Several times a day, I have to log on to a corporate server via the internet. I would like to know if and how I could automate this process using asm?
I have played around with an example from KetilO that uses hyperlink to get to the site, but how do I go about to navigate to the login box or any other control?
After the login I have to navigate through several menues to get to my page.
Does any body have suggestions?
Your input is gratly appreciated, THX
Cookies and the POST method make it too hard to do it the TCP/IP way.
So, make an app, that starts FireFox with the URL as a parameter, waits for the browser+page to load,
and then start sending mouse-messages to Firefox's window. (for click a specified places).
You can also add image-recognition (it's simple bitmap-memory compare) if the mouse-coordinates won't be always true due to layout reordering, caused by news-text above it.
Or you can find a way to inject cookies in Firefox, and do everything the TCP/IP way in your app.
Thanks for your reply Ultrano
Quote
Cookies and the POST method make it too hard to do it the TCP/IP way.
So, make an app, that starts FireFox with the URL as a parameter, waits for the browser+page to load,
and then start sending mouse-messages to Firefox's window. (for click a specified places).
You can also add image-recognition (it's simple bitmap-memory compare) if the mouse-coordinates won't be always true due to layout reordering, caused by news-text above it.
Or you can find a way to inject cookies in Firefox, and do everything the TCP/IP way in your app.
Quote
I would like to avoid TCP/IP as I'm still to newbish
I'm not familiar with the Image recogintion technique, would you now of any examples or web links that deal with this technique?
thx
Just try implementing the mouse-clicks for now;
Image-matching is very easy, though needs a bit of knowledge in graphics, GDI and custom drawing. And for now it's unnecessary.
I don't have Firefox installed on my system. Supposedly the server only supports explorer.
This is all I have come up so far. I'm not sure if I fully understand the process of
Quote
So, make an app, that starts FireFox with the URL as a parameter, waits for the browser+page to load,
and then start sending mouse-messages to Firefox's window. (for click a specified places).
Quote
so far, this is all I could think. When the web page is loaded, the focus and the cursor is in the user name edit box. I thought I could just this example to auto type my username and tab to the next field and auto type password. but this does not work.
; Autotype demo by Vortex, modified
.386
.model flat,stdcall
option casemap:none
include \GeneSys\include\windows.inc
include \GeneSys\include\user32.inc
include \GeneSys\include\kernel32.inc
includelib \GeneSys\lib\user32.lib
includelib \GeneSys\lib\kernel32.lib
.data
username db 'Username',9, 0
password db 'password',13,0
app db 'C:\Program Files\Internet Explorer\IEXPLORE.EXE www.google.com', 0
wndclass db 'IExplore', 0
childclass db 'Edit', 0
.data?
handle dd ?
.code
start:
invoke WinExec, ADDR app, SW_SHOW
invoke FindWindow, ADDR wndclass, 0
invoke FindWindowEx, eax, 0, ADDR childclass, 0
mov handle, eax
invoke Sleep, 20000 ;wait for page to load
mov edx, OFFSET username
@@:
movzx eax,BYTE PTR [edx]
test eax,eax
jz @f
push edx
invoke SendMessage, handle, WM_CHAR, eax, 0
invoke Sleep, 20
pop edx
inc edx
jmp @b
@@:
invoke ExitProcess, 0
END start
I think this doesen't work because I do not have a handle to the edit box?? :red
There are no Windows-controlled editboxes in browsers. Instead, send the WM_ messages to the IExplore window. You'll have to experiment a lot, to find what messages work and when.
How do I determine I have sent the right one?
trial and error from the looks of things...
hi
i hope this can help you!
.data
szVerbOpen db "open",0
szFindInGoogle db 'http://www.google.com/search?q=',0
szString db "masm32",0
.data?
hInstance dd ?
szTempBuf db MAX_PATH dup(?)
.code
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke lstrcpy,addr szTempBuf,addr szFindInGoogle
invoke lstrcat,addr szTempBuf,addr szString
invoke ShellExecute,0,addr szVerbOpen,addr szTempBuf,0,0,SW_NORMAL
invoke ExitProcess,0
end start
greets ragdog
Thank you ragdog for your example. In the case for a google search, this example works great. I used the google search in my example because I did not want to use the corporate server address. I asumed if I can put a string into the google search box, I could put one anywhere. Obviously wrong.
However, the szFindInGoogle db 'http://www.google.com/search?q=',0 looks like some scripting to me. Is this correct? If yes, then all that would be needed is to find the correct script for USERID: and PASSWORD: Or Iam I wrong again?
