Jump to content
Sign in to follow this  
bobneumann

Unlock a locked XP machine

Recommended Posts

I've been trying to deploy a rather involved database client on several hundred machines remotely, and I have no choice but to run it interactively. I'd like to do it overnight. However, many of the target machines are locked, and so I've been looking for a way to unlock the remote machine, run a specified process, and relock it when I'm done.

I think I've found it:

#cs ----------------------------------------------------------------------------

 AutoIt Version: 3.1.1.0
 Author:         Bob Neumann
 Script Name:  Unlocker
 Script Function:
    initiate process on remote workstation that is locked
    
 Notes: This script makes use of Remoteunlocker (in this case stored in c:\pstools\) which can be found here: 
        http://www.codeproject.com/system/RemoteUnlock.asp
        It's license doesn't seem to be a problem.  I can't vouch for its safety or lack of it.  It looked reputable, and I tried it
        in a sandbox without issue.  Your mileage may vary.  Note that exiting from remote unlocker is tricky.  You have to:
            stop the remoteunlockservice
            delete the remoteunlockservice
            delete the 2 remoteunlocker FileS
        If you don't do all those things, you can leave a machine in a hung state from which it HAS to be powercycled by hand.
        
        This script also uses various pstools.  (in this case found in c:\pstools\) Some sticklers may find a problem with their 
        licensing.  You'll have to decide for yourself.
        
 To do:  incorporate a method to check first to see if the remote box is locked:  if it isn't, then just launch the desired process
        the easy way.  If it is locked, then use the hard way that you see below.

#ce ----------------------------------------------------------------------------


MsgBox(48,"are you sure?", "Are you sure to want to try this?")
run("c:\pstools\remoteunlock "&$CmdLine[1])
;is 5 seconds too long or too short?
sleep(5000)
processclose ("remoteunlock.exe")
run("c:\pstools\psexec.exe  \\"&$CmdLine[1]&"  -s -i -d -realtime notepad.exe")
;this next "sleep" is the wildcard:  when are your operations on the remote machine done?  Perhaps before you run an app on the remote box, you roll it
;into an auto-it exe that will trip some kind of a flag that you can monitor:  "does 'such and such' log file exist?" or use
;pslist to see when the process in question is no longer running, etc.  Or copy a self-contained autoit exe file that runs the 
;desired process and then totally cleans up after itself:  (stops its own remoteunlockservice, and then deletes the service and files)
sleep(20000)
run("c:\pstools\psservice.exe  \\"&$CmdLine[1]&" -u adminaccount -p adminpassword stop remoteunlockservice")
sleep(10000)
run("c:\pstools\psexec.exe  \\"&$CmdLine[1]&" -d -realtime sc delete remoteunlockservice")
sleep(10000)
run(@ComSpec & " /c " & 'del \\'&$CmdLine[1]&'\c$\windows\remoteunlockdll.dll', "", @SW_HIDE)
sleep(4000)
run(@ComSpec & " /c " & 'del \\'&$CmdLine[1]&'\c$\windows\remoteunlockservice.exe', "", @SW_HIDE)
MsgBox(1,"done", "done")

The source itself is commented with more details.

I downloaded PSTools and remoteunlocker and put them both in c:\pstools\. This script assumes that. Compile the script (to unlocker.exe, for instance) and run it with the target pc as the first commandline argument: "unlocker.exe myremotepc". It would be trivial either to hardcode the target pc into the script, or to indicate which app to run in the second commandline argument: "unlocker.exe myremotepc c:\windows\notepad.exe"

Now I'm thinking, "If I could use Anygui, I could embed an "unlock this pc" button in the top bar of my VNC Viewer. Wouldn't that be cool? Anybody want to take a whack at that?

Edited by bobneumann

Share this post


Link to post
Share on other sites

I just tried it, and this also works on a local machine. Embed whatever script you want to run in this script, and specify your own machine name as the target: "unlocker.exe (myownmachinename)" (no parentheses)

works like a charm...

Share this post


Link to post
Share on other sites

I just tried it, and this also works on a local machine. Embed whatever script you want to run in this script, and specify your own machine name as the target: "unlocker.exe (myownmachinename)" (no parentheses)

works like a charm...

Thanks, that's interesting - will give it a go later. So it isn't possible to run a script (with mouse movements and mouseclicks) if the target machine is locked?

This kills me as I want to securely run automatic scripts in another user account while I get on with other work in another user account - on the same machine, at the same time.

If you have any ideas, let us know.

Share this post


Link to post
Share on other sites

I got two computer running windows xp. the one 192.168.0.2 is gonna be unlocked by the one 192.168.0.1.

