Jump to content

Recommended Posts

Posted

Hello!

 I've been going through all of the help files and examples, but I feel lost. I can't seem to find what I need. Essentially, what I'm doing is simple(in my head).

Create a file based on the information needed, select a line in that file, then put that line back in DOS. My code is below, I know it's messy, but I'll take the heat if you can help.

 

;BitlockerUpdate
;2016.05.24

HotKeySet("{ESC}", "Terminate")

Run("C:\Windows\System32\CMD.exe") ;open command prompt
Sleep(500) ;sleep half second
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("C:")
   Send("{ENTER}")
   send("CD{SPACE}%windir%\sysnative\")
   send("{ENTER}")
EndIf

;create file with Bitlocker Protectors
Send("manage-bde.exe{SPACE}-protectors{SPACE}-get{space}c:{space}>{Space}%userprofile%\Desktop\protectors.txt") ;send code "manage-bde -protectors -get c: > %userprofile%\Desktop\protectors.txt"
Send("{ENTER}") ;send enter key to create text file on desktop with protectors
Sleep(1000) ;sleep one second(1s)


;edit txt file/create array, pull line and paste into new file, copy text then paste into cmd window below


;update data
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("manage-bde.exe{SPACE}-protectors{SPACE}-adbackup{SPACE}c:{SPACE}-id{SPACE}{COPIEDINFORMATIONGOESHERE}")
   Send("{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf

;remove files
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("DEL{SPACE}%userprofile%\Desktop\protectors.txt") ;send code to delete protectors.txt
   Send("{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf

MsgBox(0,"Done","Copy and upload are done. Please check Computer in AD.")

Func Terminate()
    Exit 0
EndFunc

 

The protectors.txt file looks like this:

BitLocker Drive Encryption: Configuration Tool version 6.1.7601
Copyright (C) Microsoft Corporation. All rights reserved.

Volume C: [OSDisk]
All Key Protectors

    TPM:
      ID: {0000000-0000-0000-0000-0000000}

    Numerical Password:
      ID: {1000000-1000-1000-1000-1000000}
      Password:
        000000-000000-000000-000000-000000-000000-000000

    Data Recovery Agent (Certificate Based):
      ID: {2000000-2000-2000-2000-2000000}
      Certificate Thumbprint:
        1111111a1aa1a1aa1a1a1a1aaaaaa1aaa1

I would specifically need the line after Numerical Password. 

Original line:      ID: {1000000-1000-1000-1000-1000000}

Needed information: -ID: {1000000-1000-1000-1000-1000000}

 

I apologize in advance for inconveniencing anyone with my silly issues. Hopefully this can stand as a great learning experience for both me and anyone else looking.

 

  • Moderators
Posted

@OMGWTFLOLBBQ I have moved your question to the appropriate forum, the Developers forum specifically states it is not for AutoIt-related questions. Please be mindful of where you post ;)

 

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Posted
Just now, JLogan3o13 said:

@OMGWTFLOLBBQ I have moved your question to the appropriate forum, the Developers forum specifically states it is not for AutoIt-related questions. Please be mindful of where you post ;)

 

Apologies for the mistake, I'll be more careful in the future.

  • Moderators
Posted

In answer to your question: First, have you tried using just Run or ShellExecute with the appropriate switches, rather than all the Sends? Something like so?

ShellExecute("manage-bde.exe", "-protectors -get " & @DesktopDir & "\protectors.txt")

 

Second: You could read the file to an array, and parse through it that way. Something like this:

#include <File.au3>

$sFile = @DesktopDir & "\Protectors.txt"
$aFile = FileReadToArray($sFile)


For $i = 0 To UBound($aFile)
    If StringInStr($aFile[$i], "Numerical Password:") Then MsgBox($MB_OK, "", $aFile[$i + 1])
Next

One of our RegEx gurus will come along and do that more quickly, I am sure, but that should get you started :)

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Posted
23 minutes ago, JLogan3o13 said:

In answer to your question: First, have you tried using just Run or ShellExecute with the appropriate switches, rather than all the Sends? Something like so?

