Docfxit Posted July 26, 2015 Share Posted July 26, 2015 (edited) When I restart the script it doesn't recognize that the script is now running with the Runas user.The problem description is on line 48expandcollapse popup#RequireAdmin #include <Array.au3> #include <security.au3> ; Get OWNER from SID. AutoItSetOption('TrayIconDebug', 1) ; Originally created by sergio17 ; Added functunality by Docfxit ; Added Tooltip to show live progress percentage & IP addresses found live and IP addresses skipped ; ; ListComputers.ini ;skip certain IPs like those of servers, JetDirect-Boxes ;----Start of file---- ;Do not place in file ; [skip] ; pc179=Ping ; pc180=INSTALLED ;----End of file---- ;Do not place in file ; Both lines will cause the script to skip IP address $IPString & 179 ; $IPString & 180 Global $IPString = '192.168.168.' Global $IniFile = @ScriptDir & '\ListComputers.log' Global $SkipFile = @ScriptDir & '\ListComputers.ini' Global $StartIP = 1 Global $StopIP = 182 Global $User = "SCANS" ; This is the user that will run on remote PC's Dim $aArrayIPAddressFound[100] ; This array needs to be adjusted to the maximum number of computers found Global $AdminPass, $Percent = 0, $Ping, $RPercent Global $IPAddressFound, $x ; Common $tag_WTS_PROCESS_INFO= _ "DWORD SessionId;" & _ "DWORD ProcessId;" & _ "PTR pProcessName;" & _ "PTR pUserSid" ;This will list the user the process is running as MsgBox(0,"Process by name or number(PID)", "'Owner' of " & @AutoItExe & " is " & _ProcessListOWNER_WTS("AutoIt3.Exe")) $temp=_ProcessListOWNER_WTS() $temp[0][0]="Process" $temp[0][1]="ProcessId" $temp[0][2]="SessionId" $temp[0][3]="ProcessOWNER" ;MsgBox(0, "", _ArrayDisplay($temp, "Process list with OWNER...")) If @UserName <> $User Then ;Check for power user $AdminPass = InputBox("Password Required", "Please enter the password for user " & @CRLF & @CRLF & $User, "", "*") Select Case @error = 0 ;OK - The string returned is valid If StringInStr(@ScriptFullPath, '.au3') Then ; If this script started (Not compiled) restart the script running as the new user ;################################ Problem Description ########################################## ;After the next statement, This script is still running as the current user logged in ;It should run as user SCANS ; The current user is running as administrator ; The $User to runas also runs as administrator ; The MsgBox after RunAs shows there is no error ;################################ END Problem Description ########################################## RunAs($User, @ComputerName, $AdminPass, 1, '"' & @AutoItExe & '" "' & @ScriptFullPath & '"') $RunAsError = @error MsgBox(0, "", "RunAs = " & $User & ", " & @ComputerName & ", " & $AdminPass & ", " & "1" & ", " & '"' & @AutoItExe & '" "' & @ScriptFullPath & '"' & @CRLF & @CRLF & "$RunAsError = " & $RunAsError) Else ; If this script started compiled restart the script running as the new user RunAs($User, @ComputerName, $AdminPass, 2, '"' & @ScriptFullPath & '" ' & $AdminPass) EndIf If @error Then MsgBox(4096 + 32, 'Error', 'Error starting under New User') Exit Case @error = 1 ;The Cancel button was pushed MsgBox(0, "Error1", "The Cancel button was pushed" & @CRLF & "The program will exit") Exit Case @error = 3 ;The InputBox failed to open MsgBox(0, "Error3", "The InputBox failed to open" & @CRLF & "The program will exit") Exit EndSelect Else For $IP = $StartIP To $StopIP Step 1 $Percent = $Percent + 100 / ($StopIP - $StartIP + 1) $RPercent = Round($Percent, 0) ToolTip("Percent Done " & $RPercent & "%" & @CRLF & "IP Addresses Found " & $IPAddressFound, 800, 700) If @IPAddress1 = $IPString & $IP Then ContinueLoop ;IP address of