I ran RemoteUnlockService.exe on 192.168.0.2, there is no error reported. but I can not find a process named RemoteUnlockService.exe in taskmanager of windows. Then, I went to 192.168.0.1, and ran RemoteUnlock.exe in the console with the command:

RemoteUnlock 192.168.0.2

An error occured.

here is the output of RemoteUnlock.exe:

RemoteUnlock by Dan Farino

ERROR: error writing files to remote machine

Did I miss something?

Share this post


Link to post
Share on other sites

I got two computer running windows xp. the one 192.168.0.2 is gonna be unlocked by the one 192.168.0.1.

I ran RemoteUnlockService.exe on 192.168.0.2, there is no error reported. but I can not find a process named RemoteUnlockService.exe in taskmanager of windows. Then, I went to 192.168.0.1, and ran RemoteUnlock.exe in the console with the command:

RemoteUnlock 192.168.0.2

An error occured.

here is the output of RemoteUnlock.exe:

RemoteUnlock by Dan Farino

ERROR: error writing files to remote machine

Did I miss something?

It has to be Win2k or XP Pro, because it needs the c$ share. And your current user id has to be admin on the remote machine.

Share this post


Link to post
Share on other sites

Hi friends,

I'm looking for a way to unlock my machine before executing a scheduled AutoIt script and to lock it back again after executing the script. The script has 'Send' command so it is necessary to unlock. The downloads of the page: http://www.codeproject.com/system/RemoteUnlock.asp are broken or not available.

Does anyone have the files: ◦RemoteUnlockService.exe and ◦RemoteUnlockDll.dll? or please suggest some other method to unlock a locked xp system.

Regards,

Pooja.

Share this post


Link to post
Share on other sites

Very interesting. I saw a script (i think) on here a while ago and when it finished running it restarted the pc and auto logged back into that user (with the password already given in teh program) does anyone know a link to it or another similar program please? i cant find it anywhere using search.

thanks


Drunken Frat-Boy Monkey Garbage

Share this post


Link to post
Share on other sites

http://support.microsoft.com/kb/315231

If you have the credentials, and are ok with

(with the password already given in teh program)

I would set the registry entries to let me back in, then clear them when i was finished.


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

Remoteunlock is detected as a virus or malware. Using API's does anybody knows how to unlock my own session by scripting?

I've looked a bit at the code of remoteunlock but couldn't make it work in autoit: http://www.koders.com/cpp/fid1A233D0BFD7492ABC4204274273FE4FC84911367.aspx?s=iostream

What am I doing wrong?

Local Const $DESKTOP_SWITCHDESKTOP = 0x100
$hDesktop = DllCall("User32.dll", "int", "OpenDesktop", "str", "Default", "int", 0, "int", 0, "int", $DESKTOP_SWITCHDESKTOP)
    $iRet = DllCall("User32.dll", "int", "SwitchDesktop", "int", $hDesktop[0])

[topic="51913"]Restrict USB Storage usage to group membership[/topic] * [topic="48699"]Using nircmd library[/topic] * Some admin notes

Share this post


Link to post
Share on other sites

Hi Guys

i eventually found the code i was looking for. It was written by a user called ezzetabi. It auto fixes hard drives but i wanted the code to auto login after a restart. Here it is.

Thanks to ezzetabi for writing it.

AutoItSetOption("MustDeclareVars", 1)
Local $aDrives = DriveGetDrive ( "FIXED" )
Local $c

If Not IsAdmin() Then
   MsgBox(4096 + 16, 'Error', 'You have to be admin for using this.')
Else
   If $cmdline[0] = 0 Then
      Local $sDomain = InputBox('Domain', 'Domain name?', @computername)
      Local $sUserN  = InputBox('User', 'Username?', @username)
      Local $sPass   = InputBox('Password', 'Password?', '', '-')
      
      RegWrite('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'AutoAdminLogon', 'REG_SZ',1)
      RegWrite('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'DefaultDomainName', 'REG_SZ', $sDomain)
      RegWrite('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'DefaultUserName', 'REG_SZ', $sUserN)
      RegWrite('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'DefaultPassword', 'REG_SZ', $sPass)
      
     ;ChkDsk
      For $c = 1 to $aDrives[0] 
         RunWait(@comspec & ' /c echo y|chkdsk ' & $aDrives[$c] & ' /f /r /x', '')
      Next
      
      RegWrite('HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce', 'FixnDefrag', 'REG_SZ', '"' & @ScriptFullPath & '" /secondpart')
      Shutdown(6)
   Else
      RegWrite('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'AutoAdminLogon', 'REG_SZ', 0)
      RegDelete('HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon', 'DefaultPassword')
      
     ;Defrag
      For $c = 1 to $aDrives[0] 
         RunWait(@comspec & ' /c defrag ' & $aDrives[$c] & ' -f', '')
      Next
      Shutdown(13)
   EndIf
EndIf

Drunken Frat-Boy Monkey Garbage

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...