I'm trying to automate a workflow. The automation script is mainly written in Powershell It consists of these steps: 1) Opening a program 2) Communicating with the API, reading values, etc. 3) Closing the program. This script will be run many times a day, it would suffice to not close the program every time the script is finishing, but rather check at the beginning of the script whether the program is already opened, and if not, open it. I'd like to implement both, then decide which solution to use later on.
The code for opening the program is completed, but it's not enough to just run an .exe file to open the program, as I have to load the correct settings and GUI, for this while opening the .exe file from the command line, additionally, I have to use -s, also -c. I concluded all this in runProgram.cmd, so in the Powershell script, I only run this file to open the program. However, I am unsure how the already opened program can be detected (that it's opened), and how can I close it. I believe a solution might use processes, with the help of Get-Process, but I'm unsure of its capabilities and limitations (how do I check if my program's process is not amongst the list of running processes?), and whether there is a better way of dealing with this problem.
I have found the solution:
Open the program and open Powershell, and type Get-Process (this will list all the currently running processes)
Search yours (by name). If you don't know which process is the one you're looking for, you can close your program, then type Get-Process again, and look for the process that disappeared from the list, since you closed it. Let's assume the name of it is "yourprocess".
In the code, type $val = Get-Process -Name yourprocess. If it is running, $val should equal some data about the process, if it is not running, then $val is 0. Therefore, if you want to check whether it's opened, you should use:
if($null -ne $val){...}
Finally, stopping the process: Stop-Process -Name yourprocess.
Related
There is an old command line tool my company uses to deploy log files to various servers.... whoever wrote it made it very very repetitive.
There is a lot of prompting that happens and I want to automate this process. We have a long term goal of replacing this .exe file down the line but for now automation works for the short term..
Example
./logdeploy.exe
Enter the destination folder:
I would like the powershell script to just automatically enter the folder, since its literally the same folder. because this exe is going to ask for it at least 20 times throughout this process, so copy paste just gets anyoing.
Is this even possible to do?
If there really is no way around simulating interactive user input in order to automate your external program, a solution is possible under the following assumption:
Your external program reads interactive responses from stdin (the standard input stream).
While doing so is typical, it's conceivable that a given program's security-sensitive prompts such as for passwords deliberately accept input from the terminal only, as so to expressly prevent automating responses.
If the first assumption holds, the specific method that must be used to send the response strings via stdin depends on whether the external program clears the keyboard buffer before each prompt.
(a) If it does not, you can simply send all strings in a single operation.
(b) If it does, you need to insert delays between sending the individual strings, so as to ensure that input is only sent when the external program is actively prompting for input.
This approach is inherently brittle, because in the absence of being able to detect when the external program is read to read a prompt response, you have to guess how much time needs to elapse between sending responses - and that time may vary based on many runtime conditions.
It's best to use longer delays for better reliability, which, however, results in increased runtime overall.
Implementation of (a):
As zett42 and Mathias R. Jessen suggest, use the following to send strings C:\foo and somepass 20 times to your external program's stdin stream:
('C:\foo', 'somepass') * 20 | ./logdeploy.exe
Again, this assumes that ./logdeploy.exe buffers keyboard input it receives before it puts up the next prompt.
Implementation of (b):
Note: The following works in PowerShell (Core) 7+ only, because only there is command output being sent to an external program properly streamed (sent line by line, as it becomes available); unfortunately, Windows PowerShell collects all output first.
# PowerShell 7+ only
# Adjust the Start-Sleep intervals as needed.
1..20 | ForEach-Object {
Start-Sleep 1
'C:\foo'
Start-Sleep 2
'somepass'
} | ./logdeploy.exe
Unicorn.py generates a string that looks like
powershell -flag1 -flag2 "something " obfuscation; powershell "more gibbrish
Interestingly, if this command is saved in a file filename.txt Windows executes it before opening the file in notepad.txt (by which time the file is empty).
Why is the file executed despite the extension?
What does the script do when it encounters EOF after odd number of quotation marks?
Edited:
Unicorn (https://github.com/trustedsec/unicorn) is a script that "enables privilege elevation and arbitrary code execution". If you know what it means. Of course I did NOT put the actual string, just the key features.
Purely out of IT security interest.
I think that if you read the manual in unicorn.py, at absolutely no time does it say that the script should be left in the txt file.
The PowerShell script is written inside the txt file and called the "payload" (very hacker like). What is left for you is always how to execute this code on the victim's computer.
The manual proposes Word code injection, simply executing the PowerShell in cmd (I quote "Next simply copy the powershell command to something you have the ability for remote command execution."), Excel Auto_Open attack, and so on.
If reading the manual is too much there is always a video. The only time the "hacker" uses a notepad like is on his linux operated system (how ironic)… I watched it because I love this Papa Roach music Last Resort...
For those who are concerned about IT security I recommend this article dosfuscation. This is really instructive about how you have to be extra careful when receiving mails, outside document,... and how humanity can waste so much time spying, deceiving, inventing new twisted strategies... Aren't we great !
Windows like any other system has many system flaw but opening notepad is not one of them. Unless your notepad has been replaced by a hacker using unicorn…
There is an even number of brackets in the obfuscated script. Did you mix up '' with "?
Empty txt file means that you've sent the attack.txt over network to a drive accessible by updated antivirus and antivirus quarantined/deleted file contents. Since you didn't know about this interaction with antivirus your environment is NOT secure. Which means you might have other malware from previous test lurking on your "clean" network.
Objective:
I'm trying to use a program called Texmod.exe to start another program (exe) with certain parameters.
