def click_mouse():
# Move mouse to top-middle position.
USER32.SetCursorPos(RESOLUTION["x"] / 2, 0)
# Mouse down.
USER32.mouse_event(2, 0, 0, 0, None)
KERNEL32.Sleep(50)
# Mouse up.
USER32.mouse_event(4, 0, 0, 0, None)
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"don't send",
"don't save",
"continue",
"unzip",
"open",
"close the program",
"save",
"later",
"finish",
"end",
"allow access",
]
# List of buttons labels to not click.
dontclick = [
"check online for a solution", "don't run",
"do not ask again until the next update is available", "cancel",
"do not accept the agreement"
]
classname = create_unicode_buffer(128)
USER32.GetClassNameW(hwnd, classname, 128)
# Check if the class of the child is button.
if "button" in classname.value.lower(
) or classname.value == "NUIDialog" or classname.value == "bosa_sdm_msword":
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
if not length:
return True
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
textval = text.value.replace('&', '')
if "Microsoft" in textval and (classname.value == "NUIDialog" or
classname.value == "bosa_sdm_msword"):
log.info("Issuing keypress on Office dialog")
USER32.SetForegroundWindow(hwnd)
# enter key down/up
USER32.keybd_event(0x0d, 0x1c, 0, 0)
USER32.keybd_event(0x0d, 0x1c, 2, 0)
return False
# we don't want to bother clicking any non-visible child elements, as they
# generally won't respond and will cause us to fixate on them for the
# rest of the analysis, preventing progress with visible elements
if not USER32.IsWindowVisible(hwnd):
return True
# Check if the button is set as "clickable" and click it.
for button in buttons:
if button in textval.lower():
dontclickb = False
for btn in dontclick:
if btn in textval.lower():
dontclickb = True
if not dontclickb:
log.info("Found button \"%s\", clicking it" % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# only stop searching when we click a button
return False
return True
def type_keyboard(key_value, scan_value):
USER32.keybd_event(key_value, scan_value, 0, 0)
USER32.keybd_event(key_value, scan_value, 0x0002, 0)
KERNEL32.Sleep(80)
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"don't send",
"don't save",
"continue",
"unzip",
"open",
"close the program",
"save",
"later",
"finish",
"end",
"allow access",
"remind me later",
]
# List of buttons labels to not click.
dontclick = [
"check online for a solution",
"don't run",
"do not ask again until the next update is available",
"cancel",
"do not accept the agreement",
"i would like to help make reader even better"
]
classname = create_unicode_buffer(128)
USER32.GetClassNameW(hwnd, classname, 128)
# Check if the class of the child is button.
if "button" in classname.value.lower() or classname.value == "NUIDialog" or classname.value == "bosa_sdm_msword":
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
if not length:
return True
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
textval = text.value.replace('&','')
if "Microsoft" in textval and (classname.value == "NUIDialog" or classname.value == "bosa_sdm_msword"):
log.info("Issuing keypress on Office dialog")
USER32.SetForegroundWindow(hwnd)
# enter key down/up
USER32.keybd_event(0x0d, 0x1c, 0, 0)
USER32.keybd_event(0x0d, 0x1c, 2, 0)
return False
# we don't want to bother clicking any non-visible child elements, as they
# generally won't respond and will cause us to fixate on them for the
# rest of the analysis, preventing progress with visible elements
if not USER32.IsWindowVisible(hwnd):
