Jump to content

Emulating DOS Syntax "|" in certutil

Syekick

By Syekick,
in AutoIt General Help and Support

 Share

Recommended Posts

Syekick Seeker

Syekick

Posted
Posted

I'm attempting (unsuccessfully) to use the following DOS Command into Autoit.

certutil -restorekey -f -p "" c:\|%username%.pfx

Yes, the "|" symbol is required. Otherwise I think what I have done below with the Comspec line would have worked.

Here's are two of the many I have tried.

Run('certutil -restorekey -f -p "" c:\|' & @UserName & '.pfx')

Run(@Comspec & ' /c certutil -restorekey -f -p "" c:\' & ' |' & @UserName & '.pfx')

So I have a syntax error and this one flashes on the screen so fast I'm going blind determining if it can't find the file (which is the problem) or some other error (when I've messed up more poking it with a sharp stick).

I appreicate your help.

Link to comment
Share on other sites
Kerros Polymath

Kerros

Posted
Posted

what about ShellExcute/ShellExecuteWait

ShellExecute("certutil",'-restorekey -f -p "" c:\|'&@username&".pfx")

Kerros===============================================================How to learn scripting: Figure out enough to be dangerous, then ask for assistance.

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

run this and tell me what you get

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & '|' & @UserName & '.pfx')

'DA071129.pfx' is not recognized as

operable program or batch file.

So that's what it was saying so fast I could not read it. Heheh. The file name, DA071129.pfx is correct and located on the root of C:\ And DA071129 is the test user I am running.

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted

I'm attempting (unsuccessfully) to use the following DOS Command into Autoit.

certutil -restorekey -f -p "" c:\|%username%.pfx

Yes, the "|" symbol is required. Otherwise I think what I have done below with the Comspec line would have worked.

well the pipe symbol "|" has a special meaning at the DOS command line. So, could you please explain why you think it is needed as a part of the file name?

Cheers

Kurt

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted (edited)

well the pipe symbol "|" has a special meaning at the DOS command line. So, could you please explain why you think it is needed as a part of the file name?

Cheers

Kurt

I wish I could. It's part of the required syntax of the certutil line. It is shown in the help files. It will not run at the DOS cmd prompt properly without it. It I leave the "|" out of the dos command, I get "file not found".

From Microsoft:

To restore the CA certificate and keys from a backup directory or a PKCS #12 (.pfx) file

Syntax

certutil-restorekey[-f] [-gmt] [-seconds] [-v] [-configCAMachineName\CAName] [-pPassword] BackupDirectory|PFXFile

If I run "certutil -restorekey -f -p "" c:\|%username%.pfx" at the command line it brings up the dialog box from part of the certmgr.msc. I could take it from there by doing my thing with the windows boxes as I've done in the past with Autoit.

Edited by Syekick
Link to comment
Share on other sites
blademonkey Universalist

blademonkey

Posted
Posted

try the following as individual alternatives(ie not consecutive):

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & ' ^|' & @UserName & '.pfx')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìyðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

try the following as individual alternatives(ie not consecutive):

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\' & ' ^|' & @UserName & '.pfx')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìèÀäÈìÌäìµÀìÌäìyðÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì
1. Results in:

402.203.0: 0x80070057 (WIN32: 87): ..CertCli Version

Expected no more than 1 args, received 2

CertUtil: Too many arguments

2. Results in:

'DI07Z79.pfx' is not recognized as an internal or external command,

operable program or batch file.

3. Results in:

402.203.0: 0x80070057 (WIN32: 87): ..CertCli Version

Expected no more than 1 args, received 2

CertUtil: Too many arguments

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

can you post your entire script? is there something else going on that we're not aware of?

That is the entire script at the moment. Once I get the windows screen up I will continue.

On the other hand, can I call a windows batch file from within Autoit and when the resultant Windows screen pops up continue on with WinWaitActive ?

Link to comment
Share on other sites
blademonkey Universalist

blademonkey

Posted
Posted

ya that's what I'm thinking but the documentation is a tad sketchy. Plus it works perfectly for him when he types this same exact command in a dos window.

Syekick what happens if you run any of the following 

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

Hello,

doesn't that simply mean "OR", i.e. either specify a path OR the filename?

ciao

Xandl

Not certain of Microsofts intent. The backupdirectory typically resides on the Certificate Authority (CA) server. So it is expecting the format of directory|filename. As I mentioned, it works fine at the command line with the "|". It will not work without it.

A batch file with the single line

certutil -restorekey -f -p "" c:\|%username%.pfx

returns the attached result. See cert.jpg

post-31369-1201122296_thumb.jpg

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

Add the working directory

Run(@Comspec & ' /k (certutil -restorekey -f -p "" c:\' & ' |' & @UserName & '.pfx)', @TempDir)

Returns:

'DI07Z79.pfx' is not recognized as an internal or external command,

operable program or batch file.

Link to comment
Share on other sites
Syekick Seeker

Syekick

Posted
  • Author
Posted

ya that's what I'm thinking but the documentation is a tad sketchy. Plus it works perfectly for him when he types this same exact command in a dos window.

Syekick what happens if you run any of the following 

Run(@Comspec & ' /k certutil -restorekey -f -p "" c:\')oÝ÷ Ù«­¢+ÙIÕ¸¡
½µÍÁµÀìÌä콬¡ÉÑÕÑ¥°µÉÍѽɭ䵵ÀÅÕ½ÐìÅÕ½ÐìÌäìµÀìUÍÉ9µµÀìÌäì¹Áà¤Ìäì¤
Both result in "the system can not find the file specified" certutil or username.pfx I don't know which.
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...