Leaderboard

Try this one : #Include <IE.au3> $oIE = _IECreatePrivate("http://www.autoitscript.com") Func _IECreatePrivate($sUrl = "about:blank", $iWait = 1) Local $sPFDir = (StringInStr(@OSArch, "64") AND Not @AutoItX64) ? RegRead("HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion", "ProgramFilesDir") : @ProgramFilesDir ShellExecute ($sPFDir & "\Internet Explorer\iexplore.exe", "-noframemerging -private " & $sUrl, @ProgramFilesDir & "\Internet Explorer") Local $hPrivateIE = WinWaitActive("[REGEXPTITLE:.+\[InPrivate\]]", "", 3) If Not $hPrivateIE Then Return SetError(1, 0, 0) Local $oPrivateIE = _IEAttach($hPrivateIE, "hwnd") If @error Then Return SetError(2, 0, 0) If $iWait Then _IELoadWait($oPrivateIE) Return $oPrivateIE EndFunc

The collection of examples in .NET Common Language Runtime (CLR) Framework shows that there are virtually no limits to the possibilities that the usage of .NET Framework and .NET code in AutoIt opens up for. One possibility which certainly is very interesting is the possibility of using C# and VB code in AutoIt. That is, to create, compile and execute C# and VB source code directly through an AutoIt script without the need for any external tools at all, eg. an integrated development environment (IDE) program or similar. You can even create a .NET assembly dll-file with your C# or VB code that you can simply load and execute. Why is it interesting to execute C# or VB code in an AutoIt script? It's interesting because C# and VB code is executed as compiled code and not as interpreted code like AutoIt code. Compiled code is very fast compared to interpreted code. In AutoIt and all other interpreted languages probably 99% or more of the total execution time is spend by the code interpretor to interpret the code lines, while only 1% or less of the total execution time is spend by executing the actual code. Compiled code is directly executable without the need for a code interpretor. That's the reason why compiled code is so much faster than interpreted code. Using C# and VB code in AutoIt is interesting because it can be used to performance optimize the AutoIt code. There may be many other good reasons for using C# and VB code in AutoIt, but here the focus is on code optimization. In the help and support forums you can regularly find questions related to this topic. You can find many examples where assembler code is used in connection with performance optimization. Recently, there has been some interest in FreeBASIC. Code optimization is clearly a topic that has some interest. How difficult is writing C# and VB code compared to assembler and FreeBASIC code? It's certainly much easier and faster than writing assembler code. Because you can do everything through AutoIt without the need for an IDE, it's probably also easier than FreeBASIC. As usually you get nothing for free. The cost is that there is some overhead associated with executing compiled code. You must load and start the code. You need methods to move data back and forth between the AutoIt code and the compiled code. You'll not see that all compiled code is 100 times faster than AutoIt code. Somewhere between 10 and 100 times faster is realistic depending on the complexity of the code. And probably also only code running in loops is interesting and preferably a lot of loops. How C# and VB code can be used in AutoIt through .NET Framework is what this example is about. The rest of first post is a review of introductory C# and VB examples. The purpose of the examples is to make it easier to use C# and VB code in AutoIt. They show how to do some of the basic things in C#/VB that you can do in AutoIt. They focus on topics that are relevant when both AutoIt and C#/VB code is involved. Eg. how to pass variables or arrays back and forth between AutoIt and C#/VB code. The examples are not meant to be a regular C#/VB tutorial. C# and VB Guides in Microsoft .NET Documentation is a good place to find information about C# and VB code. Dot Net Perls example pages have some nice examples. To avoid first post being too long, three posts are reserved for topics that will be presented in the coming weeks. DotNet.au3 UDF DotNet.au3 UDF to access .NET Framework from AutoIt is used to access the .NET Framework. But you do not at all need a detailed knowledge of the code in DotNet.au3 to use C#/VB code in AutoIt. The UDF is stored as DotNetAll.au3 in Includes\ in the zip-file in bottom of post. Includes\ only contains this file. Introductory C# and VB examples The code in the examples below is VB code. But the zip-file in bottom of post contains both C# and VB versions of the examples. Code templates This is the vb and au3 code templates that's used in all of the examples. TemplateVB.vb (TemplateVB-a.vb is provided with comments): Imports System Class Au3Class Public Sub MyMethod() Console.WriteLine( "Hello world from VB!" ) End Sub End Class Note that Console.WriteLine writes output to SciTE console. TemplateVB.au3: #include "..\..\..