发表新帖
发表新帖

Using python to open cmd and automatically enter a password

前端 未结
关注
3 1024
慢半拍i
慢半拍i 2020-12-02 02:52

I\'ve managed to get the cmd being opened by python. However, using runas administrator comes with a password check before cmd.exe is executed.

I\'m using this to op

相关标签:
3条回答
  • 无人共我
    2020-12-02 03:11

    I am trying to do the same that the mate ExoticScarf. Copying your code `

    args=(["runas.exe", "/user:admin", "program.exe"])
proc = subprocess.Popen(args, 
                        stdin=subprocess.PIPE, 
                        stdout=subprocess.PIPE, 
                        stderr=subprocess.PIPE,
                        universal_newlines=True)
passw='password'
proc.stdin.write(passw)
proc.stdin.flush()

stdout, stderr = proc.communicate()
print (stdout)
print (stderr)`

    Adding universal_newlines=True it seems that it cans write the pass like a str not like a bytes-like objects..

    0 讨论(0)
  • 有刺的猬
    2020-12-02 03:19

    This piece of code actually works (tested on a Windows 2008 server). I've used it to call runas for a different user and pass his password. A new command prompt opened with new user context, without needing to enter password.

    Note that you have to install pywin32 to have access to the win32 API.

    The idea is:

    • to Popen the runas command, without any input redirection, redirecting output
    • read char by char until we encounter ":" (last char of the password prompt).
    • send key events to the console using win32 packages, with the final \r to end the password input.

    (adapted from this code):

    import win32console, win32con, time
import subprocess

username = "me"
domain = "my_domain"
password ="xxx"

free_console=True
try:
    win32console.AllocConsole()
except win32console.error as exc:
    if exc.winerror!=5:
        raise
    ## only free console if one was created successfully
    free_console=False

stdin=win32console.GetStdHandle(win32console.STD_INPUT_HANDLE)

p = subprocess.Popen(["runas",r"/user:{}\{}".format(domain,username),"cmd.exe"],stdout=subprocess.PIPE)
while True:
    if p.stdout.read(1)==":":
        for c in "{}\r".format(password):  # end by CR to send "RETURN"
            ## write some records to the input queue
            x=win32console.PyINPUT_RECORDType(win32console.KEY_EVENT)
            x.Char=unicode(c)
            x.KeyDown=True
            x.RepeatCount=1
            x.VirtualKeyCode=0x0
            x.ControlKeyState=win32con.SHIFT_PRESSED
            stdin.WriteConsoleInput([x])

        p.wait()
        break
    0 讨论(0)
  • 遥遥无期
    2020-12-02 03:26

    Although not an answer to your question, this can be a solution to your problem. Use psexec instead of runas. You can run it like this:

    psexec -u user -p password cmd

    (or run it from Python using subprocess.Popen or something else)

    0 讨论(0)
 看不清?
提交回复
热议问题