Sign in to follow this  
Followers 0
Joon

Need help converting VBS to Au3

3 posts in this topic

This is a sample VBS from Microsoft Scripting Guy's script repository. This is working fine as VBS but I'm not sure what to create for objSD in AutoIt.

strFolderName = "C:\temp"
SE_DACL_PRESENT = &h4
ACCESS_ALLOWED_ACE_TYPE = &h0
ACCESS_DENIED_ACE_TYPE  = &h1

FILE_ALL_ACCESS      = &h1f01ff
FOLDER_ADD_SUBDIRECTORY = &h000004
FILE_DELETE          = &h010000
FILE_DELETE_CHILD      = &h000040
FOLDER_TRAVERSE      = &h000020
FILE_READ_ATTRIBUTES    = &h000080
FILE_READ_CONTROL      = &h020000
FOLDER_LIST_DIRECTORY   = &h000001
FILE_READ_EA            = &h000008
FILE_SYNCHRONIZE        = &h100000
FILE_WRITE_ATTRIBUTES   = &h000100
FILE_WRITE_DAC        = &h040000
FOLDER_ADD_FILE      = &h000002
FILE_WRITE_EA          = &h000010
FILE_WRITE_OWNER        = &h080000

Set objWMIService = GetObject("winmgmts:")
Set objFolderSecuritySettings = _
objWMIService.Get("Win32_LogicalFileSecuritySetting='" & strFolderName & "'")
intRetVal = objFolderSecuritySettings.GetSecurityDescriptor(objSD)

intControlFlags = objSD.ControlFlags

If intControlFlags AND SE_DACL_PRESENT Then
   arrACEs = objSD.DACL
   For Each objACE in arrACEs
      WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
      If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
         WScript.Echo vbTab & "Allowed:"
      ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
         WScript.Echo vbTab & "Denied:"
      End If
      If objACE.AccessMask AND FILE_ALL_ACCESS Then
         WScript.Echo vbTab & vbTab & "FILE_ALL_ACCESS "
      End If
      If objACE.AccessMask AND FOLDER_ADD_SUBDIRECTORY Then
         WScript.Echo vbTab & vbTab & " FOLDER_ADD_SUBDIRECTORY "
      End If
      If objACE.AccessMask AND FILE_DELETE Then
         WScript.Echo vbTab & vbTab & "FILE_DELETE "
      End If
      If objACE.AccessMask AND FILE_DELETE_CHILD Then
         WScript.Echo vbTab & vbTab & "FILE_DELETE_CHILD "
      End If
      If objACE.AccessMask AND FOLDER_TRAVERSE Then
         WScript.Echo vbTab & vbTab & " FOLDER_TRAVERSE "
      End If
      If objACE.AccessMask AND FILE_READ_ATTRIBUTES Then
         WScript.Echo vbTab & vbTab & "FILE_READ_ATTRIBUTES "
      End If
      If objACE.AccessMask AND FILE_READ_CONTROL Then
         WScript.Echo vbTab & vbTab & "FILE_READ_CONTROL "
      End If
      If objACE.AccessMask AND FOLDER_LIST_DIRECTORY Then
         WScript.Echo vbTab & vbTab & " FOLDER_LIST_DIRECTORY "
      End If
      If objACE.AccessMask AND FILE_READ_EA Then
         WScript.Echo vbTab & vbTab & "FILE_READ_EA "
      End If
      If objACE.AccessMask AND FILE_SYNCHRONIZE Then
         WScript.Echo vbTab & vbTab & "FILE_SYNCHRONIZE "
      End If
      If objACE.AccessMask AND FILE_WRITE_ATTRIBUTES Then
         WScript.Echo vbTab & vbTab & "FILE_WRITE_ATTRIBUTES "
      End If
      If objACE.AccessMask AND FILE_WRITE_DAC Then
         WScript.Echo vbTab & vbTab & "FILE_WRITE_DAC "
      End If
      If objACE.AccessMask AND FOLDER_ADD_FILE Then
         WScript.Echo vbTab & vbTab & " FOLDER_ADD_FILE "
      End If
      If objACE.AccessMask AND FILE_WRITE_EA Then
         WScript.Echo vbTab & vbTab & "FILE_WRITE_EA "
      End If
      If objACE.AccessMask AND FILE_WRITE_OWNER Then
         WScript.Echo vbTab & vbTab & "FILE_WRITE_OWNER "
      End If
   Next
Else
   WScript.Echo "No DACL present in security descriptor"
End If

Share this post


Link to post
Share on other sites



Got it. Thanks for looking.

Share this post


Link to post
Share on other sites

This is a sample VBS from Microsoft Scripting Guy's script repository. This is working fine as VBS but I'm not sure what to create for objSD in AutoIt.

