I've spent a long time on this and it's not working yet. There's OpenSSL set up, so information such as creds and codes can be sent to cloudRIG.
The problem is that AWS Run Command runs as SYSTEM and when I try and execute as another user (administrator) it's denied:
$username = "administrator"
$password = "(pwd)"
$startWithElevatedRights = "C:\Windows\notepad.exe"
$credentials = New-Object System.Management.Automation.PSCredential -ArgumentList @($username,(ConvertTo-SecureString -String $password -AsPlainText -Force))
$ps = Start-Process -PassThru -FilePath powershell -Credential $credentials -ArgumentList '-noprofile -command &{Start-Process ', $startWithElevatedRights, ' -Wait -verb runas}'
$ps.WaitForExit()
Setting a scheduled task doesn't seem to work either:
$action = New-ScheduledTaskAction -Execute "Powershell.exe" -Argument @'
-Command "Stop-Process -Name "Steam" -Force -ErrorAction SilentlyContinue ; & 'C:\Program Files (x86)\Steam\Steam.exe'"
'@
Register-ScheduledTask -Action $action -Description "description" -Force -TaskName "taskname" -TaskPath "\"
As far as I can tell the steps are:
- Set autologon for Administrator
$RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
$RegROPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
Set-ItemProperty $RegPath "AutoAdminLogon" -Value "1" -type String
Set-ItemProperty $RegPath "DefaultUsername" -Value "administrator" -type String
Set-ItemProperty $RegPath "DefaultPassword" -Value "(pwd)" -type String
Set-ItemProperty $RegPath "AutoLogonCount" -Value "1" -type DWord
Set-ItemProperty $RegROPath "(Default)" -Value "" -type String
- Create Steam shortcut with creds
- Reboot
- Query steam processes in a loop and check if Steamguard or Steam News is open. Something like PS:
$timeout = new-timespan -Minutes 1
$sw = [diagnostics.stopwatch]::StartNew()
start-sleep -seconds 10
while ($sw.elapsed -lt $timeout) {
$steamGuardWindow = Get-Process | Where-Object { $_.mainWindowTitle -match "Steam Guard*" } | Select-Object -First 1
$steamMainWindow = Get-Process | Where-Object { $_.mainWindowTitle -eq "Steam" -or $_.mainWindowTitle -match "Steam - News*" } | Select-Object -First 1
if($steamGuardWindow.Count -gt 0) {
Write-Host "SteamGuard"
return
} elseif($steamMainWindow.Count -gt 0) {
Write-Host "Main"
return;
} else {
Write-Host "SomethingElse"
return;
}
start-sleep -seconds 5
}
- If it's open, automate the key presses like:
Add-Type -AssemblyName Microsoft.VisualBasic
Add-Type -AssemblyName System.Windows.Forms
[Microsoft.VisualBasic.Interaction]::AppActivate(βSteamβ)
Sleep 1
[System.Windows.Forms.SendKeys]::SendWait(β{ENTER}β)
Sleep 2
[System.Windows.Forms.SendKeys]::SendWait(β1234β)
Sleep 1
[System.Windows.Forms.SendKeys]::SendWait(β{ENTER}β)`
- Prompt user for Steam Guard code
- Automate Steam Guard code into UI