For Ultranos approach, I tried this,:
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
include \masm32\include\dialogs.inc
include simple2.inc
dlgproc PROTO :DWORD,:DWORD,:DWORD,:DWORD
.data
username db 'Username', 0
app db 'C:\Program Files\Internet Explorer\IEXPLORE.EXE www.google.com', 0
wndclass db 'IExplore', 0
childclass db 'Edit', 0
message db 'in wm_create',0
cap db 'wm-Create',0
.data?
handle dd ?
hwndname dd ?
.code
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
start:
mov hInstance, FUNC(GetModuleHandle,NULL)
mov hIcon, FUNC(LoadIcon,hInstance,500)
invoke WinExec, ADDR app, SW_SHOW
invoke FindWindow, ADDR wndclass, 0
invoke FindWindowEx, eax, 0, ADDR childclass, 0
mov handle, eax
call main
invoke ExitProcess,eax
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
main proc
LOCAL lpArgs:DWORD
invoke GlobalAlloc,GMEM_FIXED or GMEM_ZEROINIT, 32
mov lpArgs, eax
push hIcon
pop [eax]
Dialog "Dialog With Icon","MS Sans Serif",10, \ ; caption,font,pointsize
WS_OVERLAPPED or WS_SYSMENU or DS_CENTER, \ ; style
3, \ ; control count
50,50,150,80, \ ; x y co-ordinates
1024 ; memory buffer size
DlgButton "OK",WS_TABSTOP,112,5,30,10,IDCANCEL
DlgStatic "MASM32 Pure And Simple Dialogs",SS_CENTER,3,35,140,9,100
DlgIcon 500,10,10,101
CallModalDialog hInstance,0,dlgproc,ADDR lpArgs
invoke GlobalFree, lpArgs
ret
main endp
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
dlgproc proc hWin:DWORD,uMsg:DWORD,wParam:DWORD,lParam:DWORD
.if uMsg == WM_INITDIALOG
mov eax, lParam
mov eax, [eax]
invoke SendMessage,hWin,WM_SETICON,1,[eax]
invoke GetForegroundWindow
mov hwndname, eax
invoke SendMessage, hwndname, WM_SETFOCUS, offset username , 0
invoke SetForegroundWindow, hwndname
invoke SetCapture,hwndname
.elseif uMsg == WM_COMMAND
.if wParam == IDCANCEL
jmp quit_dialog
.endif
.elseif (eax==WM_LBUTTONDOWN)
mov edx, OFFSET username
@@:
movzx eax,BYTE PTR [edx]
test eax,eax
jz @f
push edx
invoke SendMessage, handle, WM_CHAR, eax, 0
invoke Sleep, 20
pop edx
inc edx
jmp @b
@@:
.elseif uMsg == WM_CLOSE
quit_dialog:
invoke EndDialog,hWin,0
.endif
xor eax, eax
ret
dlgproc endp
; «««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
end start
I tried several different ways to send WM_MESSAGES to explorer. The webpage takes some time to load and I suspect that my first example terminated before the page was loaded.
With the obove example I'm no further since I have no idea wether or not it got there and I have no clue what explorer does with the received messages.
Klod have you tried using wininet?
InternetOpen,InternetOpenUrl,InternetCloseHandle
its easy.
to klod
which you look for a login script in masm32 ??
greets
ragdog
Thak you all for your replies
What I try to acomplish is to logi with username and password to a server on the internet from my proggie written in asm.
ragdogs szFindInGoogle db 'http://www.google.com/search?q=',0 made me assume /search?q= may be some sort of script since I cannot find this in the docs. :dazzled: This string will start explorer and put the search string into the text box and execute the search.
I have tried the same thing with my login, assuming it would work the same way, but it does not.
To back up, all I try to accomplish is to load the servers web page, input my username and my password from within my proggie.
I tried to send WM_MESSAGES as suggested, tried to obtain a handle or processId for explorer (previous code example) but find that all these methods do not work.
Of course it won't login. For sign-in, sites use POST. And if the corporate server is well-setup, they'll be using https instead of http :) (but I guess it isn't).
to klod
try this
.data
szVerbOpen db "open",0
szMasm32Login db 'http://www.masm32.com/board/index.php?"',0
szString db 'action=login2"&user="XXX"&passwrd="XXX',0
.data?
hInstance dd ?
szTempBuf db MAX_PATH dup(?)