return True
# Check if the button is set as "clickable" and click it.
for button in buttons:
if button in textval.lower():
dontclickb = False
for btn in dontclick:
if btn in textval.lower():
dontclickb = True
if not dontclickb:
log.info("Found button \"%s\", clicking it" % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# only stop searching when we click a button
return False
return True
def get_office_window_click_around(hwnd, lparm):
global OFFICE_CLICK_AROUND
if USER32.IsWindowVisible(hwnd):
text = create_unicode_buffer(1024)
USER32.GetWindowTextW(hwnd, text, 1024)
if any([value in text.value for value in ("Microsoft Word", "Microsoft Excel", "Microsoft PowerPoint")]):
USER32.SetForegroundWindow(hwnd)
# first click the middle
USER32.SetCursorPos(RESOLUTION["x"] // 2, RESOLUTION["y"] // 2)
click_mouse()
KERNEL32.Sleep(50)
click_mouse()
KERNEL32.Sleep(500)
# click through the middle with offset for cell position on side and scroll bar
x = 80
while x < RESOLUTION["x"] - 40:
# make sure the window still exists
if USER32.IsWindowVisible(hwnd):
USER32.SetForegroundWindow(hwnd)
USER32.SetCursorPos(x, RESOLUTION["y"] // 2)
click_mouse()
KERNEL32.Sleep(50)
click_mouse()
KERNEL32.Sleep(50)
if USER32.IsWindowVisible(hwnd):
USER32.SetForegroundWindow(hwnd)
USER32.SetCursorPos(x, RESOLUTION["y"] // 2 + random.randint(80, 200))
click_mouse()
KERNEL32.Sleep(50)
click_mouse()
KERNEL32.Sleep(50)
else:
break
if USER32.IsWindowVisible(hwnd):
USER32.SetForegroundWindow(hwnd)
USER32.SetCursorPos(x, RESOLUTION["y"] // 2 - random.randint(80, 200))
click_mouse()
KERNEL32.Sleep(50)
click_mouse()
KERNEL32.Sleep(50)
else:
break
x += random.randint(150, 200)
KERNEL32.Sleep(50)
else:
log.info("Breaking out of office click loop as our window went away")
break
KERNEL32.Sleep(20000)
OFFICE_CLICK_AROUND = True
return True
def getwindowlist(hwnd, lparam):
global INITIAL_HWNDS
if USER32.IsWindowVisible(hwnd):
INITIAL_HWNDS.append(hwnd)
return True
def foreach_window(hwnd, lparam):
# If the window is visible, enumerate its child objects, looking
# for buttons.
if USER32.IsWindowVisible(hwnd):
USER32.EnumChildWindows(hwnd, EnumChildProc(foreach_child), 0)
return True
import logging
from threading import Thread
from ctypes import WINFUNCTYPE, POINTER
from ctypes import c_bool, c_int, create_unicode_buffer
from lib.common.abstracts import Auxiliary
from lib.common.defines import KERNEL32, USER32
from lib.common.defines import WM_GETTEXT, WM_GETTEXTLENGTH, BM_CLICK
log = logging.getLogger(__name__)
EnumWindowsProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
EnumChildProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
RESOLUTION = {
"x": USER32.GetSystemMetrics(0),
"y": USER32.GetSystemMetrics(1)
}
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"don't send",
def run(self):
# human starts before the sample invocation, wait for 3s to start
minimal_timeout = KERNEL32.GetTickCount() + 3000
# set office close timeout after 2/3 of analysis (in milliseconds)
office_close_sec = int(self.options.get("timeout") * (3. / 4) * 1000)
office_close_timeout = KERNEL32.GetTickCount() + office_close_sec
is_office_close = False
is_full_screen = False
pdf_clicks_ctr = 10
# adaptive sleep timer
sleep = 50 if self.is_ultrafast else 750
while self.do_run:
KERNEL32.Sleep(
sleep) # we wait for minimal timeout anyway so no loss here
if KERNEL32.GetTickCount() < minimal_timeout:
continue
if not is_office_close and KERNEL32.GetTickCount(
) > office_close_timeout:
USER32.EnumWindows(EnumWindowsProc(get_office_window), 0)
is_office_close = True
if self.do_click_mouse and self.do_move_mouse:
# extract foregroud window name
fg_window_name = ""
hwnd = USER32.GetForegroundWindow()
try:
fg_window_name = get_window_text(hwnd).lower()
except:
log.exception("failed to extract window name")
pass
# make the office window on front
if fg_window_name in ["", "program manager"]:
