Docfxit Posted July 26, 2015 Posted July 26, 2015 (edited) When I restart the script it doesn't recognize that the script is now running with the Runas user.The problem description is on line 48expandcollapse popup#RequireAdmin #include <Array.au3> #include <security.au3> ; Get OWNER from SID. AutoItSetOption('TrayIconDebug', 1) ; Originally created by sergio17 ; Added functunality by Docfxit ; Added Tooltip to show live progress percentage & IP addresses found live and IP addresses skipped ; ; ListComputers.ini ;skip certain IPs like those of servers, JetDirect-Boxes ;----Start of file---- ;Do not place in file ; [skip] ; pc179=Ping ; pc180=INSTALLED ;----End of file---- ;Do not place in file ; Both lines will cause the script to skip IP address $IPString & 179 ; $IPString & 180 Global $IPString = '192.168.168.' Global $IniFile = @ScriptDir & '\ListComputers.log' Global $SkipFile = @ScriptDir & '\ListComputers.ini' Global $StartIP = 1 Global $StopIP = 182 Global $User = "SCANS" ; This is the user that will run on remote PC's Dim $aArrayIPAddressFound[100] ; This array needs to be adjusted to the maximum number of computers found Global $AdminPass, $Percent = 0, $Ping, $RPercent Global $IPAddressFound, $x ; Common $tag_WTS_PROCESS_INFO= _ "DWORD SessionId;" & _ "DWORD ProcessId;" & _ "PTR pProcessName;" & _ "PTR pUserSid" ;This will list the user the process is running as MsgBox(0,"Process by name or number(PID)", "'Owner' of " & @AutoItExe & " is " & _ProcessListOWNER_WTS("AutoIt3.Exe")) $temp=_ProcessListOWNER_WTS() $temp[0][0]="Process" $temp[0][1]="ProcessId" $temp[0][2]="SessionId" $temp[0][3]="ProcessOWNER" ;MsgBox(0, "", _ArrayDisplay($temp, "Process list with OWNER...")) If @UserName <> $User Then ;Check for power user $AdminPass = InputBox("Password Required", "Please enter the password for user " & @CRLF & @CRLF & $User, "", "*") Select Case @error = 0 ;OK - The string returned is valid If StringInStr(@ScriptFullPath, '.au3') Then ; If this script started (Not compiled) restart the script running as the new user ;################################ Problem Description ########################################## ;After the next statement, This script is still running as the current user logged in ;It should run as user SCANS ; The current user is running as administrator ; The $User to runas also runs as administrator ; The MsgBox after RunAs shows there is no error ;################################ END Problem Description ########################################## RunAs($User, @ComputerName, $AdminPass, 1, '"' & @AutoItExe & '" "' & @ScriptFullPath & '"') $RunAsError = @error MsgBox(0, "", "RunAs = " & $User & ", " & @ComputerName & ", " & $AdminPass & ", " & "1" & ", " & '"' & @AutoItExe & '" "' & @ScriptFullPath & '"' & @CRLF & @CRLF & "$RunAsError = " & $RunAsError) Else ; If this script started compiled restart the script running as the new user RunAs($User, @ComputerName, $AdminPass, 2, '"' & @ScriptFullPath & '" ' & $AdminPass) EndIf If @error Then MsgBox(4096 + 32, 'Error', 'Error starting under New User') Exit Case @error = 1 ;The Cancel button was pushed MsgBox(0, "Error1", "The Cancel button was pushed" & @CRLF & "The program will exit") Exit Case @error = 3 ;The InputBox failed to open MsgBox(0, "Error3", "The InputBox failed to open" & @CRLF & "The program will exit") Exit EndSelect Else For $IP = $StartIP To $StopIP Step 1 $Percent = $Percent + 100 / ($StopIP - $StartIP + 1) $RPercent = Round($Percent, 0) ToolTip("Percent Done " & $RPercent & "%" & @CRLF & "IP Addresses Found " & $IPAddressFound, 800, 700) If @IPAddress1 = $IPString & $IP Then ContinueLoop ;IP address