Sign in to follow this  
Followers 0
PowerCat

Feeding currently logged on username and password

9 posts in this topic

I'm writing a script and I'd like to have it enter the username and password of the currently logged in user to another application.

Are there any variables I can use?

How could I do this?

Thanks.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Wow...

I can think of very few non-evil uses for this.

Easiest way is to ask the user for his/her password and then get the name of the user with @UserName.

If you're asking if you can get it without the user's knowledge and/or consent, then ... good luck getting any additional help. Sorry.

#include <String.au3>  ; required for _StringEncrypt()
#include <IE.au3>
$pw = _GetKey()
        Do
            $fTemp = InputBox("Password Entry", "Please enter password", "", "*")
            Switch @error
                Case 1
                    DBP($version, "User pressed cancel.", 20051, $i_debug)
                    Exit 20051
                Case 2
                    DBP($version, "Timeout.", 20052, $i_debug)
                    Exit 20052
                Case 3
                    DBP($version, "Bad Inputbox.", 20053, $i_debug)
                    Exit 20053
            EndSwitch
        Until $fTemp <> "" And @error = 0
        $fTemp = _StringEncrypt(1, $fTemp, $pw, 4)
                    _IEFormElementSetValue($o_RTB_InputPass, _StringEncrypt(0, $fTemp, $pw, 4))

Func _GetKey($i_Length = 128)
    Local $sz_key = '"', $int_Chr
    Do
        $int_Chr = Random(33, 254, 1)
        Switch $int_Chr
            Case 34, 37, 39, 44, 46, 47, 58 To 63, 91 To 96, 128 To 187
                ; reroll
            Case Else
                $sz_key = $sz_key & Chr($int_Chr)
        EndSwitch
    Until StringLen($sz_key) > $i_Length
    $sz_key = $sz_key & '"' 
    Return $sz_key
EndFunc   ;==>_GetKey

Edit: Added code

Edited by Blue_Drache

Lofting the cyberwinds on teknoleather wings, I am...The Blue Drache

Share this post


Link to post
Share on other sites

depends. I know Novell has single signon that does this. No point reinventing the wheel if you don't have too. I believe you would have to capture the Password and ID when the user first entered them. Problem is however, you are stepping close to the darkside as far as what you want to do. It is really dancing around the keylogger thing, and that really upsets people around here....

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

I'm sorry if this sounds evil. Actually it's a very cool use.

I made a shortcut to a website (outlook web access)

But the user always has to login manually.

I wanted to make a script that would log the user into outlook web access automatically based on the user's credentials.

This is a company environment using active directory.

The script would open the website, enter the username and password in the boxes, then it would choose one of the bulletbox and then click login.

The user would have to manually click the script file to have all this done automatically.

However, a prompt for the user's password could be a good idea, as long as it takes their username.

Edited by PowerCat

Share this post


Link to post
Share on other sites

If that is your intent, what I would do is the first time your script is run, ask the user if he or she would like to have the script automatically sign into outlook access. If the user says yes, then have it ask that user for his or her username and password. If the user says no, you probably don't want your script to run anymore. Once the user inputs his or her username and password, save the information to a file located somewhere on the computer. @AppDataDir & "\OutlookAutoLogin\data.dat" or some other uniform location that people normally don't browse through.

Also, you will probably want to encrypt the password with the _StringEncrypt function and use some sort of psuedo hashing algorithm based on the user's name to determine the passphrase to encrypt and decrypt the password.

You will probably want to use an ini format in the data file to make things easier as well. Look at the native INI functions.

I hope that gives you a starting point.

- The Kandie Man ;-)


"So man has sown the wind and reaped the world. Perhaps in the next few hours there will no remembrance of the past and no hope for the future that might have been." & _"All the works of man will be consumed in the great fire after which he was created." & _"And if there is a future for man, insensitive as he is, proud and defiant in his pursuit of power, let him resolve to live it lovingly, for he knows well how to do so." & _"Then he may say once more, 'Truly the light is sweet, and what a pleasant thing it is for the eyes to see the sun.'" - The Day the Earth Caught Fire

Share this post


Link to post
Share on other sites

I'm positive there is a feature integrated into IIS for using single-sign-on for intranet pages.

Share this post


Link to post
Share on other sites

That does sound like a good idea.

Thanks, I think it will be a good way of doing it.

Only problem I can see is when they change their network password!

Share this post


Link to post
Share on other sites

Wow thanks. This is even better.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0