\Includes\DotNetAll.au3" Opt( "MustDeclareVars", 1 ) Example() Func Example() Local $oNetCode = DotNet_LoadVBcode( FileRead( "TemplateVB.vb" ), "System.dll" ) Local $oAu3Class = DotNet_CreateObject( $oNetCode, "Au3Class" ) $oAu3Class.MyMethod() EndFunc Usually, 2 code lines are sufficient to make .NET code available in AutoIt. DotNet_LoadVBcode() compiles the VB code, creates the .NET code in memory, loads the code into the default domain and returns a .NET code object which is a reference to the .NET code. DotNet_CreateObject() takes the .NET code object and a class name as input parameters and creates an object from the class. See DotNet.au3 UDF. Now the sub procedure MyMethod in the VB code can be executed as an object method. Most examples contains just a few code lines like the templates. I don't want to review all examples, but to get an idea of what this is about, here's a list of the top level folders in the zip-file: Code templates Introductory topics Comments Comment block Line continuation ConsoleWrite MessageBox Public keyword Multiple methods Subs, functions Global variable Error handling Missing DLL-file Imports, using CS-VB mismatch Code typing errors Set @error macro Passing variables Passing 1D arrays Passing 2D arrays Simple examples Prime numbers Create DLL Prime numbers So far, there is only one example with more than just a few code lines. This is an example of calculating prime numbers. This example is also used to show how to create a .NET assembly dll-file. These two examples are reviewed with more details below. Prime numbers The example calculates a certain number of prime numbers and returns the prime numbers as a 1D array. It shows how to pass an AutoIt variable (number of prime numbers) to the C#/VB code and how to return a 1D array of integers (the prime numbers) from the C#/VB code to AutoIt. Especially arrays are interesting in relation to compiled code. This is Microsoft documentation for VB arrays and C# arrays. Design considerations If you want to create a UDF that uses advanced techniques such as compiled code, and you want to make it available to other members, you should consider the design. Consider how the code should be designed to be attractive to other members. You should probably not design the code so other members will need to execute .NET code, create objects, and call object methods in their own code. This should be done in a function in the UDF so that a user can simply call an easy-to-use AutoIt function in the usual way. AutoIt and VB code There are three versions of the example. A pure AutoIt version in the au3-folder, an AutoIt/VB version in the VB-folder and an AutoIt/C# version in the CS-folder. The pure AutoIt and the AutoIt/VB versions are reviewed below. AutoIt code in au3\CalcPrimes.au3. This is the pure AutoIt UDF to calculate primes: #include-once Func CalcPrimes( $nPrimes ) Local $aPrimes[$nPrimes], $iPrime = 2, $iPrimes = 0 If $nPrimes <= 100 Then ConsoleWrite( $iPrime & @CRLF ) ; Store first prime $aPrimes[$iPrimes] = $iPrime $iPrimes += 1 $iPrime += 1 ; Loop to calculate primes While $iPrimes < $nPrimes For $i = 0 To $iPrimes - 1 If Mod( $iPrime, $aPrimes[$i] ) = 0 Then ExitLoop Next If $i = $iPrimes Then If $nPrimes <= 100 Then ConsoleWrite( $iPrime & @CRLF ) $aPrimes[$iPrimes] = $iPrime $iPrimes += 1 EndIf $iPrime += 1 WEnd Return $aPrimes EndFunc Note the similarity between the AutoIt code above and the VB code below. If you can write the AutoIt code you can also write the VB code. VB code in VB\CalcPrimesVB.vb to calculate primes: Imports System Class PrimesClass Public Function CalcPrimes( nPrimes As Integer ) As Integer() Dim aPrimes(nPrimes-1) As Integer, iPrime As Integer = 2, iPrimes As Integer = 0, i As Integer If nPrimes <= 100 Then Console.WriteLine( iPrime ) 'Store first prime aPrimes(iPrimes) = iPrime iPrimes += 1 iPrime += 1 'Loop to calculate primes While iPrimes < nPrimes For i = 0 To iPrimes - 1 If iPrime Mod aPrimes(i) = 0 Then Exit For Next If i = iPrimes Then If nPrimes <= 100 Then Console.WriteLine( iPrime ) aPrimes(iPrimes) = iPrime iPrimes += 1 End If iPrime += 1 End While Return aPrimes End Function End Class AutoIt code in VB\CalcPrimesVB.au3. This is the AutoIt/VB UDF to calculate primes. #include-once #include "..\..\..\..\..\Includes\DotNetAll.au3" Func CalcPrimesVBInit() CalcPrimesVB( 0 ) EndFunc Func CalcPrimesVB( $nPrimes ) Static $oNetCode = 0, $oPrimesClass = 0 If $nPrimes = 0 Or $oNetCode = 0 Then ; Compile and load VB code, create PrimesClass object $oNetCode = DotNet_LoadVBcode( FileRead( "CalcPrimesVB.vb" ), "System.dll" ) $oPrimesClass = DotNet_CreateObject( $oNetCode, "PrimesClass" ) If $nPrimes = 0 Then Return EndIf ; Execute CalcPrimes method and return 1D array of primes Return $oPrimesClass.CalcPrimes( $nPrimes ) EndFunc Note the initialization code in CalcPrimesVB() where the VB code is compiled and loaded and the $oPrimesClass object is created. If the user forgets to call CalcPrimesVBInit() it'll work anyway. Examples with pure AutoIt code in au3\Examples.au3. This is user code: #include <Array.au3> #include "CalcPrimes.au3" Opt( "MustDeclareVars", 1 ) Examples() Func Examples() ShowPrimes( 