How to use BeyondTrust API by using AutoIt

[Veerababu]

HI Team, As BeyondTrust API using POST, GET methods in different program languages (C++,Java, Python, Powershell). is there any way to use AutoIT to use the same.

 

Apricated for your help.

Thank you 

[Veerababu]

Example: Powershell Powershell

$headers = @{ Authorization="PS-Auth key=c479a66f…c9484d; runas=doe-main\johndoe;"; }; $uri = " /Auth/SignAppin"; $signinResult = Invoke-RestMethod -Uri $uri -Method POST -Headers $headers -SessionVariable script:session;

$uri = " /ManagedAccounts"; $accounts = Invoke-RestMethod -Uri $uri -Method GET -WebSession $script:session -Headers $headers;

[Danp2]

You may want to check out the WinHTTP UDF.

 

[Veerababu]

HI Dan, i got below AutoIT code, however getting error like ( SEND ERROR : (0x80020009) The host name in the certificate is invalid or does not match.

 

#include "WinHttp.au3"


post_authentication_test()

Func post_authentication_test()
    Local $oHttp   = Null, _
          $oComErr = Null

    Local $iHttpStatus = 0

    Local $sResponse = "", _
          $sPostData = ""

    ConsoleWrite(@CRLF & "Executing API" & @CRLF)

    ;Set COM error handler
    $oComErr = ObjEvent("AutoIT.Error", "com_error_handler")

    ;Create a HTTP COM object
    $oHttp = ObjCreate("winhttp.winhttprequest.5.1")
    If @error Then
        ConsoleWrite("Unable to create http request object." & @CRLF)
        Exit -1
    EndIf
    ConsoleWrite("WinHttpRequest object created." & @CRLF)

    With $oHttp


        ;Open POST request
        $hrequest = .Open("POST", "https://<Domain>/BeyondTrust/api/public/v3/Auth/SignAppin", False)

        ;Set request headers and options
        .SetRequestHeader( "Content-Type", "application/json")
        .SetRequestHeader( "authorization", "PS-Auth key=<API Key>; runas=<API User>; pwd=[<Password>];")

        ;Send request
        .Send($hrequest)
        If @error Then
            ConsoleWrite(StringFormat("SEND ERROR: (0x%X) %s", $oComErr.Number, $oComErr.Description) & @CRLF)
            Return
        EndIf

        ;Get status code and response
        $iHttpStatus = .Status
        $sResponse   = .ResponseText

        ;If status code isn't okay
        If $iHttpStatus <> 200 Then
            ConsoleWrite("HTTP Status  : " & String($iHttpStatus) & @CRLF)
            ConsoleWrite("HTTP Response: " & @CRLF & $sResponse & @CRLF)
            Return
        EndIf
    EndWith

    ConsoleWrite("API Response:" & @CRLF & $sResponse & @CRLF)
EndFunc

Func com_error_handler($oError)
    Return
EndFunc

[JockoDundee]

2 hours ago, Veerababu said:

HI Dan, i got below AutoIT code, however getting error like ( SEND ERROR : (0x80020009)

Maybe ask @Homoud or @LtNeno?

Also, I know @TheXman’s code when I see it.

 

[TheXman]

1 minute ago, JockoDundee said:

Maybe ask @Homoud or @LtNeno?

That was exactly what I was thinking when I saw the post earlier this morning.  🤣

 

2 minutes ago, JockoDundee said:

Also, I know @TheXman’s code when I see it.

That's hilarious!  So not only do I recognize my code when I see it, but now you do too.  🤣

[TheXman]

5 hours ago, Veerababu said:

The host name in the certificate is invalid or does not match.

That is a very explicit error message.  To fix it, you have several options.  Here are a few:

1. If you have a host name that has a valid SSL certificate, then use it. (i.e. https://some.example.com/...)
    
2. If you don't have a host name with a valid SSL certificate:
   Set the Option property of the WinHttpRequest object to ignore the SSL error.
   or
   Get an SSL certificate for the host name that you are using and install it on the web server.
    
3. Use HTTP instead of HTTPS, if it's an option (only for testing of course )

 

Edited June 9, 2021 by TheXman