x, y = self.coordinates.center()
move_mouse(x, y)
click_mouse(x, y)
continue
else:
log.info("fg_window_name: %s", fg_window_name)
if "word" in fg_window_name or "excel" in fg_window_name:
if not is_full_screen:
set_full_screen(hwnd)
is_full_screen = True
x, y = self.coordinates.next()
move_mouse(x, y)
double_click(x, y)
elif "powerpoint" in fg_window_name:
if not is_full_screen:
set_full_screen(hwnd)
is_full_screen = True
x, y = self.coordinates.center()
move_mouse(x, y)
click_mouse(x, y)
elif "acrobat reader" in fg_window_name:
if not is_full_screen:
set_full_screen(hwnd)
is_full_screen = True
# place cursor on top left
x, y = 120, 200
move_mouse(x, y)
click_mouse(x, y)
if pdf_clicks_ctr > 0:
# press tab
click_button(win32con.VK_TAB)
# press enter
click_button(win32con.VK_RETURN)
pdf_clicks_ctr = pdf_clicks_ctr - 1
# wait for result
KERNEL32.Sleep(1000)
else:
# make random move
x, y = self.coordinates.random()
move_mouse(x, y)
if self.do_click_buttons:
USER32.EnumWindows(EnumWindowsProc(foreach_window), 0)
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"oui",
"ok",
"i accept",
"next",
"suivant",
"new",
"nouveau",
"install",
"installer",
"file",
"fichier",
"run",
"start",
"marrer",
"cuter",
"i agree",
"accepte",
"enable",
"activer",
"accord",
"valider",
"don't send",
"ne pas envoyer",
"don't save",
"continue",
"continuer",
"personal",
"personnel",
"scan",
"scanner",
"unzip",
"dezip",
"open",
"ouvrir",
"close the program",
"execute",
"executer",
"launch",
"lancer",
"save",
"sauvegarder",
"download",
"load",
"charger",
"end",
"fin",
"terminer"
"later",
"finish",
"end",
"allow access",
"remind me later",
"save",
"sauvegarder",
"update",
"allow",
]
# List of buttons labels to not click.
dontclick = [
"don't run", "i do not accept",
"check for a solution and close the program", "close the program",
"never allow opening files of this type",
"always allow opening files of this type"
]
classname = create_unicode_buffer(50)
USER32.GetClassNameW(hwnd, classname, 50)
# Check if the class of the child is button.
if "button" in classname.value.lower():
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
# Check if the button is set as "clickable" and click it.
textval = text.value.replace("&", "").lower()
for button in buttons:
if button in textval:
for btn in dontclick:
if btn in textval:
break
else:
log.info("Found button %r, clicking it" % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# Recursively search for childs (USER32.EnumChildWindows).
return True
def set_full_screen(hwnd):
log.info("set full screen")
SW_MAXIMISE = 3
USER32.ShowWindow(hwnd, SW_MAXIMISE)
KERNEL32.Sleep(120)
def click_mouse(x, y):
log.debug("click_mouse (%d, %d)", x, y)
USER32.mouse_event(win32con.MOUSEEVENTF_LEFTDOWN, x, y, 0, 0)
USER32.mouse_event(win32con.MOUSEEVENTF_LEFTUP, x, y, 0, 0)
def move_mouse(x, y):
USER32.SetCursorPos(x, y)
def get_window_text(hwnd):
text = create_unicode_buffer(1024)
USER32.GetWindowTextW(hwnd, text, 1024)
return text.value
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"don't send",
"don't save",
"continue",
"unzip",
"open",
"close the program",
"save",
"later",
"finish",
"end",
"allow access",
]
# List of buttons labels to not click.
dontclick = [
"don't run",
"do not ask again until the next update is available",
]
classname = create_unicode_buffer(128)
USER32.GetClassNameW(hwnd, classname, 128)
# Check if the class of the child is button.
if "button" in classname.value.lower() or classname.value == "NUIDialog":
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
if not length:
return True
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
textval = text.value.replace('&', '')
if classname.value == "NUIDialog" and "Microsoft" in textval:
log.info("Issuing keypress on Office dialog")
USER32.SetForegroundWindow(hwnd)
# enter key down/up
USER32.keybd_event(0x0d, 0x1c, 0, 0)
USER32.keybd_event(0x0d, 0x1c, 2, 0)