10 ) ; Used under development ShowPrimes( 1000 ) ; 400 milliseconds ShowPrimes( 5000 ) ; 8 seconds EndFunc Func ShowPrimes( $nPrimes ) ConsoleWrite( "$nPrimes = " & _ $nPrimes & @CRLF ) Local $hTimer = TimerInit() Local $aPrimes = CalcPrimes( $nPrimes ) ConsoleWrite( "Time = " & _ TimerDiff( $hTimer ) & @CRLF & @CRLF ) _ArrayDisplay( $aPrimes ) EndFunc Note again that the user code in the pure AutoIt examples above is almost identical to the user code in the AutoIt/VB examples below. The only difference the user will notice is the speed. To calculate 5000 prime numbers, the C#/VB code is 100 times faster. Try yourself. Examples with AutoIt/VB code in VB\ExamplesVB.au3. This is user code: #include <Array.au3> #include "CalcPrimesVB.au3" Opt( "MustDeclareVars", 1 ) ExamplesVB() Func ExamplesVB() CalcPrimesVBInit() ShowPrimesVB( 10 ) ; Used under development ShowPrimesVB( 1000 ) ; 10 milliseconds ShowPrimesVB( 5000 ) ; 80 milliseconds ShowPrimesVB( 10000 ) ; 200 milliseconds ;ShowPrimesVB( 50000 ) ; 5 seconds EndFunc Func ShowPrimesVB( $nPrimes ) ConsoleWrite( "$nPrimes = " & _ $nPrimes & @CRLF ) Local $hTimer = TimerInit() Local $aPrimes = CalcPrimesVB( $nPrimes ) ConsoleWrite( "Time = " & _ TimerDiff( $hTimer ) & @CRLF & @CRLF ) _ArrayDisplay( $aPrimes ) EndFunc .NET assembly dll-file In a production environment the compiled VB code should be stored in a .NET assembly dll-file. The first step is to create the dll-file from the VB source code: #include "..\..\..\..\..\Includes\DotNetAll.au3" ; Compile VB code and load the code into CalcPrimesVB.dll: A .NET assembly dll-file DotNet_LoadVBcode( FileRead( "CalcPrimesVB.vb" ), "System.dll", 0, "CalcPrimesVB.dll" ) ; You can delete the PDB-file (binary file containing debug information) If you inspect the dll-file with ILSpy.exe (see DotNet.au3 UDF) you'll see these comments in top of the output in the right pane window: // ...\7) Create DLL\Prime numbers\VB\CalcPrimesVB.dll // CalcPrimesVB, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null // Global type: <Module> // Architecture: AnyCPU (64-bit preferred) // Runtime: .NET 4.0 Note that the dll-file can be used in both 32 and 64 bit code (Architecture: AnyCPU). The second step is to modify the AutoIt/VB UDF to load the code from the dll-file: #include-once #include "..\..\..\..\..\Includes\DotNetAll.au3" Func CalcPrimesVBInit() CalcPrimesVB( 0 ) EndFunc Func CalcPrimesVB( $nPrimes ) Static $oNetCode = 0, $oPrimesClass = 0 If $nPrimes = 0 Or $oNetCode = 0 Then ; Load CalcPrimesVB.dll and create PrimesClass object $oNetCode = DotNet_LoadAssembly( "CalcPrimesVB.dll" ) $oPrimesClass = DotNet_CreateObject( $oNetCode, "PrimesClass" ) If $nPrimes = 0 Then Return EndIf ; Execute CalcPrimes method and return 1D array of primes Return $oPrimesClass.CalcPrimes( $nPrimes ) EndFunc The user code in the examples is exactly the same. But in a production environment the AutoIt user code is usually compiled into an exe-file. Please compile the user code and double click the exe-file to run it. If the AutoIt user code is compiled into an exe-file and the VB dll-file is stored in the same folder as the exe-file, the AutoIt code is always able to find and load the VB dll-file. Summary C# and VB code through .NET Framework is without any doubt the absolute easiest way to execute compiled code in an AutoIt script. It's especially easy because everything (write, compile, load and execute the code and even create an assembly dll-file) can be done through AutoIt. There is no need for any external tools at all. Usually, only 2 lines of AutoIt code are required to make the compiled code available in an AutoIt script. When it comes to calculations and array manipulations, the difference between C#/VB code and AutoIt code is not that big. Under development of C#/VB code (debug) information can be written to SciTE console or a message box. Syntax errors in the code are reported in SciTE console. Because the compiled code is executed as object methods, this solves an otherwise impossible problem of passing arrays back and forth between AutoIt code and compiled code. Posts below Real C# and VB examples. Four examples about generating a 2D array of random data, sorting the array by one or more columns through an index, converting the 2D array to a 1D array in CSV format, and finally saving the 1D array as a CSV file. Post 2. UDF version of examples in post 2. Also a version with a .NET assembly dll-file. Post 3. Adv. C# and VB examples. An introduction to threading. Post 4. Some considerations regarding calculation of prime numbers. Post 7. Optimizing C# and VB code. Optimizing code through multithreading. Optimizing code by storing array as global variable in VB code, thereby avoiding spending time passing arrays back and forth between AutoIt code and VB code. Post 8. Zip-file The zip-file contains two folders: Examples\ and Includes\. Includes\ only contains DotNetAll.au3. You need AutoIt 3.3.10 or later. Tested on Windows 10, Windows 7 and Windows XP. Comments are welcome. Let me know if there are any issues. UsingCSandVB.7z

