Jump to content

Can't get tpmtool to output


Go to solution Solved by TheXman,

Recommended Posts

Hi all,

I'm attempting to grab stdout/stderr output from C:\Windows\System32\tpmtool.exe using parameter getdeviceinformation. My code is as follows:

$iPID = Run(@ComSpec & ' /k tpmtool.exe getdeviceinformation', "", "", $STDERR_CHILD + $STDOUT_CHILD)
Local $sOut0 = ""
Local $sOut1 = ""
While 1
    $sOut0 &= StdoutRead($iPID)
    $sOut1 &= StderrRead($iPID)
    If @error Then ExitLoop
WEnd
MsgBox(0, "Out0", $sOut0)
MsgBox(0, "Out1", $sOut1)
Exit

but only returns (stderr output was also blank):

image.png.2347ef9bba75d98726594633fb8650a0.png

Running from the run prompt with the same parameters gives an output

image.png.c9fe10c429ff1f647c14ec8454abfe58.png

image.png.9deec6e5e2718a148347010a53166c77.png

I've tried piping output using >, clarifying the full file path, clarifying working directory, and a few other attempts. This is likely something incredibly dumb that I'm missing but help is appreciated!

Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites
  • Solution
Posted (edited)
Run ( "program" [, "workingdir" [, show_flag [, opt_flag]]] )

Your main issue was probably the lack of a valid show_flag.  The parameter is optional, but if it is supplied, "" is not a valid value.

This works for me:

#include <Constants.au3>

get_tpm_info_example()

Func get_tpm_info_example()
    Local $iPid

    $iPid = Run("tpmtool.exe getdeviceinformation", "", @SW_HIDE, $STDERR_MERGED)
    If @error Then Exit MsgBox($MB_ICONERROR + $MB_TOPMOST, "ERROR", "Error running command - @error = " & @error)

    If Not ProcessWaitClose("tpmtool.exe", 5) Then Exit MsgBox($MB_ICONERROR + $MB_TOPMOST, "ERROR", "Timed out waiting for process to close.")

    ConsoleWrite(StdoutRead($iPid) & @CRLF)
EndFunc

Console output:

-TPM Present: True
-TPM Version: 2.0
-TPM Manufacturer ID: INTC
-TPM Manufacturer Full Name: Intel
-TPM Manufacturer Version: 11.7.0.3290
-PPI Version: 1.3
-Is Initialized: True
-Ready For Storage: True
-Ready For Attestation: True
-Is Capable For Attestation: True
-Clear Needed To Recover: False
-Clear Possible: True
-TPM Has Vulnerable Firmware: False
-PCR7 Binding State: 2
-Maintenance Task Complete: True
-TPM Spec Version: 1.16
-TPM Errata Date: Friday, January 15, 2016
-PC Client Version: 1.00
-Is Locked Out: False

 

Edited by TheXman
Link to post
Share on other sites
6 minutes ago, TheXman said:

Your main issue was probably the lack of a valid show_flag.  The parameter is optional, but if it is supplied, "" is not a valid value.

This works for me:

#include <Constants.au3>

get_tpm_info_example()

Func get_tpm_info_example()
    Local $iPid

    $iPid = Run("tpmtool.exe getdeviceinformation", "", @SW_HIDE, $STDERR_MERGED)
    If @error Then Exit MsgBox($MB_ICONERROR + $MB_TOPMOST, "ERROR", "Error running command - @error = " & @error)

    ProcessWaitClose("tpmtool.exe", 5)

    ConsoleWrite(StdoutRead($iPid) & @CRLF)
EndFunc

Console output:

-TPM Present: True
-TPM Version: 2.0
-TPM Manufacturer ID: INTC
-TPM Manufacturer Full Name: Intel
-TPM Manufacturer Version: 11.7.0.3290
-PPI Version: 1.3
-Is Initialized: True
-Ready For Storage: True
-Ready For Attestation: True
-Is Capable For Attestation: True
-Clear Needed To Recover: False
-Clear Possible: True
-TPM Has Vulnerable Firmware: False
-PCR7 Binding State: 2
-Maintenance Task Complete: True
-TPM Spec Version: 1.16
-TPM Errata Date: Friday, January 15, 2016
-PC Client Version: 1.00
-Is Locked Out: False

 

I'm thinking there's something wrong with my PC so I'll mark this as solved for now

image.thumb.png.89a015d8de267e49d4a1821bcafa78c5.png

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites
2 minutes ago, TheXman said:

Can you try adding #RequireAdmin to the top of the script?

image.thumb.png.244a3ca39e94770c0adbeda8dcc0d8b2.png

No dice. 

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites

I just ran my script with "" for the show_flag and it was successful, so it is a valid value. 