return False
# Check if the button is set as "clickable" and click it.
for button in buttons:
if button in textval.lower():
dontclickb = False
for btn in dontclick:
if btn in textval.lower():
dontclickb = True
if not dontclickb:
log.info("Found button \"%s\", clicking it" % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# only stop searching when we click a button
return False
return True
def run(self):
try:
seconds = 0
randoff = random.randint(0, 10)
# add some random data to the clipboard
randchars = list(
" aaaabcddeeeeeefghhhiiillmnnnooooprrrsssttttuwy")
cliplen = random.randint(10, 1000)
clipval = []
for i in range(cliplen):
clipval.append(randchars[random.randint(0,
len(randchars) - 1)])
clipstr = "".join(clipval)
cliprawstr = create_unicode_buffer(clipstr)
USER32.OpenClipboard(None)
USER32.EmptyClipboard()
buf = KERNEL32.GlobalAlloc(GMEM_MOVEABLE, sizeof(cliprawstr))
lockbuf = KERNEL32.GlobalLock(buf)
memmove(lockbuf, cliprawstr, sizeof(cliprawstr))
KERNEL32.GlobalUnlock(buf)
USER32.SetClipboardData(CF_TEXT, buf)
USER32.CloseClipboard()
nohuman = self.options.get("nohuman")
if nohuman:
return True
officedoc = False
if hasattr(self.config, "file_type"):
file_type = self.config.file_type
file_name = self.config.file_name
if ("Rich Text Format" in file_type
or "Microsoft Word" in file_type
or "Microsoft Office Word" in file_type
or "MIME entity" in file_type or file_name.endswith(
(".doc", ".docx", ".rtf", ".mht", ".mso"))):
officedoc = True
elif ("Microsoft Office Excel" in file_type
or "Microsoft Excel" in file_type or file_name.endswith(
(".xls", ".xlsx", ".xlsm", ".xlsb"))):
officedoc = True
elif "Microsoft PowerPoint" in file_type or file_name.endswith(
(".ppt", ".pptx", ".pps", ".ppsx", ".pptm", ".potm",
".potx", ".ppsm")):
officedoc = True
USER32.EnumWindows(EnumWindowsProc(getwindowlist), 0)
while self.do_run:
if officedoc and not (seconds % 60 and CLOSED_OFFICE):
USER32.EnumWindows(EnumWindowsProc(get_office_window), 0)
# only move the mouse 75% of the time, as malware can choose to act on an "idle" system just as it can on an "active" system
if random.randint(0, 7) > 1:
click_mouse()
move_mouse()
if (seconds % (15 + randoff)) == 0:
curwind = USER32.GetForegroundWindow()
other_hwnds = INITIAL_HWNDS[:]
try:
other_hwnds.remove(USER32.GetForegroundWindow())
except:
pass
if len(other_hwnds):
USER32.SetForegroundWindow(other_hwnds[random.randint(
0,
len(other_hwnds) - 1)])
USER32.EnumWindows(EnumWindowsProc(foreach_window), 0)
KERNEL32.Sleep(1000)
seconds += 1
except Exception as e:
error_exc = traceback.format_exc()
log.exception(error_exc)
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
# english
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"retry",
"don't send",
"don't save",
"continue",
"unzip",
"open",
"close the program",
"save",
"later",
"finish",
"end",
"allow access",
"remind me later",
# german
"ja",
"weiter",
"akzeptieren",
"ende",
"starten",
"jetzt starten",
"neustarten",
"neu starten",
"jetzt neu starten",
"beenden",
"oeffnen",
"schliessen",
"installation weiterfuhren",
"fertig",
"beenden",
"fortsetzen",
"fortfahren",
"stimme zu",
"zustimmen",
"senden",
"nicht senden",
"speichern",
"nicht speichern",
"ausfuehren",
"spaeter",
"einverstanden",
]