For some reason, I am unable to post this into the script examples, so this looked like the next best place to post it. Using some scripts made by others, much help from the AutoIT help resources, and Google searching, I have created a somewhat basic audit tool for Windows computers. Much credit goes to Ian Maxwell (@llewxam) and @engine Thank you both and please let me know if I have code from someone else that needs credit. Anyway, on to the cool part. This script will collect the following info and place it into a CSV file. Each item is selectable using check boxes and output and execute buttons have visual feedback. Computer name Hardware Manufacturer Hardware Model Possible Hardware Serial Number CPU Type, Speed, and Core Count RAM and Swap Local Hard Drives with Size and Free Space Remote Network Drives with Size and Free Space Network Connections with Hardware Device Name MAC Address DHCP or Static Domain IP Address Default Gateway Local User Accounts (Minus Guest, Default, and HomeGroupUsers) Operating System Version, Service Pack, Architecture, and Product Key Microsoft Office Version and Product Key (Having trouble with 2010 and 2013 keys) Installed Software with Description, Install Date, and Version Suggestions, criticism, and improvements are welcome. Thank you, FesterJester PC_Audit_Tool.au3

Looks like I was grabbing the wrong form. This appears to work for me -- #include <IE.au3> Local $oIE = _IECreate("https://twitter.com/login") Local $oForm = _IEFormGetObjByName($oIE, 2) Local $oField = _IEFormElementGetObjByName($oForm, "session[username_or_email]") _IEFormElementSetValue($oField, "xxxxx") $oField = _IEFormElementGetObjByName($oForm, "session[password]") _IEFormElementSetValue($oField, "yyyyy") _IEFormSubmit($oForm)

