Batch file gurus

Post by **+JuggerNaut+** » Tue May 15, 2007 5:57 pm

need some help. i'm looking to create a .bat file that will input characters within any given field that the cursor resides. for example, in the username field of a webpage.

any help or pointers appreciated.

Post by **Foo** » Tue May 15, 2007 7:18 pm

use windows script hoste to write the value to the clipboard and then use it again to paste to the active element

Post by **+JuggerNaut+** » Wed May 16, 2007 12:45 am

WSH is disabled for security reasons, so can't go that route. thanks for the suggestion though.

Post by **FragaGeddon** » Wed May 16, 2007 3:47 am

Just use keepass. A couple clicks and your done.

Post by **+JuggerNaut+** » Wed May 16, 2007 10:44 am

sorry, i should have stated that third party software cannot be used.

Post by **FragaGeddon** » Thu May 17, 2007 3:44 am

Well you can run keepass from a thumb drive. No need to install it. You might have to install it on another computer first. Then just copy the files over.

Post by **+JuggerNaut+** » Thu May 17, 2007 4:02 am

FragaGeddon wrote:Well you can run keepass from a thumb drive. No need to install it. You might have to install it on another computer first. Then just copy the files over.

sorry, these devices use encryption keys per user, per device, so unauthorized drives will not work (users don't get thumb drives because there is no business need in this environment), but thanks again for the suggestion.

Post by **Tormentius** » Thu May 17, 2007 3:37 pm

The only way I know of is through WSH. AFAIK what you're looking for isn't possible with a simple batch file.

Post by **4days** » Thu May 17, 2007 5:16 pm

assuming that it's for entering something on a particular webpage - does the form on the webpage only accept requests from POST or could you build a url and push the request through on GET?

what's the scope for bending the 3rd party rule - e.g. if you can create a batch file on the machine, what else can you do?

Post by **+JuggerNaut+** » Thu May 17, 2007 8:26 pm

Tormentius wrote:The only way I know of is through WSH. AFAIK what you're looking for isn't possible with a simple batch file.

yeah, kinda what i figured, but thought i'd give it a shot.

4days wrote:assuming that it's for entering something on a particular webpage - does the form on the webpage only accept requests from POST or could you build a url and push the request through on GET?

a webpage was just an example, but i'm not familiar enough with HTML to get very far with that idea.

4days wrote:
what's the scope for bending the 3rd party rule - e.g. if you can create a batch file on the machine, what else can you do?

actually you can't create it on the tablets themselves, but they can grab it from a network folder with no problem.

Post by **4days** » Thu May 17, 2007 8:40 pm

+JuggerNaut+ wrote:actually you can't create it on the tablets themselves, but they can grab it from a network folder with no problem.

but they can't run an exe across the network? would they trust an MSI? you could make one that doesn't actually install anything but runs a custom action to call an external/embedded program. the embedded program being this app with the ability to input data.

without a much better idea of what it actually needs to do, it's hard/pointless to say - even if you had the freedom to install software on the tablet.

Post by **+JuggerNaut+** » Thu May 17, 2007 10:23 pm

4days wrote:
+JuggerNaut+ wrote:actually you can't create it on the tablets themselves, but they can grab it from a network folder with no problem.
but they can't run an exe across the network? would they trust an MSI? you could make one that doesn't actually install anything but runs a custom action to call an external/embedded program. the embedded program being this app with the ability to input data.

without a much better idea of what it actually needs to do, it's hard/pointless to say - even if you had the freedom to install software on the tablet.

it's sounding like much more trouble than it's worth rather than the lazy bastards just hammering it out on the V/keyboard or copying/pasting. i'm thinking i'm gonna lay this one to rest.

i appreciate all the responses guys, thanks.

Post by **dzjepp** » Thu May 17, 2007 10:36 pm

Can't you use something like autohotkey? You can make an exe with that which won't require users to have autohotkey installed. http://www.autohotkey.com/

Although I probably missed the entire point of discussion as I mostly skimmed it, and for that I appologize.

Post by **^misantropia^** » Fri May 18, 2007 2:14 pm

If it's an internal website that you have access to, you could wrap it in an IFRAME and use some black JavaScript magic to fill in the fields, like this:

Code: Select all

window.frame['frameName'].document.forms['formName']['inputField'].value = 'Yet Another JavaScript Hacker';

Post by **Tormentius** » Fri May 18, 2007 3:46 pm

^misantropia^ wrote:If it's an internal website that you have access to, you could wrap it in an IFRAME and use some black JavaScript magic to fill in the fields, like this:
Code: Select all
window.frame['frameName'].document.forms['formName']['inputField'].value = 'Yet Another JavaScript Hacker';

And if that site is listed via Group Policy as a trusted site the security in IE would probably let it work. Might be worth a shot.

Post by **bitWISE** » Fri May 18, 2007 5:07 pm

Why require a login/password if you want to bypass it? Restrict the website to a specific range of IPs and remove the login screen.

Post by **+JuggerNaut+** » Fri May 18, 2007 7:37 pm

^misantropia^ wrote:If it's an internal website that you have access to, you could wrap it in an IFRAME and use some black JavaScript magic to fill in the fields, like this:
Code: Select all
window.frame['frameName'].document.forms['formName']['inputField'].value = 'Yet Another JavaScript Hacker';

i'll see if we can implement this, thanks.

bitWISE wrote:Why require a login/password if you want to bypass it? Restrict the website to a specific range of IPs and remove the login screen.

who's bypassing passwords? this is only for the login.