Deep Freeze program and trying to hack it!". then you need to connect to their workstations and perform the process manually.

Thank you for responding, @orbs, but Deep Freeze Standard (DFS) is a crippled version of their Enterprise version, without a management console and limited command line capabilities. Mainly, there's no way to automatically or by scripting thaw the system in order to install Windows updates or Defender definitions. DFS is comparable to competitors' free offering. As to the impact of scripted control on users, anything like this would be done after hours.

Edited November 9, 2018 by timmy2

timmy2 · November 9, 2018

7 hours ago, AdamUL said:

Try using ControlSetText, and see if it works.

Do you have access to DFC.exe?

Adam

I'll try ControlSetText, thanks, @AdamUL. As to DFC, I think that's usable only with the Enterprise product.

Edited November 9, 2018 by timmy2

timmy2 · November 9, 2018

6 hours ago, AdamUL said:

Try using ControlSetText, and see if it works.

@AdamUL, thank you for pointing me to ControlSetText. It might work if I can figure out a valid controlID. The docs page about Controls shows three ways to send text to a control, and I've tried all three using values revealed by clicking on the password field with AutoIt v3 Window Info.

I've tried the following three commands in test scripts, along with code showing SendControlText's return value. In all cases it returned a zero. I figure that if it can't find the control my test of ControlSetText is invalid.

ControlSetText("Deep Freeze Standard","","[CLASS:TEdit; INSTANCE:1]","password")

ControlSetText("Deep Freeze Standard","","[CLASSNN:TEdit1]","password")

ControlSetText("Deep Freeze Standard","","TEdit1","password")

Any suggestions how I might be mis-identifying the password entry field?

orbs · November 10, 2018

11 hours ago, timmy2 said:

Deep Freeze Standard (DFS) is a crippled version of their Enterprise version, without a management console and limited command line capabilities

sorry, i missed that. i sure hope the difference in costs covers the additional manual labor you need to put in. i used to work with Deep Freeze Enterprise in the past, and i remember being very impressed and satisfied with the central administration abilities (far more than with the technical solution, to be honest).

if i were you, then before reaching the inevitable conclusion that i have chosen the wrong solution for my environment, i'd contact their support to ask what remote administration options are available for the "Standard" edition. once they reply with "none", i'd start considering either upgrade or alternatives.

but, if what bugs you is only Windows updates, i'd consider another approach: create an image deployment process that is completely automatic (including setting the hostname, and installing Deep Freeze when all is done). then, every month or so, build a clean workstation, apply all Windows updates, image it and deploy all endpoint computers. this, however, is sort of a last resort (last before doing each computer manually, that is), for many obvious reasons.

either way, scripting the GUI is not going to work reliably, if at all.

junkew · November 10, 2018

If its identifyable by simplespy or au3inf i have never had issues getting text scripted into a password textbox.

timmy2 · November 10, 2018

6 hours ago, junkew said:

If its identifyable by simplespy or au3inf i have never had issues getting text scripted into a password textbox.

Good to know there's hope, @junkew. Would you mind looking at my three failed uses of ControlSetText and the accompanying Au3inf screenshot and suggest where I my mistake is?

timmy2 · November 10, 2018

8 hours ago, orbs said:

if i were you, then before reaching the inevitable conclusion that i have chosen the wrong solution for my environment, i'd contact their support to ask what remote administration options are available for the "Standard" edition. once they reply with "none", i'd start considering either upgrade or alternatives.

but, if what bugs you is only Windows updates, i'd consider another approach: create an image deployment process that is completely automatic (including setting the hostname, and installing Deep Freeze when all is done). then, every month or so, build a clean workstation, apply all Windows updates, image it and deploy all endpoint computers. this, however, is sort of a last resort (last before doing each computer manually, that is), for many obvious reasons.

either way, scripting the GUI is not going to work reliably, if at all.

Thank you for replying, @orbs. Yours is an interesting take on the subject, certainly apropos for enterprise. I'm dealing with a group of four public access PCs in a tiny non-profit nursing home. These PCs have been fine just remaining frozen month after month, and aren't thawed and updated until I'm called in to fix something else. But it has bugged me that Windows and Defender updates are not possible solely because Faronics makes it impossible (command line freeze/thaw does not work - despite being in DFS's docs, and their central control software option can't do it either). That's a throwdown challenge, right?

And it should be a very minor one. 30 minutes. Freezing or thawing in DFS's simple GUI involves entering a password, clicking a radio button and then an Okay button. How complicated is that!? So I figured why not try it?

But as so often seems to happen, the Devil's in the details. Have you looked at my ControlSetText attempts or the original script I posted? Can you see where I'm in error (besides thinking this seemingly simple GUI can be controlled by AutoIt)?

junkew · November 11, 2018

How much effort is it worth to find out? Protection mechanisms are there for good reasons. You can in general bypass them all depending on the software you are allowed to install on the machines in question.

Google around on

LLKHF_INJECTED

And you will find ways of bypassing which in worst case is a keyboarddriver running in kernelmode.

timmy2 · November 11, 2018

4 hours ago, junkew said:
How much effort is it worth to find out? Protection mechanisms are there for good reasons. You can in general bypass them all depending on the software you are allowed to install on the machines in question.

