Jump to content
Sign in to follow this  
Syekick

Emulating DOS Syntax "|" in certutil

Recommended Posts

Syekick

I'm attempting (unsuccessfully) to use the following DOS Command into Autoit.

certutil -restorekey -f -p "" c:\|%username%.pfx

Yes, the "|" symbol is required. Otherwise I think what I have done below with the Comspec line would have worked.

Here's are two of the many I have tried.

Run('certutil -restorekey -f -p "" c:\|' & @UserName & '.pfx')

Run(@Comspec & ' /c certutil -restorekey -f -p "" c:\' & ' |' & @UserName & '.pfx')

So I have a syntax error and this one flashes on the screen so fast I'm going blind determining if it can't find the file (which is the problem) or some other error (when I've messed up more poking it with a sharp stick).

I appreicate your help.

Share this post


Link to post
Share on other sites
Kerros

what about ShellExcute/ShellExecuteWait

ShellExecute("certutil",'-restorekey -f -p "" c:\|'&@username&".pfx")


Kerros===============================================================How to learn scripting: Figure out enough to be dangerous, then ask for assistance.

Share this post


Link to post
Share on other sites
blademonkey

run this and tell me what you get

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & '|' & @UserName & '.pfx')
Edited by blademonkey

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites
Syekick

run this and tell me what you get

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & '|' & @UserName & '.pfx')

'DA071129.pfx' is not recognized as

operable program or batch file.

So that's what it was saying so fast I could not read it. Heheh. The file name, DA071129.pfx is correct and located on the root of C:\ And DA071129 is the test user I am running.

Share this post


Link to post
Share on other sites
Syekick

what about ShellExcute/ShellExecuteWait

ShellExecute("certutil",'-restorekey -f -p "" c:\|'&@username&".pfx")

It runs by fast but I think it is arguing about the file name.

Share this post


Link to post
Share on other sites
/dev/null

I'm attempting (unsuccessfully) to use the following DOS Command into Autoit.

certutil -restorekey -f -p "" c:\|%username%.pfx

Yes, the "|" symbol is required. Otherwise I think what I have done below with the Comspec line would have worked.

well the pipe symbol "|" has a special meaning at the DOS command line. So, could you please explain why you think it is needed as a part of the file name?

Cheers

Kurt


__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Share this post


Link to post
Share on other sites
Syekick

well the pipe symbol "|" has a special meaning at the DOS command line. So, could you please explain why you think it is needed as a part of the file name?

Cheers

Kurt

I wish I could. It's part of the required syntax of the certutil line. It is shown in the help files. It will not run at the DOS cmd prompt properly without it. It I leave the "|" out of the dos command, I get "file not found".

From Microsoft:

To restore the CA certificate and keys from a backup directory or a PKCS #12 (.pfx) file

Syntax

certutil-restorekey[-f] [-gmt] [-seconds] [-v] [-configCAMachineName\CAName] [-pPassword] BackupDirectory|PFXFile

If I run "certutil -restorekey -f -p "" c:\|%username%.pfx" at the command line it brings up the dialog box from part of the certmgr.msc. I could take it from there by doing my thing with the windows boxes as I've done in the past with Autoit.

Edited by Syekick

Share this post


Link to post
Share on other sites
blademonkey

try the following as individual alternatives(ie not consecutive):

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & ' ^|' & @UserName & '.pfx')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìyðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites
Syekick

try the following as individual alternatives(ie not consecutive):

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & ' ^|' & @UserName & '.pfx')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìyðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì
1. Results in:

402.203.0: 0x80070057 (WIN32: 87): ..CertCli Version

Expected no more than 1 args, received 2

CertUtil: Too many arguments

2. Results in:

'DI07Z79.pfx' is not recognized as an internal or external command,

operable program or batch file.

3. Results in:

402.203.0: 0x80070057 (WIN32: 87): ..CertCli Version

Expected no more than 1 args, received 2

CertUtil: Too many arguments

Share this post


Link to post
Share on other sites
blademonkey

can you post your entire script? is there something else going on that we're not aware of?


---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites
Xandl

Hello,

doesn't that simply mean "OR", i.e. either specify a path OR the filename?

ciao

Xandl

Share this post


Link to post
Share on other sites
Syekick

can you post your entire script? is there something else going on that we're not aware of?

That is the entire script at the moment. Once I get the windows screen up I will continue.

On the other hand, can I call a windows batch file from within Autoit and when the resultant Windows screen pops up continue on with WinWaitActive ?

Share this post


Link to post
Share on other sites
Danny35d

'DA071129.pfx' is not recognized as

operable program or batch file.

Add the working directory

Run(@Comspec & ' /k (certutil -restorekey -f -p "" c:\' & ' |' & @UserName & '.pfx)', @TempDir)

AutoIt Scripts:NetPrinter - Network Printer UtilityRobocopyGUI - GUI interface for M$ robocopy command line

Share this post


Link to post
Share on other sites
blademonkey

ya that's what I'm thinking but the documentation is a tad sketchy. Plus it works perfectly for him when he types this same exact command in a dos window.

Syekick what happens if you run any of the following

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites
Syekick

Hello,

doesn't that simply mean "OR", i.e. either specify a path OR the filename?

ciao

Xandl

Not certain of Microsofts intent. The backupdirectory typically resides on the Certificate Authority (CA) server. So it is expecting the format of directory|filename. As I mentioned, it works fine at the command line with the "|". It will not work without it.

A batch file with the single line

certutil -restorekey -f -p "" c:\|%username%.pfx

returns the attached result. See cert.jpg

post-31369-1201122296_thumb.jpg

Share this post


Link to post
Share on other sites
weaponx

The pipe allows one programs output to be used as another's input

Share this post


Link to post
Share on other sites
Syekick

Add the working directory

Run(@Comspec & ' /k (certutil -restorekey -f -p "" c:\' & ' |' & @UserName & '.pfx)', @TempDir)

Returns:

'DI07Z79.pfx' is not recognized as an internal or external command,

operable program or batch file.

Share this post


Link to post
Share on other sites
blademonkey

Returns:

'DI07Z79.pfx' is not recognized as an internal or external command,

operable program or batch file.

try this

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & '|' & @UserName & '.pfx', 'c:\')

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Share this post


Link to post
Share on other sites
Syekick

ya that's what I'm thinking but the documentation is a tad sketchy. Plus it works perfectly for him when he types this same exact command in a dos window.

Syekick what happens if you run any of the following

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤
Both result in "the system can not find the file specified" certutil or username.pfx I don't know which.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×