first network adapter If IniRead($SkipFile, 'Skip', 'pc' & $IP, '') = 'Ping' Or IniRead($SkipFile, 'Skip', 'pc' & $IP, '') = 'INSTALLED' Then ; MsgBox(0, "Information", "Skipping = " & "Skipping" & @CRLF & "1 = 1" & @CRLF & "pcexec = Pcexec" & @CRLF & "$IP = " & $IP) Information('Skipping', 1, 'PCEXEC', $IP) ContinueLoop EndIf $IniEntry = IniRead($IniFile, 'pc' & $IP, 'PSEXEC', 'Error'); check for done action (link) If StringInStr($IniEntry, 'Error') Or StringInStr($IniEntry, 'Ping') Then;no entry found $Ping = Ping($IPString & $IP, 150) If $Ping <> '0' Then; ping successful If Not FileExists('\\' & $IPString & $IP & '\c$\Win*') Then; IP not accessible Information('No accessible PC.', 2, 'PSEXEC', $IP) ContinueLoop EndIf ;~ ... Add your code here $x = $x + 1 $aArrayIPAddressFound[$x] = $IPString & $IP $IPAddressFound = "" For $I = 1 To $x If $aArrayIPAddressFound[$I] <> "" Then $IPAddressFound = $IPAddressFound & @CRLF & $aArrayIPAddressFound[$I] EndIf Next ;To copy the new virusdefinitions from our server to to the remote computer (drive C:) and even execute it ; FileCopy('\\server\NAV.exe', '\\' & $IPString & $IP & '\c$\NAV.exe', 1) ; Run('cmd /c psexec.exe \\' & $IPString & $IP & ' cmd /c "C:\NAV.exe /Q"', 'c:', @SW_HIDE) EndIf EndIf Next EndIf Func Information($a, $b, $c, $d); $a=Info, $b=1~ok/2~?/3~bad, $c=Type~Fixe/Link/Task, $d=IP ; MsgBox(0, "Information", "$a = " & $a & @CRLF & "$b = " & $b & @CRLF & "$c = " & $c & @CRLF & "$d = " & $d) Local $State If $b = 1 Then $State = 'Success' ElseIf $b = 2 Then $State = 'Warning' ElseIf $b = 3 Then $State = 'Error' EndIf $x = $x + 1 $aArrayIPAddressFound[$x] = $IPString & $d & " " & $a $IPAddressFound = "" For $I = 1 To $x If $aArrayIPAddressFound[$I] <> "" Then $IPAddressFound = $IPAddressFound & @CRLF & $aArrayIPAddressFound[$I] EndIf Next If Not StringInStr($a, 'Skipping') Then IniWrite($IniFile, 'pc' & $d, $c, $State & ' - ' & $a) EndFunc ;==>Information ; ############ Example code ####################### ;MsgBox(0,"Process by name or number(PID)", "'Owner' of Explorer.exe is " & _ProcessListOWNER_WTS("Explorer.exe")) ;$temp=_ProcessListOWNER_WTS() ;$temp[0][0]="Process" ;$temp[0][1]="ProcessId" ;$temp[0][2]="SessionId" ;$temp[0][3]="ProcessOWNER" ;_ArrayDisplay($temp, "Process list with OWNER...") ; ############################################### ; ############ Show the user a process is running as #################### Func _ProcessListOWNER_WTS($PID=0) Local $i, $ret, $ret1, $mem $ret=DllCall("WTSApi32.dll", "int", "WTSEnumerateProcesses", "int", 0, "int", 0, "int", 1, "ptr*", 0, "int*", 0) Local $array[$ret[5]][4] $mem=DllStructCreate($tag_WTS_PROCESS_INFO,$ret[4]) for $i=0 to $ret[5]-1 $mem=DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4]+($i*DllStructGetSize($mem))) ;if DllStructGetData($mem, "pProcessName") Then $string=DllStructCreate("char[256]", DllStructGetData($mem, "pProcessName")) $array[$i][0]=DllStructGetData($string,1) ;EndIf $array[$i][1]=DllStructGetData($mem, "ProcessId") $array[$i][2]=DllStructGetData($mem, "SessionId") ;if DllStructGetData($mem, "pUserSid") Then $ret1 = _Security__LookupAccountSid(DllStructGetData($mem, "pUserSid")) if IsArray($ret1) Then $array[$i][3]=$ret1[0] ;EndIf Next DllCall("WTSApi32.dll", "int", "WTSFreeMemory", "int", $ret[4]) if $PID Then if IsInt($PID) Then for $i=0 to UBound($array, 1) - 1 if $array[$i][1] = $PID Then Return $array[$i][3] EndIf Next Else for $i=0 to UBound($array, 1) - 1 if $array[$i][0] = $PID Then Return $array[$i][3] EndIf Next EndIf EndIf Return $array EndFunc Thank you,Docfxit Edited July 28, 2015 by Docfxit Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now