ShellExecute("manage-bde.exe", "-protectors -get " & @DesktopDir & "\protectors.txt")

 

Second: You could read the file to an array, and parse through it that way. Something like this:

#include <File.au3>

$sFile = @DesktopDir & "\Protectors.txt"
$aFile = FileReadToArray($sFile)


For $i = 0 To UBound($aFile)
    If StringInStr($aFile[$i], "Numerical Password:") Then MsgBox($MB_OK, "", $aFile[$i + 1])
Next

One of our RegEx gurus will come along and do that more quickly, I am sure, but that should get you started :)

Thanks for the suggestions! Definitely got a few gears running. As for the first, I attempted ShellExecute, but it kept giving an error about "windows cannot find "manage-bde.exe". I know it's messy, but it seems to work...for now. After I get this working, I'll definitely work on streamlining it for the future.

 

Second, I've edited code based off of what you've suggested. 

$sFile = "%userprofile%\Desktop\protectors.txt"
$aFile = FileReadToArray($sFile)

For $i = 0 To UBound($aFile)
    If StringInStr($aFile[$i], "Numerical Password:") Then _ArrayToClip($MB_OK, "", $aFile[$i + 1])
Next

if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
EndIf

;update data
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("manage-bde.exe{SPACE}-protectors{SPACE}-adbackup{SPACE}c:{SPACE}")
   Send("^v")
   Send("{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf

I put that right in the middle, thinking I could skip the message box(which does appear to be showing the correct data), but nothing is pasting in with the Send("^V") command.... 

I appreciate the suggestions and I'll think this through for a bit tonight.

  • Moderators
Posted

I am guessing you don't want the entire array on the clipboard, just the one line right? Instead of _ArrayClip, do something like:

Local $sFile = "%userprofile%\Desktop\protectors.txt"
Local $aFile = FileReadToArray($sFile)
Local $sInfo

For $i = 0 To UBound($aFile)
    If StringInStr($aFile[$i], "Numerical Password:") Then $sInfo = $aFile[$i + 1]
Next

if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
EndIf

;update data
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("manage-bde.exe{SPACE}-protectors{SPACE}-adbackup{SPACE}c:{SPACE}")
   Send($sInfo)
   Send("{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf

 

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Posted
18 hours ago, JLogan3o13 said:

I am guessing you don't want the entire array on the clipboard, just the one line right? Instead of _ArrayClip, do something like:

Local $sFile = "%userprofile%\Desktop\protectors.txt"
Local $aFile = FileReadToArray($sFile)
Local $sInfo

For $i = 0 To UBound($aFile)
    If StringInStr($aFile[$i], "Numerical Password:") Then $sInfo = $aFile[$i + 1]
Next

if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
EndIf

;update data
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("manage-bde.exe{SPACE}-protectors{SPACE}-adbackup{SPACE}c:{SPACE}")
   Send($sInfo)
   Send("{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf

 

Edited the whole bit... see below.

;BitlockerUpdate
;2016.05.25

#include <AutoItConstants.au3>
#include <Array.au3>
#include <File.au3>

;definitions
Local $pro = @DesktopDir & "\Protectors.txt" ;"%userprofile%\Desktop\protectors.txt" operating txt directory
Local $act =  WinActivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
Local $bde = "manage-bde.exe{SPACE}"
Local $arr = FileReadToArray($pro)
Local $inf

;open command and enter proper directory for use
Run("C:\Windows\System32\CMD.exe") ;open command prompt
Sleep(250) ;sleep quarter second
if ProcessExists("cmd.exe") Then
   $act ;refocus command prompt
   Send("C:" & "{ENTER}") ;send code "c:" then press enter
   Send("CD{SPACE}%windir%\sysnative\" & "{ENTER}") ;send code "CD %windir%\sysnative\" then press enter
   Send($bde & "-protectors{SPACE}-get{space}c:{space}>{Space}" & $pro & "{ENTER}") ;create protectors.txt on current desktop
  ;Sleep(250) ;sleep quarter second(.25s)
EndIf

;Needs Work
For $i = 0 To UBound($arr)
    If StringInStr($arr, "Numerical Password:") Then $inf = $arr[$i + 1]
Next

;update data
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send($bde & "-protectors{SPACE}-adbackup{SPACE}c:{SPACE}")
   Send($inf & "{ENTER}")
   ;don't forget to delete temp file if you create one created.
EndIf
;remove files
if ProcessExists("cmd.exe") Then
   winactivate("Administrator: C:\Windows\System32\CMD.exe") ;refocus command prompt
   Send("DEL{SPACE}" & $pro & "{ENTER}") ;delete protectors.txt from current desktop
EndIf
;completed & confirm message box
MsgBox(0,"Done","Copy and upload are done. Please check Computer in AD.")

