JonathanChan

thanks for the advice about Assign. I learned some new behavior about autoit. I'm trying to provide a configurable session in my script to allow people to put code snippets in autoit and for it to execute. The assignment was one of the things that was not working. I'm guessing I will find other things that doesn't exactly work like if you were writing a regular script.

Hi all, How come the following fails: execute('$tmp="test"') msgbox(0,@error,"error is: " &@error) According to the docs, @error code of 0 is good, anything else means the code failed. I get an error code of 1. Why does the execute code fail on assignment statements? Thanks, Jonathan

Hi, Here's a character generator for anyone interested... I can't think of any other uses for it than bruteforce, but it was a fun exercise writing.... There are actually 2 programs here... Run char_list_generator seperately to copy and paste a character list in $char_list variable... Current charlist is all ascii characters.... #include<Array.au3> ; Seed string (the first character in the char_list array is a good way to start - ours is space) $chars=" " while True tooltip(""""&$chars&"""") sleep(1) $chars=generate_character($chars) WEnd func generate_character($cur_string) $char_list=" !""#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~" $char_list=StringSplit($char_list,"") $split_string=StringSplit($cur_string,"") for $i = 1 to $split_string[0] Step 1 $cur_char=_ArraySearch($char_list,$split_string[$i],1,0,1) if $cur_char = $char_list[0] Then ; Reached end of array, time to loop again. $split_string[$i]=$char_list[1] ;ExitLoop $reset=True if $split_string[0]=$i Then ExitLoop EndIf else $reset=False $split_string[$i]=$char_list[$cur_char+1] ExitLoop EndIf Next if $reset=True Then _ArrayAdd($split_string," ") EndIf return _ArrayToString($split_string,"",1) EndFunc func char_list_generator() $tmp="" for $i=32 to 126 $tmp=$tmp&chr($i) Next InputBox("Character String Generator","Characters:",$tmp) EndFunc

I'm not cracking passwords... I'm adding a dictionary table to a md5 hash table... http://us.md5.crysm.net/about If you check that site, it's not hacking... it's purely a scholarly study... Any help appreciated...

Hello, I have this script that loops millions of times... It is fine for about 10,000 iterations, but the memory is steadily eaten away... I think I have to unset a variable or something to free up the memory, but I can't figure out where my memory is being eaten up at... Please help.. Thanks... #include <String.au3> #include <array.au3> $file=FileOpen("D:\home\jonathan\programming\SecurityTools\Brute Force\dictionary\masterPERMUTATIONS.txt", 0) $count=FileRead("md5tmp.txt") FileReadLine($file,$count) while 1 $pw=_URLEncode(FileReadLine($file)) $std=Run("lynx.exe -dump http://us.md5.crysm.net/add?text=" & $pw,"",@SW_HIDE,2) sleep(1000) $line=StdoutRead($std) $array=StringSplit($line,@crlf) TrayTip($pw,$array[2],2) sleep(1000) $count=$count+1 if mod($count,25) = 0 Then $tmpFile=fileopen("md5tmp.txt",2) FileWrite($tmpFile,$count) FileClose($tmpFile) EndIf Wend Func _URLEncode($toEncode, $encodeType = 2) Local $strHex = "", $iDec Local $aryChar = StringSplit($toEncode, "") If $encodeType = 1 Then;;Encode EVERYTHING For $i = 1 To $aryChar[0] $strHex = $strHex & "%" & Hex(Asc($aryChar[$i]), 2) Next Return $strHex ElseIf $encodeType = 0 Then;;Practical Encoding For $i = 1 To $aryChar[0] $iDec = Asc($aryChar[$i]) if $iDec <= 32 Or $iDec = 37 Then $strHex = $strHex & "%" & Hex($iDec, 2) Else $strHex = $strHex & $aryChar[$i] EndIf Next Return $strHex ElseIf $encodeType = 2 Then;;RFC 1738 Encoding For $i = 1 To $aryChar[0] If Not StringInStr("$-_.+!*'(),;/?:@=&abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890", $aryChar[$i]) Then $strHex = $strHex & "%" & Hex(Asc($aryChar[$i]), 2) Else $strHex = $strHex & $aryChar[$i] EndIf Next Return $strHex EndIf EndFunc

Great script! Thanks! More powerful than the one the other guy wrote!