Google around on
LLKHF_INJECTED
And you will find ways of bypassing which in worst case is a keyboarddriver running in kernelmode.

Ah, a new twist!

I started with the threshold question, "Can a program block control by AutoIt scripts?", because I wanted to tap into the wisdom of this crowd to know if my failed attempts with Send and ControlSetText were due to simple coding errors or something more daunting -- like the "protection mechanisms" to which you allude. While you have "never had issues getting text scripted into a password textbox", from your latest reply it sounds like much more than simple AutoIt commands are required in this case. I'll pass, and consider switching to a different "boot and restore" solution.

Thank you for your input, @junkew.

orbs · November 11, 2018

6 hours ago, timmy2 said:

I'll pass, and consider switching to a different "boot and restore" solution.

good on you! a better solution for sure.

junkew · November 12, 2018

I do not have your application but you could try uiautomation interfaces to settext or iaccessible. See examples of uiautomation see faq 31 if you cannot find it. Your controls seems to be delphi althoug i am not fully sure on it.

timmy2 · November 30, 2018

On 11/12/2018 at 12:38 AM, junkew said:

I do not have your application but you could try uiautomation interfaces to settext or iaccessible. See examples of uiautomation see faq 31 if you cannot find it. Your controls seems to be delphi althoug i am not fully sure on it.

Thank you for the suggestion, @junkew.

Nine · December 1, 2018

I was wondering if sendinput would work...try this :

Opt ("MustDeclareVars", 1)

Global Const $tagKEYBDINPUT = _
        'word wVk;' & _ ; 2 bytes
        'word wScan;' & _ ; 2 bytes
        'dword dwFlags;' & _ ; 4 bytes
        'dword time;' & _ ; 4 bytes
        'ulong_ptr ExtraInfo;' ; sizeof(ptr) 4 for x86 - 8 for x64

Global Const $tagINPUT = _
        "dword type;" & _
        (@AutoItX64 ? "dword pad;" : "") & _
        "byte DummyUnion[" & (@AutoItX64 ? 32 : 24) & "];"

Global Const $INPUT_KEYBOARD = 1
Global Const $iInputSize = (@AutoItX64 ? 40 : 28)

; ==== Keyboard constants ====
Global Const $KEYEVENTF_KEYUP = 2
Global Const $KEYEVENTF_UNICODE = 4

Global $My_Password = "password"
Global $My_Program = "Deep Freeze Standard"

WinActivate ($My_Program)
WinWaitActive ($My_Program)
_SendEx ($My_Password)

Func _SendInput ($iInputs, $pInputs, $iSize)
Local $aRet

    $aRet = DllCall('user32.dll', 'uint', 'SendInput', 'uint', $iInputs, 'ptr', $pInputs, 'int', $iSize)
    If @error Or Not $aRet[0] Then
      MsgBox (0,"Error","Dll call failure")
      Exit
    endif

EndFunc

Func _SendEx($sString)
Local $tINPUTs, $pINPUTs, $tm

    $tINPUTs = DllStructCreate($tagINPUT)
    $pINPUTs = DllStructGetPtr($tINPUTs)
    $tm = DllStructCreate($tagKEYBDINPUT, DllStructGetPtr($tINPUTs, "DummyUnion"))

    DllStructSetData($tINPUTs, "type", $INPUT_KEYBOARD)

    For $i = 1 To StringLen($sString)

        DllStructSetData($tm, "wScan", AscW(StringMid($sString, $i, 1)))
        DllStructSetData($tm, "dwFlags", $KEYEVENTF_UNICODE)
        _SendInput(1,$pINPUTs,$iInputSize)

        DllStructSetData($tm, "dwFlags", $KEYEVENTF_UNICODE + $KEYEVENTF_KEYUP)
        _SendInput(1,$pINPUTs,$iInputSize)
   Next

   $tINPUTs = 0

EndFunc

Block all input without UAC	Save/Retrieve Images to/from Text	Monitor Management (VCP commands)
Tool to search in text (au3) files	Date Range Picker	Virtual Desktop Manager
Sudoku Game 2020	Overlapped Named Pipe IPC	HotString 2.0 - Hot keys with string
x64 Bitwise Operations	Multi-keyboards HotKeySet	Recursive Array Display
Fast and simple WCD IPC	Multiple Folders Selector	Printer Manager
GIF Animation (cached)	Screen Scraping	Multi-Threading Made Easy

Block all input without UAC	Save/Retrieve Images to/from Text	Monitor Management (VCP commands)
Tool to search in text (au3) files	Date Range Picker	Virtual Desktop Manager
Sudoku Game 2020	Overlapped Named Pipe IPC	HotString 2.0 - Hot keys with string
x64 Bitwise Operations	Multi-keyboards HotKeySet	Recursive Array Display
Fast and simple WCD IPC	Multiple Folders Selector	Printer Manager
GIF Animation (cached)	Screen Scraping	Multi-Threading Made Easy

Can a program block control by AutoIt scripts?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members