Not sure why you don't get any output.  :huh2:

Edited by TheXman
Link to post
Share on other sites

I've worked around it using WMI calls. Not really KISS practice but I'm adding in WMI anyway so might as well. I'm assuming something is eating loose stdout/stderr on my computer

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites
Posted (edited)
3 minutes ago, JockoDundee said:

but this IS an output, even if not the desired one.  Where is that coming from?

DF6DE747-C228-4737-A15E-DA5AB4690CCE.jpeg.19893bd2c8bf5927b01d1d008cf2d568.jpeg

Stderr (out1) was blank. Stdout (out0) was not.

Edited by rcmaehl

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites
5 minutes ago, JockoDundee said:

Yes.  Are you doing something in this WhyNotWin11 directory?

Why would it show that string?

That was just the working directory. You can change the result by specifying a different directory as the second parameter, but even specifying C:\Windows\System32 which contains tpmtool did not resolve the issue

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites

 

42 minutes ago, rcmaehl said:

I've worked around it using WMI calls.

I was away from my PC for a bit.  I was going to suggest trying WMI.  :)

Here was my example:

#include <Constants.au3>
#RequireAdmin

example()

Func example()
    Local $oComErr, $oTpm

    $oComErr = ObjEvent("AutoIt.Error", "com_error_handler")
    #forceref $oComErr

    ;Get WMI TPM object
    $oTpm = ObjGet("winmgmts:Root\CIMV2\Security\MicrosoftTpm:Win32_Tpm=@")
    If Not IsObj($oTpm) Then Exit MsgBox($MB_ICONERROR, "ERROR", "Unable to get object.")

    ;Display properties
    With $oTpm
        ConsoleWrite("IsActivated_InitialValue    = " & .IsActivated_InitialValue & @CRLF)
        ConsoleWrite("IsEnabled_InitialValue      = " & .IsEnabled_InitialValue & @CRLF)
        ConsoleWrite("IsOwned_InitialValue        = " & .IsOwned_InitialValue & @CRLF)
        ConsoleWrite("SpecVersion                 = " & .SpecVersion & @CRLF)
        ConsoleWrite("ManufacturerVersion         = " & .ManufacturerVersion & @CRLF)
        ConsoleWrite("ManufacturerVersionInfo     = " & .ManufacturerVersionInfo & @CRLF)
        ConsoleWrite("ManufacturerId              = " & .ManufacturerId & @CRLF)
        ConsoleWrite("PhysicalPresenceVersionInfo = " & .PhysicalPresenceVersionInfo & @CRLF)
    EndWith
EndFunc

Func com_error_handler($oError)
    With $oError
        ConsoleWrite(@CRLF & "COM ERROR DETECTED!" & @CRLF)
        ConsoleWrite("  Error ScriptLine....... " & .scriptline & @CRLF)
        ConsoleWrite("  Error Number........... " & "0x" & Hex(.number) & " (" & .number & ")" & @CRLF)
        ConsoleWrite("  Error WinDescription... " & StringStripWS(.windescription, $STR_STRIPTRAILING) & @CRLF)
        ConsoleWrite("  Error RetCode.......... " & "0x" & Hex(Number(.retcode)) & " (" & Number(.retcode) & ")" & @CRLF)
        ConsoleWrite("  Error Description...... " & StringStripWS(.description   , $STR_STRIPTRAILING) & @CRLF)
    EndWith
    Return ; Return so @error can be trapped by the calling function
EndFunc

Console output:

IsActivated_InitialValue    = True
IsEnabled_InitialValue      = True
IsOwned_InitialValue        = True
SpecVersion                 = 2.0, 0, 1.16
ManufacturerVersion         = 11.7.0.3290
ManufacturerVersionInfo     = Intel           
ManufacturerId              = 1229870147
PhysicalPresenceVersionInfo = 1.3

 

Link to post
Share on other sites
2 minutes ago, JockoDundee said:

The loop stops if either err OR out is EOF.

And the reason that it worked for @TheXmanmay be a timing issue.  But both streams can’t close at exactly the same moment, though within a loop iteration they could.

Code hard, but don’t hard code...

Link to post
Share on other sites
Just now, JockoDundee said:

And the reason that it worked for @TheXmanmay be a timing issue.  But both streams can’t close at exactly the same moment, though within a loop iteration they could.

Yes but @TheXman's script uses $STDERR_MERGED which avoids the issue entirely

My UDFs are generally for me. If they aren't updated for a while, it means I'm not using them myself. As soon as I start using them again, they'll get updated.

My Projects

WhyNotWin11
Cisco FinesseGithubIRC UDFWindowEx UDF

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...