I am currently working on a program wrapping around some windows tools. The only point that is not working as intended is the integration of psloglist output.
The expected behavior is that the output of the command psloglist.exe -n 10 SYSTEM should be written in a file COMPLETELY, but instead, the payload (the logs) are written into the textfile and the disclaimer is displayed in the console like this:
PsLoglist v2.71 - local and remote event log viewer
Copyright (C) 2000-2009 Mark Russinovich
Sysinternals - http://www.sysinternals.com
The code-snippet responsible for running psloglist:
Code: Select all
Psloglist = RunProgram(PSLOGLISTEXE$, ParametersPsloglist_1$, "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
Output$ + "[+] Getting SYSTEM logs: " + Chr(13) + Chr(13)
If Psloglist
While ProgramRunning(Psloglist)
If AvailableProgramOutput(Psloglist)
Output$ + ReadProgramString(Psloglist) + Chr(13)
EndIf
Wend
Output$ + Chr(13) + Chr(13)
EndIf
CloseProgram(Psloglist)
LogMessages(Output$)
And the logging procedure:
Code: Select all
LogFileName$ = LogPrefix$ + "_" + FormatDate("%yyyy%mm%dd", Date())
LogDir$ = BaseDir$ + LogPrefix$ + "_log\"
Log = OpenFile(#PB_Any, LogDir$ + LogFileName$)
Seperator$ = ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" + Chr(13) + ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" + Chr(13)
If Log
FileSeek(Log, Lof(Log))
WriteStringN(Log, Seperator$)
WriteStringN(Log, FormatDate("[+] %yyyy.%mm.%dd (%hh:%ii:%ss) ", Date()) + Chr(13) + Message.s)
CloseFile(Log)
ProcedureReturn 2
Else
CreateDirectory(LogDir$)
CreateLog = CreateFile(#PB_Any, LogDir$ + LogFileName$)
CloseFile(CreateLog)
ProcedureReturn 1
EndIf
ProcedureReturn 0 Any idea where this strange behavior is coming from?
Best regards!
flux