.code
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke lstrcpy,addr szTempBuf,addr szMasm32Login
invoke lstrcat,addr szTempBuf,addr szString
invoke ShellExecute,0,addr szVerbOpen,addr szTempBuf,0,0,SW_NORMAL
invoke ExitProcess,0
end start
greets
ragdog
Quote from: Klod on June 12, 2007, 07:58:48 PMWhat I try to acomplish is to logi with username and password to a server on the internet from my proggie written in asm.
i'll try to explain by using masm32 login as an example.
web based logins have some
form elements that use methods POST,GET for submiting data.
by viewing html source of "http://www.masm32.com/board/index.php" we see
<form action="http://www.masm32.com/board/index.php?action=login2" method="post" style="margin: 3px 1ex 1px 0; text-align:right;">
<input type="text" name="user" size="10" /> <input type="password" name="passwrd" size="10" />
<select name="cookielength">
<option value="60">1 Hour</option>
<option value="1440">1 Day</option>
<option value="10080">1 Week</option>
<option value="302400">1 Month</option>
<option value="-1" selected="selected">Forever</option>
</select>
<input type="submit" value="Login" /><br />
Login with username, password and session length
</form>
when you press "Login" button, your browser submits data to "action" defined in the form.
http://www.masm32.com/board/index.php?action=login2&user=drizz&passwrd=***&cookielength=-1
(*** is not the pass of course, it must be replaced)
-> try to logout and then login just by pasting your url in address field of the browser:
http://www.masm32.com/board/index.php?action=login2&user=Klod&passwrd=***&cookielength=-1
the form on your server might also have
hidden type of form elements which must also be encoded.
remember that special characters must be url-encoded
therefore you start by experimenting with your browser on your server as described above,
logging in by using address bar, when that works you can use the example ragdog provided.
reading material:http protocol:http://www.w3.org/Protocols/HTTP/HTTP2.html
form submissionhttp://www.w3.org/MarkUp/html-spec/html-spec_toc.html#SEC8.2
url encoding:http://www.permadi.com/tutorial/urlEncoding/
http://www.w3.org/Addressing/URL/url-spec.html
programs:packet analyzer: http://www.ethereal.com/
EDIT: almost forgot
a great program local proxy: http://www.proxomitron.info/
Well, the form submission link above is for html2 but we're on html4.01 now. Here is the link (http://www.w3.org/TR/html401/) for that.
Also, http2.0 is not ready for prime time yet. The current, stable version used is http1.1 which is here. (http://www.w3.org/Protocols/rfc2616/rfc2616.html)
thanks for the correction drhowarddrfine, i just copy&pasted from google without looking. :red
Thank you all for contributing.
I realize that there is a lot of material to read and study. I started but...:dazzled:
drizz your example is very helpful in learning and I was able to make it work with some simple websites.
However, it dont work with my server problem, which uses secure logon. I decided to post the source code for it here, but I changed the company name and the URL, to respect the companies privacy. I hope someone may help me decipher the meaning of its sintax :bg
Quote
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Web Single Login</title>
<link rel="stylesheet" type="text/css" href="/css/styles-wslx.css">
<script>
<!-- to hide script contents from old browsers
function validateForm(form)
{
if (document.forms[0].userid.value.length == 0 || document.forms[0].userid.value.length < 3) {
alert( "\nInvalid USER ID entry.\nEnter end user's USER ID in the box.");
return false;
}
if (document.forms[0].password.value.length == 0) {
alert("You must enter a password.");
return false;
}
// determine if user is internal
// and is authenticating via securID
if ( (!validateUserID(form)) && (validatePasscode(form))) {
var cdsid = escape(document.forms[0].userid.value);
var passwd = escape(document.forms[0].password.value);
// if so then get args for WslIP and back and issue them as cookies
var argx = getArgs();
if (argx.back)
{
var x = String(argx.back);
document.cookie = "back="+ escape (x)+ "; domain=dealerconnection.com; path=/";
}
if (argx.WslIP)
{
var y = String(argx.WslIP);
document.cookie = "WslIP="+ escape (y)+ "; domain=dealerconnection.com; path=/";
}
document.forms[0].action = "https://www.secureauthx.connection.com/XXX.cgi";
}
else {
document.forms[0].action = 'auth.cgi';
}
return true;
}
function validateUserID(form)
{
//determine if userid is internal or external
var reUser = /^\w-\w{1,8}$/;
if (reUser.test(document.forms[0].userid.value)) {
return true;
}
return false;
}
function validatePasscode(form)
{
//determine if passcode is valid SecurID format
var rePasscode = /^\d{8,16}$/;
if (rePasscode.test(document.forms[0].password.value)) {
