Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Script for Screenshots

Posted on 2011-03-18
11
Medium Priority
?
1,556 Views
Last Modified: 2012-05-11
Can someone please help me in writing a script which takes screenshots of a remote system. Remote systems can any windows box including Windows XP, 7, 2003 or 2008.
0
Comment
Question by:Dhiraj Mutha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 13

Expert Comment

by:soostibi
ID: 35169313
The idea came from Alexandair and Shay ( http://www.vistax64.com/powershell/124315-take-screenshot-via-script.html ):
$screen = [System.Windows.Forms.Screen]::PrimaryScreen.Bounds
[reflection.assembly]::LoadWithPartialName("System.Drawing") > $null
$Bitmap = new-object System.Drawing.Bitmap ($screen.width),($screen.height)
$Size = New-object System.Drawing.Size ($screen.width),($screen.height)
$FromImage = [System.Drawing.Graphics]::FromImage($Bitmap)
$FromImage.copyfromscreen(0,0,0,0, $Size,([System.Drawing.CopyPixelOperation]::SourceCopy))
$Bitmap.Save("C:\ee\PrintScreen.png", ([system.drawing.imaging.imageformat]::png))

Open in new window

0
 
LVL 13

Expert Comment

by:soostibi
ID: 35169321
And to do this remotely of course you have to call this script via PowerShell remoting:

Invoke-Command -ComputerName PC1 -ScriptBlock $scriptabove
0
 
LVL 13

Expert Comment

by:soostibi
ID: 35169408
Sorry, I made some mistakes in the previous comments. So the right solution is this:
$script = {
Add-Type -AssemblyName system.drawing
Add-Type -AssemblyName System.Windows.Forms
$screen = [System.Windows.Forms.Screen]::PrimaryScreen.Bounds
$Bitmap = new-object System.Drawing.Bitmap ($screen.width),($screen.height)
$Size = New-object System.Drawing.Size ($screen.width),($screen.height)
$FromImage = [System.Drawing.Graphics]::FromImage($Bitmap)
$FromImage.copyfromscreen(0,0,0,0, $Size,([System.Drawing.CopyPixelOperation]::SourceCopy))
$Bitmap.Save("C:\ee\PrintScreen2.png", ([system.drawing.imaging.imageformat]::png))
}

Invoke-Command -ComputerName PC1 -ScriptBlock $script

Open in new window

0
Protect Your Retail Business and Reputation

Wi-Fi access doesn't just impact your business & customer experience, it can also affect your security.  Join us for an informative webinar to learn more about the top threats and trends impacting retail today, and the key solutions to protecting retail networks and reputations.

 
LVL 13

Expert Comment

by:soostibi
ID: 35169433
Well, it seems, that remotely it could not run... Locally it works fine if it runs under a normal user context, but it does not, when it's initiated from a background process. So we have to found a workaround.
0
 
LVL 1

Expert Comment

by:clietech
ID: 35173054
You can use poison ivy or metasploit with a reverce tcp connection you can fall into the shell and do what you want to do take screenshot, run a task etc on a remote computer.
You can develop your ruby scripts to use with a metasploit framework or you can use the scripts in the following link

http://www.metasploit.com/redmine/issues/3255 
0
 
LVL 13

Expert Comment

by:soostibi
ID: 35173306
To run my PowerShell script remotely you may use PSExec, I'm still exploring this possibility.
0
 
LVL 14

Author Comment

by:Dhiraj Mutha
ID: 35174266
I dont want to use any third party application. An smal .exe woluld be fine like "capn.exe", but capn doesn't take screenshots of windows 7. Soostibi: i think you script is good, we can work on that, please let me know the final script.
0
 
LVL 13

Expert Comment

by:soostibi
ID: 35194504
Unfortunately I can not make it work.

I have this screenshot.BAT file:
powershell.exe -noninteractive -command "&{Add-Type -AssemblyName system.drawing; Add-Type -AssemblyName System.Windows.Forms; $screen = [System.Windows.Forms.Screen]::PrimaryScreen.Bounds; $Bitmap = new-object System.Drawing.Bitmap ($screen.width),($screen.height); $Size = New-object System.Drawing.Size ($screen.width),($screen.height); $FromImage = [System.Drawing.Graphics]::FromImage($Bitmap); $FromImage.copyfromscreen(0,0,0,0, $Size,([System.Drawing.CopyPixelOperation]::SourceCopy)) ; $Bitmap.Save('c:\Remote1.png', ([system.drawing.imaging.imageformat]::png)); Copy-Item -Path C:\remote1.png -Destination '\\DC\c$'}"

And I call PSExec like this from machine DC to take a screenshot from MEMBER1:
C:\PSTools\PsExec.exe \\member1 -i -h -c C:\work\screenshot.bat

It takes the picture, but the png file is actually empty. So PSExec is not interacting with the user environment as it should...
0
 
LVL 10

Expert Comment

by:wls3
ID: 35195102
I am not sure this will work.  Typically you will need to be associated with a particular user session to take a screenshot.  Additionally, the modifications made to the kernel after Vista/2008/7 dissociate the session from the traditional model.  I suspect, even if you find a way to remote to a particular machine, you will not be able to actually acquire the image of a desktop without first initiating a desktop session.  Lastly, since the interactive session option has been nullified in the new kernel, it doesn't seem there would be a workaround without using terminal services or RDP.
0
 
LVL 14

Accepted Solution

by:
Dhiraj Mutha earned 0 total points
ID: 35212702
Then I think this doesn't resolve my issue....
0
 
LVL 14

Author Closing Comment

by:Dhiraj Mutha
ID: 35357082
This did not resolved my issue.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question