Awww... That's a shame... I should have written this with your plugin ....

I'm an overbearing sysadmin ... I want to know what is happening on all my computers as it happens... I wrote this script to display on my screen if there are errors going on at my server computers or my users' desktop computers. It monitors 3 things so far... 1. VPN Access from IAS. 2. IIS or Apache hits (definitely would not use this on any server with a logfile > 100MB or a very busy server) 3. Gathers EventLogs from Computers you specify (They must give your current user permission to view EventLogs ie. Domain Admin access) You could tweak this script by editing the SQL to show only critical errors or even have it email you errors... I wrote this because all the logging programs were either pay to use or only showed it on screen or would only send an email... I wanted to be able to run any program I wanted when I received an error. Remember, you can easily add other logs to here. With this script, you can get the basic idea to display logs for your emails or for more! Basically anything logged by windows can be parsed by this script because it uses the LogParser utility. Hope someone finds this as useful as me! #cs ---------------------------------------------------------------------------- AutoIt Version: 3.2.1.14 (beta) Author: Jonathan Chan Script Function: Displays Log Files on screen or you can script it to email or run program of your choice to notify you of changes in the log file. You will need MS LogParser2.2 and isaparse from the w2k3 CDs \support\tools\suptools.msi. http://www.microsoft.com/downloads/details.aspx?familyid=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en #ce ---------------------------------------------------------------------------- ; Please Edit Variables Below ;;;;;; IAS Logging $checkIAS=True ; Path of IAS Log file (Best to set IAS Log file to never split log file) $IASFilePath='\\chan\C$\WINDOWS\system32\LogFiles\iaslog0.log' ; IASParse.exe Path? $IASParseExePath="\\media\D$\private\bin\iasparse.exe" ; polltime? (in seconds) $IASPollTime=5 ;;;;;; IIS Hit Logging $checkIIS=True ; How many IIS Log Directories? dim $IISLogDirs[4] ; Actual Log File Locations? $IISLogDirs[0]="\\chan\C$\WINDOWS\system32\LogFiles\W3SVC1173680306\ex*.log" $IISLogDirs[1]="\\chan\C$\WINDOWS\system32\LogFiles\W3SVC1658629643\ex*.log" $IISLogDirs[2]="\\chan\C$\WINDOWS\system32\LogFiles\W3SVC372820554\ex*.log" $IISLogDirs[3]="\\chan\C$\WINDOWS\system32\LogFiles\W3SVC1851386671\ex*.log" ; Valid options are: IIS, IISW3C, IISODBC,NCSA $IISFormat="IISW3C" ; polltime? (in seconds) $IISPollTime=60 ;;;;;; Event Logging - If both false, event logger checker is disabled. $checkEVTLogApplication=True $checkEVTLogSystem=True ; You need to be downloading this application from microsoft. (Log Parser 2.2) $logParserExePath="LogParser.exe" ;PollTime? (in seconds, Maximum polltime is 82800) $EVTLogPollTime=10000 ; How many remote computers you want to check? dim $computers[4] ; And each computer's name? $computers[0]="media" $computers[1]="chan" $computers[2]="erc" $computers[3]="asc-laptop" ; Code Starts HERE, don't edit below here of course... Unless you know what you're doing. #include <File.au3> ;#include "tailRW/tailRW.au3" #include <Array.au3> if $checkIAS=True Then $IASlines=_FileCountLines ( $IASFilePath ) $IASTimer=$IASPollTime EndIf if $checkIIS=True Then $IISTimer=$IISPollTime $IISTimeOffset=SecsToTime($IISPollTime+30) $IISFrom=_ArrayToString($IISLogDirs,",") Switch $IISFormat Case 'IIS' $IIS_selectfields='UserIP' $field_date="Date" Case 'IISOBDC' $IIS_selectfields='ClientHost' $field_date="LogTime" Case 'IISW3C' $IIS_selectfields='s-sitename,c-ip' $field_date="TO_TIMESTAMP(Date,Time)" Case 'NCSA' $IIS_selectfields='RemoteHostName' $field_date="DateTime" case Else msgbox(0,"Error", "Error, $IISFormat not properly set. Disabling IIS Polling.") $checkIIS=False EndSwitch EndIf if $checkEVTLogApplication=True OR $checkEVTLogSystem=True Then $checkEVTLog=true $EVTLogTimer=$EVTLogPollTime $EVTLogTimeOffset=SecsToTime($EVTLogPollTime) Else $checkEVTLog=False EndIf $debugitem = TrayCreateItem("Debug") TrayCreateItem("") $eventitem = TrayCreateItem("EventLogNow") ;TrayCreateItem("") AutoItSetOption("TrayAutoPause",0) AutoItSetOption("TrayIconDebug",1) TraySetState() $begin=TimerInit() while 1 $traymsg = TrayGetMsg() Select Case $traymsg = 0 ; Case $traymsg = $debugitem if $debug=True then $debug=False else $debug=True EndIf case $traymsg=$eventitem EventLog() EndSelect if TimerDiff($begin) > 999 Then circle() $begin=TimerInit() EndIf WEnd func circle() ; IAS Logger Portion if $checkIAS=true AND $IASTimer=$IASPollTime Then $IASTimer=1 $IASnewlines=_FileCountLines ( $IASFilePath ) if $IASlines <> $IASnewlines Then $tmp=FileReadLine($IASFilePath,$IASnewlines) if NOT FileWrite("tmp.log",$tmp) Then msgbox(0,"Debug","Could not write to tmp.log file.") EndIf $pid=run($IASParseExePath&" -f:tmp.log",@WorkingDir,@SW_HIDE,2) sleep(500) $msg=StdoutRead($pid) $msg=StringStripWS($msg,3) $offset=StringInStr($msg,@CRLF,0) $msg=StringTrimLeft($msg,$offset) $msg=StringStripWS($msg,3) FileDelete("tmp.log") msgbox(0,"VPN Activity",$msg) EndIf $IASlines=$IASnewlines Else $IASTimer=$IASTimer+1 EndIf ; EVTLog Portion if $EVTLogTimer=$EVTLogPollTime AND $checkEVTLog=True Then ;msgbox(0,"Debug","We are processing Event Logs.") $EVTLogTimer=1 ; build FROM section of query $from='' for $computer in $computers if ping($computer) Then if $checkEVTLogApplication=True Then $from=$from&"\\"&$computer&"\Application," EndIf if $checkEVTLogSystem=True Then $from=$from&"\\"&$computer&"\System," EndIf EndIf Next $from=StringTrimRight($from,1) $sql="""SELECT * INTO DATAGRID FROM "&$from&" WHERE TimeGenerated >= TO_LOCALTIME ( SUB ( SYSTEM_TIMESTAMP(), TIMESTAMP('"&$EVTLogTimeOffset&"','hh:mm:ss') ) )""" Run($logParserExePath&" "&$sql&" -rtp:-1 -resolveSIDs:ON" ,@workingdir, @SW_SHOWDEFAULT) Else $EVTLogTimer=$EVTLogTimer+1 EndIf ; IIS Hit Logging if $checkIIS=true AND $IISPollTime=$IISTimer Then ;msgbox(0,"Debug","We are processing IIS Logs.") $IISTimer=1 $sql="""SELECT DISTINCT "&$IIS_selectfields&" FROM "&$IISFrom&" WHERE "&$field_date&" >= SUB ( SYSTEM_TIMESTAMP(), TIMESTAMP('"&$IISTimeOffset&"','hh:mm:ss') )""" ;msgbox(0,"test",$sql) $run=$logParserExePath&" "&$sql&" -i:"&$IISFormat&" -o:CSV -headers:OFF" $pid=run($run,@WorkingDir,@SW_HIDE,2) while ProcessExists($pid) sleep(1000) WEnd $msg=StdoutRead($pid) $tmpoffset=StringInStr($msg,"Statistic")-1 $msg=StringLeft($msg,$tmpoffset) $msg=StringStripWS($msg,3) if $msg <> "" Then TrayTip("Latest Hits in the past "&$IISTimeOffset&":",$msg,5) EndIf ;InputBox("test","just debug",$run) else $IISTimer=$IISTimer+1 EndIf EndFunc func EventLog() $seconds=InputBox("Time?","How many seconds ago do you want to see the logs?","1000") $tmp=secstotime($seconds) ; build FROM section of query $from='' for $computer in $computers if ping($computer) Then if $checkEVTLogApplication=True Then $from=$from&"\\"&$computer&"\Application," EndIf if $checkEVTLogSystem=True Then $from=$from&"\\"&$computer&"\System," EndIf EndIf Next $from=StringTrimRight($from,1) $sql="""SELECT * INTO DATAGRID FROM "&$from&" WHERE TimeGenerated >= TO_LOCALTIME ( SUB ( SYSTEM_TIMESTAMP(), TIMESTAMP('"&$tmp&"','hh:mm:ss') ) )"""; Run($logParserExePath&" "&$sql&" -rtp:-1 -resolveSIDs:ON" ,@workingdir, @SW_SHOW) EndFunc func SecsToTime($secs) local $time, $hour, $minute, $second,$offset $time=$secs if $time > 59 Then $minute=floor($time/60) $second=mod($time,60) if $minute > 59 Then $hour=floor($minute/60) $minute=mod($minute,60) Else $hour='00' EndIf Else $hour='00' $minute='00' $second=$time EndIf $tmpHourLength=StringSplit($hour,'') $tmpMinuteLength=StringSplit($minute,'') $tmpSecondLength=StringSplit($second,'') if $tmpHourLength[0] < 2 Then $hour='0'&$hour EndIf if $tmpMinuteLength[0] < 2 Then $minute='0'&$minute EndIf if $tmpSecondLength[0] < 2 Then $second='0'&$second EndIf $offset=$hour&":"&$minute&":"&$second return $offset EndFunc