When I run the code, no errors appear...but nothing is pasted in after the " Send($inf  & "{Enter}") " code is applied after collecting the info from the array. Please see the attached image.

The line that should appear is: manage-bde.exe -protectors -adbackup c: -ID {1000000-1000-1000-1000-1000000} 

{1000000-1000-1000-1000-1000000}  is the variable though, it should be pulling the information from within protectors.txt from that line. 

I appreciate what you've assisted me with creating. Is it possible to get a simple definition of what you've done?

output.PNG

Posted

Here is an example script with a function that will return a PC's Numerical Password without having to automate the command prompt.  This function returns an array with the Numerical Password ID and Password.  I wrote it while working on a project to harvest BitLocker Numerical Passwords from our PCs.  You could use this function to as a template for creating a function to backup protectors to AD.  

#RequireAdmin
#include <WinAPIFiles.au3>

;Turn off redirection for a 32-bit script on 64-bit system.
If @OSArch = "X64" And Not @AutoItX64 Then _WinAPI_Wow64EnableWow64FsRedirection(False)

Global $vBitLockerProtectors = _BitLockerGetNumericalPassword()
If @error Then Exit MsgBox(16, "ERROR", StringReplace($vBitLockerProtectors, "  ", @CRLF))

If IsArray($vBitLockerProtectors) Then 
    MsgBox(0, "Numerical Password", "ID: " & $vBitLockerProtectors[0] & @CRLF & "Password: " & $vBitLockerProtectors[1])
EndIf


Func _BitLockerGetNumericalPassword($sComputerName = @ComputerName, $sDrive = "C:")

    Local $sManageBdeCmd = "manage-bde -protectors -get " & $sDrive & " -cn " & $sComputerName

    Local $iPIDMangeBde = Run($sManageBdeCmd, @SystemDir, @SW_HIDE, $STDERR_MERGED)
    ProcessWaitClose($iPIDMangeBde)

    Local $sManageBdeOutput = StringStripWS(StdoutRead($iPIDMangeBde), 3)
;~  ConsoleWrite($sManageBdeOutput & @CRLF & @CRLF) ;For testing.
;~  ConsoleWrite(StringReplace($sManageBdeOutput, @CRLF, "  ") & @CRLF & @CRLF) ;For testing.

    Local $aManageBdeOutput = StringRegExp($sManageBdeOutput, "(?s)Numerical Password:.+ID:\s+{(.+)}.+Password:\s+([-0-9]+)", $STR_REGEXPARRAYGLOBALMATCH)
    If @error Then
        Local $aManageBdeOutput[2] = ["", ""]
        Local $iError = 1
        If StringInStr($sManageBdeOutput, "ERROR: No key protectors found.") Then $iError = 2 ;Fail test, PC not encrypted.
        If StringInStr($sManageBdeOutput, "ERROR: An error occurred while connecting to the BitLocker management" & @CRLF & "interface.") Then $iError = 3 ;Fail test, PC does not exist or inaccessible.
        If StringInStr($sManageBdeOutput, "ERROR: An error occurred (code 0x80070057)") Then $iError = 4 ;Fail test, drive does not exist.
        If StringInStr($sManageBdeOutput, "ERROR: An attempt to access a required resource was denied.") Then $iError = 5 ;An attempt to access a required resource was denied.
;~      Return SetError($iError, 0, $aManageBdeOutput) ;Comment the next line, and uncomment this line to get a blank array output on error.  
        Return SetError($iError, 0, StringReplace($sManageBdeOutput, @CRLF, "  ")) ;Error text returned by manage-bde.  
    EndIf
;~  _ArrayDisplay($aManageBdeOutput) ;For Testing.

    Return $aManageBdeOutput
EndFunc

If you have any questions, please let me know.  

 

Adam

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...