return true;
}
return false;
}
function getArgs()
{
//get variables from query string
var args = new Object();
var query = location.search.substring(1); //Get query string
var regExp = /(WslIP=\d+\.\d+\.\d+\.\d+)&(back=.+)/;
var result = query.match(regExp);
if (result != null){
var pairs = new Array();
pairs[0] = (result[1]);
pairs[1] = (result[2]);
}
else {
var regExp2 = /(back=.+)/;
var result2 = query.match(regExp2);
if (result2 != null){
var pairs = new Array();
pairs[0] = (result2[1]);
//alert (pairs[0]);
}
else {
return false;
}
}
//var pairs = query.split("&"); //Break at ampersand
for (var i=0; i<pairs.length; i++) {
var pos = pairs
.indexOf("="); //look for name=value
if (pos == -1) continue; //if not found skip
var argname = pairs.substring(0,pos); //get name
var value = pairs.substring(pos+1); //get value
args[argname] = unescape(value); //store as property
//alert (value);
}
return args;
}
function checkCookieId () {
// only execute if the login form is displayed on the page
if (document.forms[0]) {
if (getCookie("CDSID") != "") {
if (document.forms[0].userid.value == "") {
document.forms[0].userid.value = getCookie("CDSID");
}
document.forms[0].password.focus();
}
else {
document.forms[0].userid.focus();
}
}
}
function getCookie (Name) {
var search = Name + "="
if (document.cookie.length > 0) {
offset = document.cookie.indexOf(search)
if (offset != -1) {
offset += search.length
end = document.cookie.indexOf(";", offset)
if (end == -1)
end = document.cookie.length
return unescape(document.cookie.substring(offset, end))
}
}
return ""
}
function checkUserId() {
if( document.forms[0].userid.value.length < 3 ) {
alert( "\nInvalid USER ID entry.\nEnter end user's USER ID in the box.");
document.forms[0].userid.focus();
return false;
}
return true;
}
function mypopup(URL)
{
//set the name of the Window
window.name="base";
//open a new window to display URL
window.open(URL,"myhelp","toolbar=no,location=no,directories=no,status=no, scrollbars=yes,resizable=yes,copyhistory=no");
}
// end hiding contents from old browsers -->
</script>
</head>
<body onload="checkCookieId()" id="DEALER-WSLXloginBody" MARGINWIDTH=0 MARGINHEIGHT=0 TOPMARGIN=0 LEFTMARGIN=0 >
<table BORDER="0" WIDTH="100%" CELLSPACING="0" CELLPADDING="0"><tr BGCOLOR="#0066FF"><td align=right> <A HREF="JavaScript:mypopup('wslx_help.jsp')"><img src="/img/helpoff.gif"></A></td></tr></table>
<table cellSpacing="0" cellPadding="0" border="0" width="100%">
<tr>
<td width="100%">
<CENTER>
<table id="DEALER-WSLXHeaderBodyFooter" border="0" width="100%">
<tr id="DEALER-WSLXHeader">
<td>
<br>
<div id="DEALER-WSLXloginHeaderText1">
<br><h1 align="center">Secure Web Logon</h1><hr>
</div>
<div id="DEALER-WSLXloginHeaderText2">
<br><TABLE BORDER=3 WIDTH="60%" CELLPADDING=10 align=center><TR><TD><B>
By logging into this site, I agree to the following terms and conditions: <br>XXX Company owns all rights to this work and intends to maintain it in confidence to preserve its trade secret status. Those having access to this work may not copy or print it, except for use within their own dealerships, or disclose the information contained in it without the written authorization of XXXCompany.
</B></TD></TR></TABLE>
</div>
<div id="DEALER-WSLXloginHeaderText3">
<H3 ALIGN="center">Enter your userid and password to login</H3>
<!--< if(usingFEDS) {%>
<H3 ALIGN="center"><=ml.getMessage("DEALER-WSLXloginHeaderText3b")%></H3>
< } else { %>
<H3 ALIGN="center"><=ml.getMessage("DEALER-WSLXloginHeaderText3a")%></H3>
< } %>-->
</div>
</td>
</tr>
<tr id="DEALER-WSLXBody">
<td>
<FORM name="logonForm" method="post" onSubmit="return validateForm(this.form);">
<table align="center">
<tr>
<th id="DEALER-WSLXloginUserIdLabel" width="30%">USERID:</th>
<td>
<input id="DEALER-WSLXloginUserIdInput" name="userid" size="10" maxlength="8"
value="" onchange="checkUserId()">
</td>
</tr>
<tr>
<th id=DEALER-WSLXloginPasswordLabel width="30%">PASSWORD:</th>
<td><input id=DEALER-WSLXloginPasswordInput name="password" size="10" type="password"></td></tr>
<tr>
<td>
</td>
<td>
<div id="DEALER-WSLXloginWSLSubmitButton">
<input type="submit" value="Login" >
</div>
</td>
</tr>
<!--Extra hidden parameters-->
<input type="hidden" name="WslIP" value="XX.XXX.XXX.XXX">
<input type="hidden" name="back64" value="aHR0cHM6Ly93d3cuaW5mb3JkLmRlYWxlcmNvbm5lY3Rpb24uY29tLw==">
</table>
</FORM>
</td>
</tr>
<tr id="DEALER-WSLXFooter">
<td> <br>
<div id="DEALER-WSLXloginFooterText1">
<center><b>NOTE: PLEASE DO NOT SHARE YOUR USER ID OR PASSWORD WITH ANYONE</b></center>
</div>
<br>
<!--<div id="DEALER-WSLXloginFooterContact">
<a id="DEALER-WSLXloginFooterContactRef" href="DEALER-WSLXloginFooterContactRef">
IT Security & Controls
</a>
</div>
<div id="DEALER-WSLXloginFooterCopyRight">
Copyright © 1996 - 2006<br>
XXXCompany.<br>
All Rights Reserved.