Background:
Texmod is program that opens up another exe and extracts/replaces textures that are pulled up in the second program while it is running. I'm trying to start the second exe with the parameters: -AlwaysFocus -ControllerOffset=1 -SaveDataId=2. Starting the second exe with shortcuts/.bat that have these parameters in a command line DOES work. However, I would like to do this in conjunction with Texmod.
Complications:
I'm using Texmod v0.9 b which doesn't support starting an exe with command line parameters. Newer versions, such as the open source reboot known as uMod, does support but it doesn't replace textures as well and crashes often compared to the original version.
Texmod.exe must start the second exe directly. Texmod can't select a shortcut to start the exe. I've tried making Texmod start another exe/.bat that then starts the second desired exe with parameters but this causes Texmod not to function.
Methods I have thought about but not sure if they work or even possible:
Somehow forcing all processes started by Texmod.exe to start with certain parameters
Somehow force the desired exe to always start with certain parameters regardless of start method (via Texmod, shortcuts, .bat, etc)
Add parameters to the process started by the desired exe after it is already running
Obviously I'm open to any ideas. Is what I'm asking even possible? Sorry if it seems unclear or I sound irrational; my knowledge on this is limited.
Edit: #Toby Speight I'm not sure what you mean by an example of the code I'm having trouble with as I'm just wondering if it's possible to perform the scenario I described. This is where I got the Texmod program from (it's the oldest release texmod.zip - Original TexMod 0.9 beta). I've searched the internet for possible solutions but I've found very few so some of the methods I've tried are:
Used Texmod.exe to start a desktop shortcut with target: "directory to exe" -AlwaysFocus -ControllerOffset=1 -SaveDataId=2. The result was Texmod couldn't use the shortcut and just opened the exe without the parameters.
Used Texmod to start an exe named caller.exe which started the exe I desired using the method described here. In command.txt, described by the instructions, I put ""name of exe.exe" -AlwaysFocus -ControllerOffset=1 -SaveDataId=2." The result was the exe started with the parameters but Texmod failed to modify the textures because it was modifying textures pulled up by caller.exe instead.
Used Texmod to open a .bat file with the lines: ""name of exe.exe" -AlwaysFocus -ControllerOffset=1 -SaveDataId=2." The result was the same as attempt described in #2.
Edit2: I also stumbled on this page where someone else claims they managed to achieve what sounds like the objective I desire. However, I do not know enough about code to understand it. If someone could look over this to see if it would work or see if they can modify it to fit the arguments that I desire.
You can use windows registry to force Windows run another app when specific .exe is called. Let me show an example: i'm trying to use TexMod with Remember Me.
Required setup:
Create a copy of game .exe, place it near original with different name, eg RememberMe_copy.exe
Go to windows registry location HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
create new key named as original .exe, in my case it's RememberMe.exe. Registry key looks like a folder.
In this key, create new string value named Debugger with full path to copy of .exe with required commandline args. For example: "C:\Program Files (x86)\Steam\steamapps\common\Remember Me\Binaries\Win32\RememberMe_copy.exe" -ReadPoolSizeFromIni. Note the path to .exe is quoted, commandline arguments are not. String value has type REG_SZ.
Now when you try to run anything called RememberMe.exe, Windows will instead run the RememberMe_copy.exe with specified parameters (and something else but we don't care). This feature is left in Windows for debugging purposes.
Finally, open TexMod, select RememberMe.exe. It will think it's running original file, but instead Windows will silently run another file with another parameters. As there is nothing else in between, TexMod is happy.
Why can't we use single file? Well, Windows will run original .exe instead of original .exe, then instead of it will run original .exe... causing infinite loop.
So I'm using PowerShell to manipulate a SharePoint 2010 library. I am uploading, downloading, and deleting files in a script using a custom module I made. My errors are so odd I can't understand them.I am using PowerGUI, Windows PowerShell ISE, and PowerShell Management Shell all in admin mode.
PowerGUI:
I sometimes can't get an spWeb object, sometimes I can. The URL string is being pulled from a CSV file so it never changes and neither does the code before I call Get-SPWeb -Identity $correctURL
Sometimes when I call a list RootFolder it returns $false for the Exists property, using management shell I can get past this. Otherwise I can touch it by calling $ListName.RootFolder.Files and it will magically return and hold the $true for Exists in future executions of my script.
Then when I call an XML file full of file properties(for uploaded files) it will return file property names for $fileFieldsXML.row.Attributes | foreach {$_} and values for $fileFieldsXML.row.Attributes | foreach {$_.ToString()}. This is, unless I set them to variables. When two very distinct vars are set to these two differentish calls they both are set to the array of property names! Why??
Windows PowerShell ISE and PowerShell Management Shell
I think these are just outdated somehow. I can call Get-SPWeb in Management Shell but I can't in ISE due to I guess outdated versions. Lately the management shell will act as if I haven't been doing anything to the files unless I close it out and reopen it. Does the management shell just hold a copy of all files when it starts or something? Can I make it update these files?
Can anyone suggest a better way to debug? Also why does a module seem to severely increase runtime? When everything was in the same script it was quick but my long functions take several times longer to execute now.
I also have been using PowerShell and SharePoint for almost two months now, so I am a beginner and intern. Perhaps that is really the cause of my problems :)
I have a script that runs an external process which creates some output (a file) and then I also capture console output to file (the log)
try
{
p4d -r $root -jc | out-file $output
}
I later check the log output, grab some info and the script carries on.
The problem is that the external process could (and has once) stalled and I need a way to check that on the fly to handle the error.
The best way I can think to do this is to monitor the file that the process creates for increasing size. Obviously this isn't without issue as it could potentially stall at any point and we don't know the resulting file size.
I will likely check the size of the last successful process and use that to set some limits.
My question is how do I achieve the whole check a process whilst it's running thing?