Using python to open cmd and automatically enter a

2020-01-29 02:59发布

站内问答 / Python
2280 3 6

I've managed to get the cmd being opened by python. However, using runas administrator comes with a password check before cmd.exe is executed.

I'm using this to open cmd...

import subprocess

subprocess.call(["runas", "/user:Administrator", "cmd.exe"])

I'm looking for a way to automatically enter the password into the runas.exe prompt which opens when i run the code. Say if i were to create var = "test" and add it after import subprocess how would i make it so that this variable is passed to and seen as an input to the runas.exe?

The solution would require only python modules which are in version 3.4 or higher.

Update

I have found some code which appears to input straight into runas.exe. However, the apparent input is \x00\r\n when in the code the input is supposed to be test I am fairly certain that if i can get the input to be test then the code will be successful.

The code is as follows : 

import subprocess

args = ['runas', '/user:Administrator', 'cmd.exe']

proc = subprocess.Popen(args, 
                        stdin=subprocess.PIPE, 
                        stdout=subprocess.PIPE, 
                        stderr=subprocess.PIPE)

proc.stdin.write(b'test\n')
proc.stdin.flush()

stdout, stderr = proc.communicate()
print (stdout)
print (stderr)

3条回答
Evening l夕情丶
2楼-- · 2020-01-29 03:06

Although not an answer to your question, this can be a solution to your problem. Use psexec instead of runas. You can run it like this:

psexec -u user -p password cmd

(or run it from Python using subprocess.Popen or something else)

查看更多
0人赞 添加讨论(0) 举报
SAY GOODBYE
3楼-- · 2020-01-29 03:06

This piece of code actually works (tested on a Windows 2008 server). I've used it to call runas for a different user and pass his password. A new command prompt opened with new user context, without needing to enter password.

Note that you have to install pywin32 to have access to the win32 API.

The idea is:

  • to Popen the runas command, without any input redirection, redirecting output
  • read char by char until we encounter ":" (last char of the password prompt).
  • send key events to the console using win32 packages, with the final \r to end the password input.

(adapted from this code):

import win32console, win32con, time
import subprocess

username = "me"
domain = "my_domain"
password ="xxx"

free_console=True
try:
    win32console.AllocConsole()
except win32console.error as exc:
    if exc.winerror!=5:
        raise
    ## only free console if one was created successfully
    free_console=False

stdin=win32console.GetStdHandle(win32console.STD_INPUT_HANDLE)

p = subprocess.Popen(["runas",r"/user:{}\{}".format(domain,username),"cmd.exe"],stdout=subprocess.PIPE)
while True:
    if p.stdout.read(1)==":":
        for c in "{}\r".format(password):  # end by CR to send "RETURN"
            ## write some records to the input queue
            x=win32console.PyINPUT_RECORDType(win32console.KEY_EVENT)
            x.Char=unicode(c)
            x.KeyDown=True
            x.RepeatCount=1
            x.VirtualKeyCode=0x0
            x.ControlKeyState=win32con.SHIFT_PRESSED
            stdin.WriteConsoleInput([x])

        p.wait()
        break
查看更多
0人赞 添加讨论(0) 举报
爱情/是我丢掉的垃圾
4楼-- · 2020-01-29 03:08

I am trying to do the same that the mate ExoticScarf. Copying your code `

args=(["runas.exe", "/user:admin", "program.exe"])
proc = subprocess.Popen(args, 
                        stdin=subprocess.PIPE, 
                        stdout=subprocess.PIPE, 
                        stderr=subprocess.PIPE,
                        universal_newlines=True)
passw='password'
proc.stdin.write(passw)
proc.stdin.flush()

stdout, stderr = proc.communicate()
print (stdout)
print (stderr)`

Adding universal_newlines=True it seems that it cans write the pass like a str not like a bytes-like objects..

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)