Hello, Is there any way to detect if a file is a link and copying the links as such (not copying 2 copies of the same data)? It seems very easy to tell if the folder is linked, but a file that is hardlinked seems to be totally unseen. I have a whole directory that has many linked files that i want to preserve these links and also preserve the space by using links and not copy the files. Any idea how to go about doing this? Thanks, Jon

hmmm....autoit3 is must faster than autoit2 .... I remember dreading to make my autoit2 script any larger than 500 or so lines because autoit could only process like 20 lines per cycle or per second or something...

i know the code... but isn't that a lot of repetitive code that could be done in 1 shot?

is for efficient? I may need up to 500 null characters... seems like a lot of concating...

Hello, I probably just dont' know the name of the function which is why i can't do what i want to do... but how do I make $var=j 10 times? (ie. $var=jjjjjjjjjj)... What my real purpose for asking is to add NULL characters to a file handler. I have to add the null characters based on filesize and it isn't 1 static amount of nulls... Thanks, Jonathan

OK... Thanks, that explains things...

wait! I got it! It's not in the function, it's before the function! local ls = editor.StyleAt[editor.CurrentPos-2] if ls == 13 and c == " " then Why is editor.StyleAt == 13? I see that the keywords.abbrev is keywords7.$(file.patterns.au3)=$(au3.keywords.abbrev)? Shouldn't ls == 7? Maybe i just don't understand lua code...