sylvanie Posted March 23, 2005 Share Posted March 23, 2005 Hello, I ve written this program to be alerted when a program or a bad guy try to stop it and so to avoid a possible attack.ps : if you want to try it replce the exe list by your exeexpandcollapse popup; program which monitor if secure programs are running and display an alert if one doesn't run (and can shutdown the PC if nobody get a answer) AutoItSetOption("TrayIconHide", 1) $tab=stringsplit("persfw.exe,ashserv.exe,ashMaiSv.exe,ashWebSv.exe,ashDisp.exe",",");it's a list of my processes to monitor (firewall, antivirus), replace by yours sleep(45000); wait 45 s to be sure that all processes are started (generally they are launched by services, it's just to be sure) while 1 for $cpt=1 To $tab[0] If ProcessExists ( $tab[$cpt] )=0 then alarm($tab[$cpt]) Next sleep(10000) WEnd Func alarm(ByRef $txt) $val = MsgBox(20,"Alerte Process arrêté !",$txt&" n'est plus actif, voulez vous le réactiver ?"& @CRLF & "(En cas de non l'ordinateur se fermera !)",5); notify that a program is not running and ask if we want to launch it manually. A timeout of 5 sec is used if $val=6 Then;case yes while 1 $file=FileOpenDialog("Programme à relancer",@AppDataCommonDir,"(*.exe)",3,$txt);open a file dialog if $file<>-1 Then $tabctrl=StringSplit($file,"\") if $txt=$tabctrl[$tabCtrl[0]] Then ; test if the file selected has the same name that the process stopped Run($file) Return Else $val2=MsgBox(16,"mauvais exe","Vous n'avez pas choisi le bon programme",3); notify that the file selected has not the same name that the process stopped with a timeout of 3 sec if $val2=-1 Then; case of timeout is reached $val=-1 ExitLoop EndIf EndIf Else $val=-1 ExitLoop EndIf WEnd EndIf If $val=-1 or $val=7 Then Shutdown (5); if timeout is reached or no is pressed, we make a shutdown to avoid a possible attack (expl : if firewall is stopped) EndFuncbye Link to comment Share on other sites More sharing options...
zcoacoaz Posted March 23, 2005 Share Posted March 23, 2005 looks useful [font="Times"] If anyone remembers me, I am back. Maybe to stay, maybe not.----------------------------------------------------------------------------------------------------------[/font][font="Times"]Things I am proud of: Pong! in AutoIt | SearchbarMy website: F.R.I.E.S.A little website that is trying to get started: http://thepiratelounge.net/ (not mine)[/font][font="Times"] ----------------------------------------------------------------------------------------------------------[/font][font="Arial"]The newbies need to stop stealing avatars!!! It is confusing!![/font] Link to comment Share on other sites More sharing options...
Ejoc Posted March 23, 2005 Share Posted March 23, 2005 Since you hardcode the apps, why not put the filename of the exe in and only open the FileOpenDialog() if Not FileExists(). That way you get alerted, but the process will start on its own. Now you got me thinking, Damn you!! 1) What about having it read from a file what apps to monitor 2) Have a GUI that lets you select a process and stop it from the GUI, which wont cause it to be restarted until you do so in the GUI. This would allow you to turn off antivirus to install an app. 3) Now I want to do this Start -> Programs -> AutoIt v3 -> AutoIt Help File -> Index -> (The Function you are asking about)----- Links -----DllStruct UDFsRSA Crypto UDFs Link to comment Share on other sites More sharing options...
zcoacoaz Posted March 23, 2005 Share Posted March 23, 2005 now you made me want to make some sort of security program! [font="Times"] If anyone remembers me, I am back. Maybe to stay, maybe not.----------------------------------------------------------------------------------------------------------[/font][font="Times"]Things I am proud of: Pong! in AutoIt | SearchbarMy website: F.R.I.E.S.A little website that is trying to get started: http://thepiratelounge.net/ (not mine)[/font][font="Times"] ----------------------------------------------------------------------------------------------------------[/font][font="Arial"]The newbies need to stop stealing avatars!!! It is confusing!![/font] Link to comment Share on other sites More sharing options...
sylvanie Posted March 23, 2005 Author Share Posted March 23, 2005 hello thanks for your comments Since you hardcode the apps, why not put the filename of the exe in and only open the FileOpenDialog() if Not FileExists(). That way you get alerted, but the process will start on its own.The files are all existing and are all launched at the start of windows ( they are services) so it will display an alert not if the process is not started but if it is stopped. And in the case of an alert, I launch it manually to control that it starts without problem.1) What about having it read from a file what apps to monitorYes, of course it's a simple way to store it, but I prefer to store it in the compiled form of this script, because an external file could be removed or changed too easily. Of course, we can associate a HMAC fingerprint or another algorithm to check integrity ... but I prefer recompil my code if I need to supress or add a program to monitor.2) Have a GUI that lets you select a process and stop it from the GUI, which wont cause it to be restarted until you do so in the GUI. This would allow you to turn off antivirus to install an app.Yes ! I haven't thought about the need of disabling the antivirus for install or the firewall for tests. I'll take the easier way to do this : I stop this autoit program and after, I stop the antivirus. But your idea of GUI to start and stop exe (and why not services) is very good . 3) Now I want to do this now you made me want to make some sort of security program!Great ! it makes me happy ! Link to comment Share on other sites More sharing options...
zcoacoaz Posted March 23, 2005 Share Posted March 23, 2005 we should all work and create a super program [font="Times"] If anyone remembers me, I am back. Maybe to stay, maybe not.----------------------------------------------------------------------------------------------------------[/font][font="Times"]Things I am proud of: Pong! in AutoIt | SearchbarMy website: F.R.I.E.S.A little website that is trying to get started: http://thepiratelounge.net/ (not mine)[/font][font="Times"] ----------------------------------------------------------------------------------------------------------[/font][font="Arial"]The newbies need to stop stealing avatars!!! It is confusing!![/font] Link to comment Share on other sites More sharing options...
sarkar112 Posted March 24, 2005 Share Posted March 24, 2005 but.. IM TOO LAZY! Link to comment Share on other sites More sharing options...
zcoacoaz Posted March 24, 2005 Share Posted March 24, 2005 me to, it took me 2 weeks to get myself to work on SearchBar for an hour [font="Times"] If anyone remembers me, I am back. Maybe to stay, maybe not.----------------------------------------------------------------------------------------------------------[/font][font="Times"]Things I am proud of: Pong! in AutoIt | SearchbarMy website: F.R.I.E.S.A little website that is trying to get started: http://thepiratelounge.net/ (not mine)[/font][font="Times"] ----------------------------------------------------------------------------------------------------------[/font][font="Arial"]The newbies need to stop stealing avatars!!! It is confusing!![/font] Link to comment Share on other sites More sharing options...
BillLuvsU Posted March 24, 2005 Share Posted March 24, 2005 now you made me want to make some sort of security program!<{POST_SNAPBACK}>I don't know if this is exactly what your talking about but I recently strated a monitering program for my teacher in the computer labe to moniter the students and report to him if they are doing somthing they shouldn't, [center][/center]Working on the next big thing.Currently Playing: Halo 4, League of LegendsXBL GT: iRememberYhslaw Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now