How true .... so obvious

A nice way would be to extract first the wanted links to a new (temp) .csv before uploading #Include <Array.au3> #include <File.au3> $s = FileRead("www.cenace.gob.mx_9th_Oct_2017 (6).csv") $res = StringRegExp($s, '(?m)^"([^"]+csv)' , 3) _ArrayDisplay($res) _FileWriteFromArray(@scriptdir & "\new.csv", $res) Edit This keeps the quotes around the links $res = StringRegExp($s, '(?m)^("[^"]+csv")' , 3)

$s = '<a href="https://example.com/abcde" >abcde</a> <a href="https://example.com/asdf#post70403235"><img class=" ' msgbox(0, '' , stringreverse(stringsplit(stringreverse(stringsplit($s , "#" , 2)[0]) , '"' , 2)[0])) as expected from me

Just use my previous expression and add that the # is mandatory #Include <Array.au3> $s = '<a href="https://example.com/abcde" >abcde</a> <a href="https://example.com/asdf#post70403235"><img class=" ' $res = StringRegExp($s, 'href="([^#"]+)#' , 3) _ArrayDisplay($res)

im trying to determine its usefulness though as I bounce it off my similar attempt from a few years ago

\N means : no newline character (but allows horizontal white spaces), while \S means : no whitespace at all (whatever) This is easy to check by just doing the replacement in my code in post #7 Edit To fit your needs obviously \S is better. You probably read my previous post before I edited it

May I add, look also - using (?=\S+) - if start of line is followed by at least one non-space char This allows to skip empty or blank lines

and the explanation ;-) Look at the beginning of a line and lookahead if there is NOT http then do replacement of the matched beginning of line character. (?m) for "multi-line mode" makes the caret and dollar match at the start and end of each line in the subject string. In Ruby, (?m) makes the dot match all characters, without affecting the caret and dollar which always match at the start and end of each line in Ruby. In Tcl, (?m) also prevents the dot from matching line breaks. ^ is beginning of line Lookahead assertions ?= for positive assertions and ?! for negative assertions \h any horizontal whitespace marker * = 0 or more http is just the characters to check and the () around is group1 lookahead regex very powerfull and leads to many shorthands and no need to do for loop syntax you can check on these pages http://www.pcre.org/original/doc/html/pcrepattern.html

youtuber Try this pattern 'href="([^#"]+)' means : "find href=" , and then grab one or more chars wich are not a quote or hash"

Yes it is, absolutely I lazily copied/pasted the code from junkew and completely forgot to change this, sorry Obviously it should be like this $newString=stringregexpreplace($testString,"(?m)^(?!\h*http)(?=\S+)", "http://" )

youtuber, Try this... #include <ie.au3> #include <array.au3> Local $sAI = BinaryToString(InetRead('http://www.autoitscript.com')) Local $aARRAY = StringRegExp($sAI, '(?i).*href="([^"]+)"', 3) _ArrayDisplay($aARRAY) kylomas

youtuber, The code that I posted does not add the extra line... kylomas

Sorry, which option are you talking about? Events still work with Outlook 2016: #include <OutlookEX.au3> ; ***************************************************************************** ; Example Script ; Handle Outlook NewmailEX event when a new mail arrives. ; This script loops until Shift-Alt-E is pressed to exit. ; ***************************************************************************** HotKeySet("+!e", "_Exit") ;Shift-Alt-E to Exit the script MsgBox(64, "OutlookEX UDF Example Script", "Hotkey to exit the script: 'Shift-Alt-E'!") Global $oOApp = ObjCreate("Outlook.Application") Global $test = ObjEvent($oOApp, "oOApp_") While 1 Sleep(10) WEnd ; Outlook 2007 - NewMailEx event - http://msdn.microsoft.com/en-us/library/bb147646%28v=office.12%29.aspx Func oOApp_NewMailEx($sOL_EntryId) Local $oOL_Item = $oOApp.Session.GetItemFromID($sOL_EntryId, Default) MsgBox(64, "OutlookEX UDF Example Script", "New mail has arrived!" & @CRLF & @CRLF & _ "From: " & $oOL_Item.SenderName & @CRLF & _ "Subject: " & $oOL_Item.Subject) EndFunc ;==>oOApp_NewMailEx Func _Exit() Exit EndFunc ;==>_Exit