of first network adapter If IniRead($SkipFile, 'Skip', 'pc' & $IP, '') = 'Ping' Or IniRead($SkipFile, 'Skip', 'pc' & $IP, '') = 'INSTALLED' Then ; MsgBox(0, "Information", "Skipping = " & "Skipping" & @CRLF & "1 = 1" & @CRLF & "pcexec = Pcexec" & @CRLF & "$IP = " & $IP) Information('Skipping', 1, 'PCEXEC', $IP) ContinueLoop EndIf $IniEntry = IniRead($IniFile, 'pc' & $IP, 'PSEXEC', 'Error'); check for done action (link) If StringInStr($IniEntry, 'Error') Or StringInStr($IniEntry, 'Ping') Then;no entry found $Ping = Ping($IPString & $IP, 150) If $Ping <> '0' Then; ping successful If Not FileExists('\\' & $IPString & $IP & '\c$\Win*') Then; IP not accessible Information('No accessible PC.', 2, 'PSEXEC', $IP) ContinueLoop EndIf ;~ ... Add your code here $x = $x + 1 $aArrayIPAddressFound[$x] = $IPString & $IP $IPAddressFound = "" For $I = 1 To $x If $aArrayIPAddressFound[$I] <> "" Then $IPAddressFound = $IPAddressFound & @CRLF & $aArrayIPAddressFound[$I] EndIf Next ;To copy the new virusdefinitions from our server to to the remote computer (drive C:) and even execute it ; FileCopy('\\server\NAV.exe', '\\' & $IPString & $IP & '\c$\NAV.exe', 1) ; Run('cmd /c psexec.exe \\' & $IPString & $IP & ' cmd /c "C:\NAV.exe /Q"', 'c:', @SW_HIDE) EndIf EndIf Next EndIf Func Information($a, $b, $c, $d); $a=Info, $b=1~ok/2~?/3~bad, $c=Type~Fixe/Link/Task, $d=IP ; MsgBox(0, "Information", "$a = " & $a & @CRLF & "$b = " & $b & @CRLF & "$c = " & $c & @CRLF & "$d = " & $d) Local $State If $b = 1 Then $State = 'Success' ElseIf $b = 2 Then $State = 'Warning' ElseIf $b = 3 Then $State = 'Error' EndIf $x = $x + 1 $aArrayIPAddressFound[$x] = $IPString & $d & " " & $a $IPAddressFound = "" For $I = 1 To $x If $aArrayIPAddressFound[$I] <> "" Then $IPAddressFound = $IPAddressFound & @CRLF & $aArrayIPAddressFound[$I] EndIf Next If Not StringInStr($a, 'Skipping') Then IniWrite($IniFile, 'pc' & $d, $c, $State & ' - ' & $a) EndFunc ;==>Information ; ############ Example code ####################### ;MsgBox(0,"Process by name or number(PID)", "'Owner' of Explorer.exe is " & _ProcessListOWNER_WTS("Explorer.exe")) ;$temp=_ProcessListOWNER_WTS() ;$temp[0][0]="Process" ;$temp[0][1]="ProcessId" ;$temp[0][2]="SessionId" ;$temp[0][3]="ProcessOWNER" ;_ArrayDisplay($temp, "Process list with OWNER...") ; ############################################### ; ############ Show the user a process is running as #################### Func _ProcessListOWNER_WTS($PID=0) Local $i, $ret, $ret1, $mem $ret=DllCall("WTSApi32.dll", "int", "WTSEnumerateProcesses", "int", 0, "int", 0, "int", 1, "ptr*", 0, "int*", 0) Local $array[$ret[5]][4] $mem=DllStructCreate($tag_WTS_PROCESS_INFO,$ret[4]) for $i=0 to $ret[5]-1 $mem=DllStructCreate($tag_WTS_PROCESS_INFO, $ret[4]+($i*DllStructGetSize($mem))) ;if DllStructGetData($mem, "pProcessName") Then $string=DllStructCreate("char[256]", DllStructGetData($mem, "pProcessName")) $array[$i][0]=DllStructGetData($string,1) ;EndIf $array[$i][1]=DllStructGetData($mem, "ProcessId") $array[$i][2]=DllStructGetData($mem, "SessionId") ;if DllStructGetData($mem, "pUserSid") Then $ret1 = _Security__LookupAccountSid(DllStructGetData($mem, "pUserSid")) if IsArray($ret1) Then $array[$i][3]=$ret1[0] ;EndIf Next DllCall("WTSApi32.dll", "int", "WTSFreeMemory", "int", $ret[4]) if $PID Then if IsInt($PID) Then for $i=0 to UBound($array, 1) - 1 if $array[$i][1] = $PID Then Return $array[$i][3] EndIf Next Else for $i=0 to UBound($array, 1) - 1 if $array[$i][0] = $PID Then Return $array[$i][3] EndIf Next EndIf EndIf Return $array EndFunc Thank you,Docfxit Edited July 28, 2015 by Docfxit
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now