Worklet: Execute .exe file

I have tested variations of required software policy and worklets, but I can not get a .exe agent installer to execute.

I have tested with powershell code and can run the .exe locally, but the same script will not work through automox.

I have uploaded the file to the worklet, then put the remediation code as:

.\filename.exe

the worklet status will then display as a checkmark and the agent will not be installed.

how can I troubleshoot this?

1 Like

The issue is probably because the installer is running as System, so it might be popping up confirmation windows for the install, which nobody will ever see. Is there a silent flag you can add to the execution instruction? What’s the exe you’re trying to run?

1 Like

The exe is for ForeScout Secure Connect, the exe silently drops the files off in the Program Files directory without any flags needed.

The other thing to check is what you have in the Package Name and Version fields. When you run a scan on the device to check if the software is installed, does the required software policy trigger that it needs to run the installer?

Because the .exe seemingly unpackages the files into their folder, the program does not appear to install like most programs. There is no entry for this software under ‘Apps & features’ in the windows UI so I don’t think that required software policy will work. I don’t believe that this software is found when scanning the system for required software.

I was trying to run the .exe through worklet, when using required software I used the version and name that were displayed when right clicking the output file and selecting properties > details > ‘Product Name’ and ‘Product Version’.

What you could do in that case is unpack the files and use Automox to put them in the right places. I did that for example in this worklet, to make a shortcut to run bginfo.exe at startup:

Bginfo doesn’t install regularly either, you just have to put the file somewhere and run it whenever you want to update the background with the device info.

So what you could do is make a worklet to run the exe and move the files around, or upload multiple files from the exe and put them in the correct places. Let me know if you want any help getting that setup as we’re always happy to help create and troubleshoot worklets.

Thanks Nic, I will give this a try and report back.

I tested your recommendation but did not have success. How can I bypass the evaluation code? I use ‘exit 1’ and I just receive the following in my log file:

2020/07/15 10:46:46 cmd.go:158: Received execCmd command
2020/07/15 10:46:46 cmd.go:108: Executing command: ["exit 1" ""]
2020/07/15 10:46:47 cmd_windows.go:135: runScript: Error in Wait exit status 1
status: 1
stdOut: Omitted
stdErr: 

It seems that the file I upload is not placed unless the remediation code is run, but I can’t get to the remediation code step. Does the evaluation code need something else besides ‘exit 1’ ?

It shouldn’t, but remember when testing worklets that the group scan is what triggers the evaluation code, and the policy execution is what triggers the remediation code.

also is your evaluation code just:

Exit 1

I’ve used that in worklets to just always run the remediation code and that works. What’s the exact code you have in the evaluation section?

My remediation code is
Start-Process “filename.exe”

Evaluation code is
Exit 1

Yeah that should work. Can you send me a copy of the file so I can test it out on my test systems to see what I get? You can email to nic.tolstoshev@automox.com or send me a dropbox link.

Email sent, the .exe was removed from the email. Let me zip it and resend.
Now your end thinks the file is a virus and declined it

Lol, sending attachments is a pain these days. Can you upload it to Dropbox or some other service and email me the link to download it?

Let me figure out how to share it, one moment.

1 Like

File should have been sent through WeTransfer to your email

Got it - will do some testing and report back.

When the exe is run, a path similar to the following should be created with four files inside. C:\Program Files\ForeScout SecureConnector

Ok I made some progress. This installer is doing some weird stuff under the hood.

I can run the file as a user from the folder and it installs, but if I open a command prompt using runas administrator, and run the file in the command window, it doesn’t work. For some reason it won’t run itself that way, which is essentially what is happening when a worklet is running code.

The next thing I’m going to try is the scheduled task trick to run files as the currently logged in user. If that works I’ll post back with the code.

1 Like

I believe that it needs to be run as admin for the install to complete, that may be a problem with your scheduled task trick

I will check back in tomorrow morning