</div> -->
</td>
</tr>
</table>
</CENTER>
</td>
</tr>
</table>
</body>
</html>
Quote
Which basically means that you should've concentrated on making the Mouse movement, as I said :P
Quote from: Klod on June 14, 2007, 03:21:32 AMHowever, it dont work with my server problem, which uses secure logon. I decided to post the source code for it here, but I changed the company name and the URL, to respect the companies privacy. I hope someone may help me decipher the meaning of its sintax :bg
i have found the site - mad skills :) - don't worry i will not reveal it https://www.xxxxxx.xxxx.com/login.cgi?userid=x%2Dxxxxxxxx&password=00000000try it out. (you can try with or without IP
&WslIP=xxx.xxx.xxx.xxx)
and don't forget what i said about trying/using wininet!!!
How to simulate a Form POST request by using WinInet
http://msdn.microsoft.com/isapi/gosupport.asp?TARGET=/?kbid=165298
How To Make SSL Requests Using WinInet
http://support.microsoft.com/kb/168151
QuoteI hope someone may help me decipher the meaning of its sintax
Which part do of all that do you need help with?
This really goes against MASM but it works for me.
You can use VB6 and drop the IE browser control on a Form. The control will delivery messages to you to tell you it's complete and such. That's easy. So you just say "WebControl1.Navigate 'www.google.com'" and it goes there. When it's complete (because you get the event) you then can use the "WebControl1.Document.All..." and use standard DOM methods to control the entire interface. You can set text values, read values, and you can tell it to click on your Submit button.
I have no idea how to do this with MASM as all the COM and such are just so hard for me without Microsoft's extensions to help. This method does work and I use this as a normal method to run test scripts on web pages and for scraping content.
Sorry I did not have a MASM solution for you.
Thanks drizz for your help. However it still don't work. Thanks for the links. I looked up the information, but will have to spend more time learning about the topics.
To drhowarddrfine The part I have difficulty with is this:
The way I understand the subject, correct me if I'm wrong, is basically to to encode a string containing all the information needed to be passed to the server, much in the same way as the command line and its arguments under Windows/Dos.
The login page contains of 2 text boxes and a button. Textbox1 = userid, Textbox2 = password and the button will execute an action, in this case will fire the contents of the form to a different page for processing the login.
The example from drizz shows how the different elements for a login come from information contained in the pages source.
My login page is different, it uses a script to handle the login process and uses different syntax. Functions instead of actions??? The notation looks a bit like vb.
The parts I have trouble with is the %2D,?,& + etc URL codes. I found a list in one of the pages referred to by drizz. But I can't figure out how do derive from the source which one to use where.
Also, there are hidden parameters involved and the handling of cookies. reading through the script, I get the feeling, that somehow there is a cookie involved in the logging process.
To Ultrano :"Which basically means that you should've concentrated on making the Mouse movement, as I said".
I have tried that but came to realize that I did not really know what I was doing. The login page loads and the cursor is placed in the userid field. I assumed, If I could get a handle to the foreground window, I could auto type or put a string at the cursor position. I will have to experiment with your approach some more. Pointers are needed tough.
To thomas_remkus, I don't have VB6. However, I think there is a ie control in radasm. I will try this out.
Once more, to all of you who have contributed, many thanks.
Yes. It's javascript and submits the data with the onSubmit function which is built into a browser. All the form data will be sent as part of the http header. There will be Content-Type, Content-Length and the POSTDATA which will be sent as 'name=yourname&password=yourpassword' etc.