# List of buttons labels to not click.
dontclick = [
# english
"check online for a solution",
"don't run",
"do not ask again until the next update is available",
"cancel",
"do not accept the agreement",
"i would like to help make reader even better",
# german
"abbrechen",
"online nach losung suchen",
"abbruch",
"nicht ausfuehren",
"hilfe",
"stimme nicht zu",
]
classname = create_unicode_buffer(128)
USER32.GetClassNameW(hwnd, classname, 128)
# Check if the class of the child is button.
if "button" in classname.value.lower() or classname.value in (
"NUIDialog", "bosa_sdm_msword"):
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
if not length:
return True
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
textval = text.value.replace("&", "")
if "Microsoft" in textval and (classname.value
in ("NUIDialog", "bosa_sdm_msword")):
log.info("Issuing keypress on Office dialog")
USER32.SetForegroundWindow(hwnd)
# enter key down/up
USER32.keybd_event(0x0D, 0x1C, 0, 0)
USER32.keybd_event(0x0D, 0x1C, 2, 0)
return False
# we don't want to bother clicking any non-visible child elements, as they
# generally won't respond and will cause us to fixate on them for the
# rest of the analysis, preventing progress with visible elements
if not USER32.IsWindowVisible(hwnd):
return True
# Check if the button is set as "clickable" and click it.
for button in buttons:
if button in textval.lower():
dontclickb = False
for btn in dontclick:
if btn in textval.lower():
dontclickb = True
if not dontclickb:
log.info('Found button "%s", clicking it' % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# only stop searching when we click a button
return False
return True
def move_mouse():
x = random.randint(0, RESOLUTION["x"])
y = random.randint(0, RESOLUTION["y"])
USER32.mouse_event(1, x, y, 0, None)
def click(hwnd):
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
def foreach_child(hwnd, lparam):
# List of partial buttons labels to click.
buttons = [
"yes", "oui",
"ok",
"i accept",
"next", "suivant",
"new", "nouveau",
"install", "installer",
"file", "fichier",
"run", "start", "marrer", "cuter",
"i agree", "accepte",
"enable", "activer", "accord", "valider",
"don't send", "ne pas envoyer",
"don't save",
"continue", "continuer",
"personal", "personnel",
"scan", "scanner",
"unzip", "dezip",
"open", "ouvrir",
"close the program",
"execute", "executer",
"launch", "lancer",
"save", "sauvegarder",
"download", "load", "charger",
"end", "fin", "terminer"
"later",
"finish",
"end",
"allow access",
"remind me later",
"save", "sauvegarder"
]
# List of complete button texts to click. These take precedence.
buttons_complete = [
"&Ja", # E.g., Dutch Office Word 2013.
]
# List of buttons labels to not click.
dontclick = [
"don't run",
"i do not accept"
]
classname = create_unicode_buffer(50)
USER32.GetClassNameW(hwnd, classname, 50)
# Check if the class of the child is button.
if "button" in classname.value.lower():
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
if text.value in buttons_complete:
log.info("Found button %r, clicking it" % text.value)
click(hwnd)
return True
# Check if the button is set as "clickable" and click it.
textval = text.value.replace("&", "").lower()
for button in buttons:
if button in textval:
for btn in dontclick:
if btn in textval:
break
else:
log.info("Found button %r, clicking it" % text.value)
click(hwnd)
