JeffAllenNJ Posted January 16, 2020 Posted January 16, 2020 I can't get RunAs to fail with an invalid password. $pid = RunAs(@UserName, @ComputerName, 'invalidpassword', $RUN_LOGON_NETWORK, @SystemDir & '\calc.exe', @DesktopDir, @SW_HIDE) Why is $pid always non-zero?
Nine Posted January 16, 2020 Posted January 16, 2020 With $RUN_LOGON_NETWORK it implies (from my understanding) that the AutoIt process will authenticate only to access network resources with that specified account, but it will use current credentials to access local resources. All other flags will generate @error and pid will be set to 0. “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Debug Messages Monitor UDF Screen Scraping Round Corner GUI UDF Multi-Threading Made Easy Interface Object based on Tag
JeffAllenNJ Posted January 16, 2020 Author Posted January 16, 2020 (edited) But, using the $RUN_LOGON_NETWORK (2) logon_flag is the only way RunAs will work with a valid password. All other logon_flag values fail with a valid password. The bottom line is I want to be able to detect both cases; (1) RunAs should fail with an invalid password (2) RunAs should succeed with a valid password. Edited January 16, 2020 by jaja714 reword
JeffAllenNJ Posted January 16, 2020 Author Posted January 16, 2020 Here is my test code: #include <AutoItConstants.au3> #include <MsgBoxConstants.au3> For $ii = 1 to 16 $xpid = RunAs(@UserName, @ComputerName, '{validpass}', $ii, @SystemDir & '\calc.exe', @DesktopDir, @SW_HIDE) ProcessClose($xpid) $ypid = RunAs(@UserName, @ComputerName, 'invalidpass', $ii, @SystemDir & '\calc.exe', @DesktopDir, @SW_HIDE) ProcessClose($ypid) ConsoleWrite($ii&@TAB&$xpid&@TAB&$ypid&@crlf) ProcessClose($xpid) Next and here are my results: 1 0 0 2 16960 3024 3 0 0 4 0 0 5 0 0 6 5780 13388 7 0 0 8 0 0 9 0 0 10 9512 6556 11 0 0 12 0 0 13 0 0 14 15844 17612 15 0 0 16 0 0
Nine Posted January 16, 2020 Posted January 16, 2020 My results : 0 6780 0 1 6880 0 2 6300 5412 3 6572 0 4 7552 0 5 1452 0 6 6656 6580 7 5336 0 No need to go further than 7. And 0 is a valid value for RunAs. So it seems to me that your "valid password" is invalid. “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Debug Messages Monitor UDF Screen Scraping Round Corner GUI UDF Multi-Threading Made Easy Interface Object based on Tag
JeffAllenNJ Posted January 16, 2020 Author Posted January 16, 2020 Duh, yes, 7 is a better limit! As far as the password is concerned, why isn't it working? I use it a hundred times a day, so I know it is correct.
JeffAllenNJ Posted January 16, 2020 Author Posted January 16, 2020 Wait, I think I might have to use @LogonDomain instead of @ComputerName. So, when I'm logged into VPN, I will authenticate against that domain but, when I'm not connected, I will authenticate locally.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now