A simple, quick, audit tool. -Logged On Users -SystemInfo -IPconfig /All -Active Connections (Netstat) -Netstat Names -Privileged Users/Groups -Startup -Services -Processes+Svcs -Drivers (signed?) -Software -Powershell Commands -Logon Failures -All RDP Feel Free to Reply with More. **Requires PowerShell v4.0 or higher to run some of the commands , but those can be converted to WMI without much effort. ;AuditShot v1.1 -iamtheky #RequireAdmin #include<array.au3> #include<excel.au3> local $aFinal[0] $oXL = _Excel_Open(FALSE) $oXLbook = _Excel_BookNew($oXL , 13) ;----------------------------------------------------------Logged on Users--------------------------------------------------------------------------------------- $sCommand = "powershell Get-CimInstance Win32_LoggedOnUser" $iPID = run($sCommand & " | Format-List", "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 1 , $aOut) $oXLBook.WorkSheets(1).Name = "LOGGEDON" _ArrayConcatenate($aFinal , $aOut) ;------------------------------------------------SYS INFO------------------------------------------------------------------------------------------------- $sCommand = "systeminfo" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 2 , $aOut) $oXLBook.WorkSheets(2).Name = "SYSINFO" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;------------------------------------------------IPCONFIG------------------------------------------------------------------------------------------------- $sCommand = "ipconfig /all" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 3 , $aOut) $oXLBook.WorkSheets(3).Name = "IPCONFIG" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;------------------------------------------------ACTIVE NETSTAT------------------------------------------------------------------------------------------------- $sCommand = "netstat -n" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 4 , $aOut) $oXLBook.WorkSheets(4).Name = "NETSTAT" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;-----------------------------------------------------NETSTAT_NAMES-------------------------------------------------------------------------------------------------- $sCommand = "netstat -n" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" $sNSLookupOut = "" local $aNSfinal[0] local $aNSLookupFinal[0] While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) For $i = 4 to ubound($aOut) - 1 $aLine = stringsplit($aOut[$i] , " " , 2) For $k = ubound($aLine) - 1 to 0 step - 1 If stringstripWS($aLine[$k] , 8) = "" Then _ArrayDelete($aLine , $k) Next ;~ msgbox(0, '' , stringleft($aLine[2] , stringinstr($aLine[2] , ":" , 0 , -1) - 1)) If ubound($aLine) > 1 Then _ArrayAdd($aNSfinal , stringleft($aLine[2] , stringinstr($aLine[2] , ":" , 0 , -1) - 1)) $aUniqueNS = _ArrayUnique($aNSfinal) _ArrayDelete($aUniqueNS , 0) Next ;~ _ArrayDisplay($aUniqueNS) For $k = 0 to ubound($aUniqueNS) - 1 $iPID = run("nslookup " & $aUniqueNS[$k] , "" , @SW_HIDE , $stdout_child) While 1 $sNSLookupOut &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aNSLookup = stringsplit($sNSLookupOut , @LF , 2) _ArrayDelete($aNSLookup , "0-2") _ArrayAdd($aNSLookupFinal , $aNSLookup) $sNSLookupOut = "" Next ;~ _ArrayDisplay($aNSLookupFinal , "Final") ;~ _ArrayDisplay($aNSLookupFinal , "Final") $aOut = $aNSLookupFinal _Excel_RangeWrite($oXLbook , 5 , $aOut) $oXLBook.WorkSheets(5).Name = "NS_NAMES" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;-------------------------------------------------------------Privileged Users And Groups------------------------------------------------------------------------------------ $sOutput = "" local $aSelectedGroups[] = ["Administrators" , "Backup Operators"] ; Array Of Privileged Groups For $i = 0 to ubound($aSelectedGroups) - 1 $PsCommand = '"' & "$([ADSI]'WinNT://localhost/" & stringstripws($aSelectedGroups[$i] , 3) &",group').psbase.Invoke('Members') | foreach { $_.GetType().InvokeMember('ADspath', 'GetProperty', $null, $_, $null).Replace('WinNT://', '') }" & '"' $iPID = run("powershell " & $PsCommand, "" , @SW_HIDE , $stdout_child) While 1 $sOutput &= StdoutRead($iPID) If @Error Then ExitLoop WEnd ProcessClose($iPID) Next $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 6 , $aOut) $oXLBook.WorkSheets(6).Name = "PRIVILEGED" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;-------------------------------------------------Startup------------------------------------------------------------------------------------------------ $sCommand = "powershell Get-CimInstance Win32_StartupCommand | format-list" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 7 , $aOut) $oXLBook.WorkSheets(7).Name = "STARTUP" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;-------------------------------------------------SERVICES------------------------------------------------------------------------------------------------ $sCommand = "powershell Get-Service | format-list" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 8 , $aOut) $oXLBook.WorkSheets(8).Name = "SERVICES" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal); ;----------------------------------------------------PROCESSES+svc--------------------------------------------------------------------------------------------- $sCommand = "tasklist /svc /FO CSV" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 9 , $aOut) $oXLBook.WorkSheets(9).Name = "PROC+SVC" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal) ;----------------------------------------------------Drivers--------------------------------------------------------------------------------------------- $sCommand = "driverquery -si -FO csv" $iPID = run($sCommand, "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 10 , $aOut) $oXLBook.WorkSheets(10).Name = "DRIVERS" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal) ;----------------------------------------------------SOFTWARE--------------------------------------------------------------------------------------------- $iPid = run("powershell Get-CimInstance Win32Reg_AddRemovePrograms", "" , @SW_HIDE , 0x2) $sOutput = "" While ProcessExists($iPid) $sOutput &= StdoutRead($iPID) WEnd $aOut = stringsplit($sOutput, @LF , 2) _Excel_RangeWrite($oXLbook , 11 , $aOut) $oXLBook.WorkSheets(11).Name = "SOFTWARE" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal) ;----------------------------------------------------------PowerShell Commands--------------------------------------------------------------------------------------- $sCommand = "powershell Get-EventLog -logname 'Windows PowerShell'" $sMessage = '-message "Provider*Function*is*Started*"' $iPID = run($sCommand & " " & $sMessage & "| Select -ExpandProperty message", "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringregexp($sOutput , "HostApplication=(.*)" , 3) $aOut = _ArrayUnique($aOut , 0 , 0 , 0 , 0) _Excel_RangeWrite($oXLbook , 12 , $aOut) $oXLBook.WorkSheets(12).Name = "POWERSHELL" _ArrayConcatenate($aFinal , $aOut) ;~ _ArrayDisplay($aFinal) ;----------------------------------------------------------Logon Failures--------------------------------------------------------------------------------------- $sCommand = "powershell Get-EventLog -logname 'Security'" $sMessage = '-InstanceID "4625"' $iPID = run($sCommand & " " & $sMessage & "| Format-List", "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 13 , $aOut) $oXLBook.WorkSheets(13).Name = "LOGONFAIL" _ArrayConcatenate($aFinal , $aOut) ;----------------------------------------------------------ALL RDP--------------------------------------------------------------------------------------- $sCommand = "powershell Get-EventLog -logname 'Security'" $sMessage = '-InstanceID "4778"' $iPID = run($sCommand & " " & $sMessage & "| Format-List", "" , @SW_HIDE , $stdout_child) $sOutput = "" While 1 $sOutput &= StdoutRead($iPID) If @error Then ExitLoop WEnd ProcessClose($iPID) $aOut = stringsplit($sOutput , @LF , 2) _Excel_RangeWrite($oXLbook , 14 , $aOut) $oXLBook.WorkSheets(14).Name = "RDP" _ArrayConcatenate($aFinal , $aOut) ;~ ;-------------------------------------------------------------- ;~ _ArrayDisplay($aFinal) $destfile = @ScriptDir & "\" & @MON & @MDAY & @YEAR & @HOUR & @MIN & @SEC & "AuditShot.xlsx" _Excel_BookSaveAs($oXLbook , $destfile) _Excel_Close($oXL) sleep(100) ShellExecute($destfile)