# Recursively search for childs (USER32.EnumChildWindows).
return True
from __future__ import absolute_import
import logging
import random
import traceback
from ctypes import POINTER, WINFUNCTYPE, c_bool, c_int, create_unicode_buffer, memmove, sizeof
from threading import Thread
from lib.common.abstracts import Auxiliary
from lib.common.defines import BM_CLICK, CF_TEXT, GMEM_MOVEABLE, KERNEL32, USER32, WM_CLOSE, WM_GETTEXT, WM_GETTEXTLENGTH
log = logging.getLogger(__name__)
EnumWindowsProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
EnumChildProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
RESOLUTION = {"x": USER32.GetSystemMetrics(0), "y": USER32.GetSystemMetrics(1)}
INITIAL_HWNDS = []
CLOSED_OFFICE = False
OFFICE_CLICK_AROUND = False
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
# english
"yes",
"ok",
"accept",
"next",
from threading import Thread
from lib.common.abstracts import Auxiliary
from lib.common.defines import BM_CLICK, CF_TEXT, GMEM_MOVEABLE, KERNEL32, USER32, WM_CLOSE, WM_GETTEXT, WM_GETTEXTLENGTH
log = logging.getLogger(__name__)
EnumWindowsProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
EnumChildProc = WINFUNCTYPE(c_bool, POINTER(c_int), POINTER(c_int))
SM_CXSCREEN = 0
SM_CYSCREEN = 1
SM_CXFULLSCREEN = 16
SM_CYFULLSCREEN = 17
RESOLUTION = {
"x": USER32.GetSystemMetrics(SM_CXSCREEN),
"y": USER32.GetSystemMetrics(SM_CYSCREEN)
}
RESOLUTION_WITHOUT_TASKBAR = {
"x": USER32.GetSystemMetrics(SM_CXFULLSCREEN),
"y": USER32.GetSystemMetrics(SM_CYFULLSCREEN)
}
INITIAL_HWNDS = []
CLOSED_OFFICE = False
OFFICE_CLICK_AROUND = False
def foreach_child(hwnd, lparam):
classname = create_unicode_buffer(128)
def click_mouse():
# Mouse down.
USER32.mouse_event(2, 0, 0, 0, None)
KERNEL32.Sleep(50)
# Mouse up.
USER32.mouse_event(4, 0, 0, 0, None)
def run(self):
while self.do_run:
move_mouse()
click_mouse()
USER32.EnumWindows(EnumWindowsProc(foreach_window), 0)
KERNEL32.Sleep(1000)
def foreach_child(hwnd, lparam):
# List of buttons labels to click.
buttons = [
"yes",
"ok",
"accept",
"next",
"install",
"run",
"agree",
"enable",
"don't send",
"don't save",
"continue",
"unzip",
"open",
"close the program",
"save",
"later",
"finish",
"end",
"allow access",
]
# List of buttons labels to not click.
dontclick = [
"don't run",
"do not ask again until the next update is available",
]
classname = create_unicode_buffer(128)
USER32.GetClassNameW(hwnd, classname, 128)
# Check if the class of the child is button.
if "button" in classname.value.lower() or classname.value == "NUIDialog":
# Get the text of the button.
length = USER32.SendMessageW(hwnd, WM_GETTEXTLENGTH, 0, 0)
if not length:
return True
text = create_unicode_buffer(length + 1)
USER32.SendMessageW(hwnd, WM_GETTEXT, length + 1, text)
textval = text.value.replace('&','')
if classname.value == "NUIDialog" and "Microsoft" in textval:
log.info("Issuing keypress on Office dialog")
USER32.SetForegroundWindow(hwnd)
# enter key down/up
USER32.keybd_event(0x0d, 0x1c, 0, 0)
USER32.keybd_event(0x0d, 0x1c, 2, 0)
return False
# Check if the button is set as "clickable" and click it.
for button in buttons:
if button in textval.lower():
dontclickb = False
for btn in dontclick:
if btn in textval.lower():
dontclickb = True
if not dontclickb:
log.info("Found button \"%s\", clicking it" % text.value)
USER32.SetForegroundWindow(hwnd)
KERNEL32.Sleep(1000)
USER32.SendMessageW(hwnd, BM_CLICK, 0, 0)
# only stop searching when we click a button
return False
return True
def move_mouse():
x = random.randint(0, RESOLUTION["x"])
y = random.randint(0, RESOLUTION["y"])
USER32.mouse_event(1, x, y, 0, None)
def click_mouse():
USER32.mouse_event(4, 0, 0, 0, None)
def click_mouse():
# mouse down
USER32.mouse_event(2, 0, 0, 0, None)
KERNEL32.Sleep(50)
# mouse up
USER32.mouse_event(4, 0, 0, 0, None)
