Hey guys I am working on a project currently where I am trying to run Autorunsc64.exe from the sysinternals suite and, unlike other executables I have tried, I can't get it to give me the output in a form I want. Here is the current iteration of my code:
use std::process::{Command as process_command, Stdio};
fn autorun_programs() -> String {
// Check where sysinternals is developer vs release
let full_exe_path = current_exe().unwrap();
let mut split_exe_path: Vec<&str> = Vec::new();
if full_exe_path.to_str().unwrap().contains("target") {
let temp: Vec<&str> = full_exe_path.to_str().unwrap().split("system_recon\\target\\debug\\system_recon.exe").collect();
split_exe_path.push(temp[0]);
} else {
let temp: Vec<&str> = full_exe_path.to_str().unwrap().split("system_recon.exe").collect();
split_exe_path.push(temp[0]);
};
let partial_exe_path = split_exe_path[0].to_string();
let sysinternals_exe_string = partial_exe_path + &"SysinternalsSuite\\Autorunsc64.exe".to_string();
//my_command.args(["-nobanner", "/accepteula", "-a *", "-c", "-h", "-s", "-v", "-vt", "*"]);
let mut command = process_command::new(sysinternals_exe_string);
command.arg("-nobanner");
command.arg("-accepteula");
//command.arg("-x");
command.arg("-t");
//command.arg("-a");
//command.arg("*");
//command.arg("-x");
//command.arg("-h");
//command.arg("-s");
//command.arg("-v");
//command.arg("-vt");
//command.arg("*");
command.stdout(Stdio::piped());
command.stderr(Stdio::piped());
let output = command.execute_output().unwrap();
if let Some(exit_code) = output.status.code() {
if exit_code == 0 {
println!("Ok.");
} else {
eprintln!("Failed.");
}
} else {
eprintln!("Interrupted!");
}
println!("{}", String::from_utf8(output.stdout).unwrap());
return "Bruh".to_string()
}
The code outputs this:
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: FromUtf8Error { bytes: [255, 254, 13, 0, 10, 0, 72, 0, 75, 0, 76, 0, 77, 0, 92, 0, 83, 0, 121, 0, 115, 0, 116, 0, 101, 0, 109, 0, 92, 0, 67, 0, 117, 0, 114, 0, 114, 0, 101, 0, 110, 0, 116, 0, 67, 0, 111, 0, 110, 0, 116, 0, 114, 0, 111, 0, 108, 0, 83, 0, 101, 0, 116, 0, 92, 0, 67, 0, 111, 0, 110, 0, 116, 0, 114, 0, 111, 0, 108, 0, 92, 0, 84, 0, 101, 0, 114, 0, 109, 0, 105, 0, 110, 0, 97, 0, 108, 0, 32, 0, 83, 0, 101, 0, 114, 0, 118, 0, 101, 0, 114, 0, 92, 0, 87, 0, 100, 0, 115, 0, 92, 0, 114, 0, 100, 0, 112, 0, 119, 0, 100, 0, 92, 0, 83, 0, 116, 0, 97, 0, 114, 0, 116, 0, 117, 0, 112, 0, 80, 0, 114, 0, 111, 0, 103, 0, 114, 0, 97, 0, 109, 0, 115, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 114, 0, 100, 0, 112, 0, 99, 0, 108, 0, 105, 0, 112, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 114, 0, 100, 0, 112, 0, 99, 0, 108, 0, 105, 0, 112, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 82, 0, 68, 0, 80, 0, 32, 0, 67, 0, 108, 0, 105, 0, 112, 0, 98, 0, 111, 0, 97, 0, 114, 0, 100, 0, 32, 0, 77, 0, 111, 0, 110, 0, 105, 0, 116, 0, 111, 0, 114, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 77, 