Comments

Latest Posts

Using AutoIT to Create Launchers (SSMS SQL auth and Others)

AutoIT is basically a way of automating stuff in the windows GUI and has lots of uses. 

Here is an working launcher and example script for SSMS with SQL Authentication since ssms.exe >v.18.0 no longer supports command line arguments. All steps:

  • Install AUTO IT on to the RDS server
  • Create attached scrtipt and compile into an executable
  • Create security template and custom launcher to pass credentials and host information to the AutoIt script executable.


Install AutoIt

Install AutoIT on your user’s machines who will be using these launchers. If using session connector install on the RDS server: (https://www.autoitscript.com/site/autoit/downloads/)

Download url : https://www.autoitscript.com/site/autoit/downloads/



Create and Compile AutoIt Script

 Copy the attached script and open with SciTE (built in Auto IT script editor, convert to .au3)

 


Below is the example script to launch SSMS.exe and complete SQL Auth : 

;Thycotic ssms.exe with sql credential launcher script

;set filepath of ssms.exe
$Path = "C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe"

;execute ssms.exe
ShellExecute($Path)

;Wait for the 'connect to server' window to appear
WinWaitActive("Connect to Server", "", 0)

;set auth mode to SQL authenticaiton
ControlSend("Connect to Server" , "" , "[NAME:comboBoxAuthentication]", "[NAME:SQL]")

;set server instance to servername passed from Secret Server launcher in cmd line parameter 1
ControlSetText("Connect to Server", "", "[NAME:serverInstance]", $CmdLine[1],1)

;set username to username passed from Secret Server launcher in cmd line parameter 2
ControlSetText("Connect to Server", "", "[NAME:userName]", $CmdLine[2],1)

;set password to password passed from Secret Server launcher in cmd line parameter 3
ControlSetText("Connect to Server", "", "[NAME:password]", $CmdLine[3],1)

;reactivate the connect to server window, required for the click of buttons within the window
WinActivate ("Connect to Server")

;click the connect button
ControlClick("Connect to Server", "", "[NAME:connect]")


Compile (go to Tools on toolbar and select Compile)



Save .exe to a location accessible to all users (c:\autoit in my case)


 

Create Launcher

Create a launcher with the following settings (note double quotes around variables):

 

Create a regular session connector launcher and use the above child launcher


Create a new secret template and pass servername, username and password.



Example 2: Custom Launcher for Application


1. Create custom launcher

Another custom launcher for custom application:


2. Create Custom Secret Template

You might need to create a custom secret template if this application's secret is unique from others. For example, in this case, there is only one field needed, password. 


3. Configure Launcher

From this custom template, click button "Configure Launcher", you will get following page if you have added one new Launcher:


You might see a weird thing at Username field, which is mapping to Password in the secret template. That is actually because of a bug from Thycotic software. You can check it out by click "Edit" button:

There is no way to get rid of existing default mapping from username to password ( the only field in Secret Template). If there are multiple fields, we can map username to other field to avoid this weird mapping. 


4. AutoIt script

You can refer the post: https://blog.51sec.org/2021/07/autoit-scripts-examples.html





No comments