The objSD variable is ByRef set by:

intRetVal = objFolderSecuritySettings.GetSecurityDescriptor(objSD)

Full translation to AutoIt is:

Dim $strFolderName = "C:\temp"

Dim $SE_DACL_PRESENT = 0x4
Dim $ACCESS_ALLOWED_ACE_TYPE = 0x0
Dim $ACCESS_DENIED_ACE_TYPE = 0x1
Dim $FILE_ALL_ACCESS = 0x1f01ff
Dim $FOLDER_ADD_SUBDIRECTORY = 0x000004
Dim $FILE_DELETE = 0x010000
Dim $FILE_DELETE_CHILD = 0x000040
Dim $FOLDER_TRAVERSE = 0x000020
Dim $FILE_READ_ATTRIBUTES = 0x000080
Dim $FILE_READ_CONTROL = 0x020000
Dim $FOLDER_LIST_DIRECTORY = 0x000001
Dim $FILE_READ_EA = 0x000008
Dim $FILE_SYNCHRONIZE = 0x100000
Dim $FILE_WRITE_ATTRIBUTES = 0x000100
Dim $FILE_WRITE_DAC = 0x040000
Dim $FOLDER_ADD_FILE = 0x000002
Dim $FILE_WRITE_EA = 0x000010
Dim $FILE_WRITE_OWNER = 0x080000

Dim $objWMIService = ObjGet("winmgmts:")
Dim $objFolderSecuritySettings = $objWMIService.Get ("Win32_LogicalFileSecuritySetting='" & $strFolderName & "'")
Dim $objSD
Dim $intRetVal = $objFolderSecuritySettings.GetSecurityDescriptor ($objSD)
Dim $intControlFlags = $objSD.ControlFlags

If $intControlFlags And $SE_DACL_PRESENT Then
    Dim $strMsg = "", $objACE
    Dim $arrACEs = $objSD.DACL
    For $objACE In $arrACEs
        $strMsg &= $objACE.Trustee.Domain & "\" & $objACE.Trustee.Name
        
        If $objACE.AceType = $ACCESS_ALLOWED_ACE_TYPE Then
            $strMsg &= @TAB & "Allowed:" & @CRLF
        ElseIf $objACE.AceType = $ACCESS_DENIED_ACE_TYPE Then
            $strMsg &= @TAB & "Denied:" & @CRLF
        EndIf

        If $objACE.AccessMask And $FILE_ALL_ACCESS Then $strMsg &= @TAB & @TAB & "FILE_ALL_ACCESS " & @CRLF
        If $objACE.AccessMask And $FOLDER_ADD_SUBDIRECTORY Then $strMsg &= @TAB & @TAB & "FOLDER_ADD_SUBDIRECTORY " & @CRLF
        If $objACE.AccessMask And $FILE_DELETE Then $strMsg &= @TAB & @TAB & "FILE_DELETE " & @CRLF
        If $objACE.AccessMask And $FILE_DELETE_CHILD Then $strMsg &= @TAB & @TAB & "FILE_DELETE_CHILD " & @CRLF
        If $objACE.AccessMask And $FOLDER_TRAVERSE Then $strMsg &= @TAB & @TAB & "FOLDER_TRAVERSE " & @CRLF
        If $objACE.AccessMask And $FILE_READ_ATTRIBUTES Then $strMsg &= @TAB & @TAB & "FILE_READ_ATTRIBUTES " & @CRLF
        If $objACE.AccessMask And $FILE_READ_CONTROL Then $strMsg &= @TAB & @TAB & "FILE_READ_CONTROL " & @CRLF
        If $objACE.AccessMask And $FOLDER_LIST_DIRECTORY Then $strMsg &= @TAB & @TAB & "FOLDER_LIST_DIRECTORY " & @CRLF
        If $objACE.AccessMask And $FILE_READ_EA Then $strMsg &= @TAB & @TAB & "FILE_READ_EA " & @CRLF
        If $objACE.AccessMask And $FILE_SYNCHRONIZE Then $strMsg &= @TAB & @TAB & "FILE_SYNCHRONIZE " & @CRLF
        If $objACE.AccessMask And $FILE_WRITE_ATTRIBUTES Then $strMsg &= @TAB & @TAB & "FILE_WRITE_ATTRIBUTES " & @CRLF
        If $objACE.AccessMask And $FILE_WRITE_DAC Then $strMsg &= @TAB & @TAB & "FILE_WRITE_DAC " & @CRLF
        If $objACE.AccessMask And $FOLDER_ADD_FILE Then $strMsg &= @TAB & @TAB & "FOLDER_ADD_FILE " & @CRLF
        If $objACE.AccessMask And $FILE_WRITE_EA Then $strMsg &= @TAB & @TAB & "FILE_WRITE_EA " & @CRLF
        If $objACE.AccessMask And $FILE_WRITE_OWNER Then $strMsg &= @TAB & @TAB & "FILE_WRITE_OWNER " & @CRLF
    Next
Else
    $strMsg = "No DACL present in security descriptor"
EndIf
ConsoleWrite($strMsg)

I did change the functionality to assemble all the outputs before writing to the console only once, but you can revert that by changing all the "$strMsg &= " parts to multiple ConsoleWrite()'s.

:whistle:


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0