0, 105, 0, 99, 0, 114, 0, 111, 0, 115, 0, 111, 0, 102, 0, 116, 0, 32, 0, 67, 0, 111, 0, 114, 0, 112, 0, 111, 0, 114, 0, 97, 0, 116, 0, 105, 0, 111, 0, 110, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 49, 0, 48, 0, 46, 0, 48, 0, 46, 0, 49, 0, 57, 0, 48, 0, 52, 0, 49, 0, 46, 0, 55, 0, 52, 0, 54, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 99, 0, 58, 0, 92, 0, 119, 0, 105, 0, 110, 0, 100, 0, 111, 0, 119, 0, 115, 0, 92, 0, 115, 0, 121, 0, 115, 0, 116, 0, 101, 0, 109, 0, 51, 0, 50, 0, 92, 0, 114, 0, 100, 0, 112, 0, 99, 0, 108, 0, 105, 0, 112, 0, 46, 0, 101, 0, 120, 0, 101, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 32, 0, 32, 0, 50, 0, 48, 0, 48, 0, 55, 0, 48, 0, 49, 0, 50, 0, 54, 0, 45, 0, 48, 0, 50, 0, 48, 0, 48, 0, 51, 0, 56, 0, 13, 0, 10, 0, 13, 0, 10, 0, 72, 0, 75, 0, 76, 0, 77, 0, 92, 0, 83, 0, 79, 0, 70, 0, 84, 0, 87, 0, 65, 0, 82, 0, 69, 0, 92, 0, 77, 0, 105, 0, 99, 0, 114, 0, 111, 0, 115, 0, 111, 0, 102, 0, 116, 0, 92, 0, 87, 0, 105, 0, 110, 0, 100, 0, 111, 0, 119, 0, 115, 0, 32, 0, 78, 0, 84, 0, 92, 0, 67, 0, 117, 0, 114, 0, 114, 0, 101, 0, 110, 0, 116, 0, 86, 0, 101, 0, 114, 0, 115, 0, 105, 0, 111, 0, 110, 0, 92, 0, 87, 0, 105, 0, 110, 0, 108, 0, 111, 0, 103, 0, 111, 0, 110, 0, 92, 0, 85, 0, 115, 0, 101, 0, 114, 0, 105, 0, 110, 0, 105, 0, 116, 0, 13, 0, 10, 0, 32, 0, 32, 0, 32, 0, 67, 0, 58, 0, 92, 0, 87, 0, 105, 0, 110, 0, 100, 0, 111, 0, 119, 0, 115, 0, 92, 0, 115, 0, 121, 0, 115, 0, 116, 0, 101, 0, 109, 0, 51, 0, 50, 0, 92, 0, 117, 0, 115, 0, 101, 0, 114, 0, 105, 0, 110, 0, 105, 0
That is just a sample from the output. Seems like it is not valid utf8 or something idk I am really stumped on this one. I also tried with create_process_w but that had its own problems. Any help is appreciated, thanks!
2 Answers 2
Turns out, this is UTF-16. So you must first convert it from bytes into u16s:
let u16s: Vec<u16> = output.stdout.chunks_exact(2).map(|chunk| u16::from_ne_bytes([chunk[0], chunk[1]])).collect();
let s = String::from_utf16(&u16s).unwrap(); // may want to use from_utf16_lossy?
Also note that the output starts with a byte order mark: "\u{feff}\r\nHKLM". You may want to strip it off if it's present.
Francis Gagné
66.8k13 gold badges202 silver badges172 bronze badges
answered Sep 10, 2022 at 0:30
PitaJ
15.4k6 gold badges43 silver badges58 bronze badges
Sign up to request clarification or add additional context in comments.
Comments
Ok so this is my final solution for my problem:
fn parse_utf16_bytes(bytes: &[u8]) -> Option<String> {
let mut chunks = bytes.chunks_exact(2);
let is_big_endian = match chunks.next() {
Some(&[254, 255]) => true,
Some(&[255, 254]) => false,
_ => return None,
};
let utf16: Vec<_> = chunks
.map(|x| {
let arr2 = x.try_into().expect("convert .chunks_exact() to [u8; 2]");
if is_big_endian {
u16::from_be_bytes(arr2)
} else {
u16::from_le_bytes(arr2)
}
})
.collect();
String::from_utf16(&utf16).ok()
}
Thanks for everybody that helped :)
Comments
lang-rust