BrandonD Posted May 17, 2021 Share Posted May 17, 2021 I have a script running originally on Server 2012 R2 that had stopped working. Essentially the script will launch Quickbooks, enter in the password for the company file, and launch the file in multi user mode. This script had been working just fine up until a couple months ago. The way the script works is that it keys in the password in two parts, first the initial part of the password, and then the special character. As it sits currently, the script now only enters in the special character, and the script fails. The script is added below (I have masked the password and company file name with *'s) : #ce ---------------------------------------------------------------------------- #Include <Array.au3> #Include <WinAPIEx.au3> #include <MsgBoxConstants.au3> #requireadmin $pass = "********" ;password without '!' symbol $prompt = MsgBox(1,"Auto-launch", "Auto launch starting in: 20 seconds. Press cancel to abort", 20) If $prompt = 1 or $prompt = -1 Then WinMinimizeAll();Minimize all open windows _launchQB() _launchacowin() Run("rundll32.exe user32.dll,LockWorkStation") ; Lock user session ElseIf $prompt = 2 Then MsgBox("","Auto-launch","aborted") Exit EndIf Func _launchQB();Launch Quickbooks $iPID = Run('"C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 21.0\QBW32EnterpriseContractor.exe" -QFM Q:\*******.QBW -NoShowLoadingQBWnd') ;Launch quickbooks using correct datafile sleep(10000) $update = WinWait("[CLASS:MauuiMessage]","",20) ;Check if qb prompts for update if $update <> 0 Then ;if update prompt $hWnd = WinGetHandle("[CLASS:MauuiMessage]") WinClose($hWnd) ;close window and proceed EndIf $login = WinWait("[CLASS:MauiForm]","",20) ; wait for login prompt $hWnd = WinGetHandle("[CLASS:MauiForm]") ;find login form WinActivate($hWnd) ; activate login form ControlSend($hWnd,"","[CLASS:Edit; INSTANCE:2]",$pass) ; activate password textbox and send password Send("{!}");send special symbol WinActivate($hWnd) Send("{enter}") ; send enter key after password entered sleep(10000) $hWnd3 = WinGetHandle("[CLASS:MauiFrame]") WinSetState($hWnd3,"",@SW_MINIMIZE) ;minimize QB sleep(5000) EndFunc Func _launchacowin() ;Launch acowin $iPID = Run("C:\Program Files (x86)\Acowin\LicenseMgr.exe","C:\Program Files (x86)\Acowin") ; Launch acowin *must give in start in path or app will error sleep(5000) $login2 = WinWait("[CLASS:WindowsForms10.Window.8.app.0.141b42a_r12_ad1]","",30) ; wait for Acowin window $hWnd4 = WinGetHandle("Acowin License Manager","") ; Activate Acowin Window WinActivate($hWnd4) ;Activate Acowin window $hWnd5 = ControlGetHandle($hWnd4,"","[NAME:button_qb_connect]"); find "Connect to QB" button WinActivate($hWnd5) ;Activate Window ControlClick($hWnd4, "", "[NAME:button_qb_connect]") ; Press "Connect to QB" button WinSetState($hWnd4, "", @SW_MINIMIZE) ;minimize QB EndFunc _____ Any help would be most appreciated Thanks! Brandon Link to comment Share on other sites More sharing options...
BigDaddyO Posted May 17, 2021 Share Posted May 17, 2021 your password is sent using ControlSend() and the special symbol is sent with just a Send() So, i'm assuming you need to verify that the $hWnd is actually being returned when you use WinGetHandle with some actual error checking and maybe double check with the Au3Info tool to make sure the Class:edit instance 2 is still valid. Link to comment Share on other sites More sharing options...
Confuzzled Posted May 18, 2021 Share Posted May 18, 2021 Off topic about password management, but a STRONG warning that usually hard coding a plain text password into your code is VERY, VERY bad security. It will come back to bite you HARD, especially if somebody else changes the QuickBooks password and your code does not work any more, you edit your source code, and then leave it lying around for nefarious types to find it. System dumps and logs may also have traces left in them for casual perusal. Where do you keep the AutoIt source code, in case you are hit by a bus? GitHub, for all the world to see? Does the enterprise version of QuickBooks have facilities to do what you need without having to launch it with an AutoIt wrapper? If not, maybe ask for it as a feature in their next version. I'm sure you are not the first person needing this type of functionality. Their security folks will have a more secure approach to storing the password securely, rather than plain text. I know I haven't helped answer your code question, but maybe the question you are asking about is not the question that is appropriate for your organisation. Hackers do not sleep and search engines such as Shodan can make skript kiddies lives very easy to hack you. Hindsight can be a harsh teacher! Link to comment Share on other sites More sharing options...
BrandonD Posted May 18, 2021 Author Share Posted May 18, 2021 I understand the security risks associated with having the passwords in plain text, especially for those who seek to infiltrate the network. They basically want automation in the event of server reboots. If there is a better way to achieve this securely I am all for it. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now