Welcome Guest! To enable all features please Login or Register.



Go to last post Go to first unread
#1 Posted : Wednesday, October 11, 2017 9:21:16 AM(UTC)

Rank: Guest

Joined: 10/11/2017(UTC)
Posts: 2


I'm a new user of SC and I want try to use API.

I want get users list and launch a command to one or all user and get the response.

My first request for get users list works correctly, but the second fail with ajax...

Sercice.ashx :

public class Service : WebServiceBase
	public object[,] GetSessions()
		Session[] allSessions = SessionManagerPool.Demux.GetSessions();

		string[,] array2D = new string[allSessions.Length,3];
		for (int i = 0; i < allSessions.Length; i++)
			array2D[i,0] = allSessions[i].CustomPropertyValues.ToString();
			array2D[i,1] = allSessions[i].Name;
			array2D[i,2] = allSessions[i].SessionID.ToString();
		return array2D;
	public object ExecuteCommand(string SessionID, string commandText)
		SessionManagerPool.Demux.AddSessionEvent(new Guid(SessionID), new SessionEvent 
			Host = "ExecuteCommand", 
			EventType = SessionEventType.QueuedCommand, 
			Data = commandText
		return "Success";

request.js :

var settings = {
  "async": true,
  "crossDomain": true,
  "url": "https://kmexpert.screenconnect.com/App_Extensions/1df8aea1-ca3f-4a73-933f-bbcc679001a4/Service.ashx/ExecuteCommand",
  "method": "POST",
  "headers": {
    "content-type": "application/json"
  "processData": false,
  "data": "[\"15ac0278-a512-4ebc-a155-1c0477250788\",\"ipconfig\"]"

$.ajax(settings).done(function(response) {
  document.getElementById('call-history').innerHTML = "success : " + JSON.stringify(response);
}).fail(function(response) {
  document.getElementById('call-history').innerHTML = "error : " + JSON.stringify(response);

You can try here : https://jsfiddle.net/v8y7cg2q/2/

In the debug console, I have :

https://kmexpert.screenconnect.com/App_Extensions/1df8aea1-ca3f-4a73-933f-bbcc679001a4/Service.ashx/ExecuteCommand?[%2215ac0278-a512-4ebc-a155-1c0477250788%22,%22ipconfig%22] 403 (Forbidden)
Failed to load https://kmexpert.screenconnect.com/App_Extensions/1df8aea1-ca3f-4a73-933f-bbcc679001a4/Service.ashx/ExecuteCommand?[%2215ac0278-a512-4ebc-a155-1c0477250788%22,%22ipconfig%22]: Response for preflight has invalid HTTP status code 403

I have try already with a curl request and it works !
curl --request POST \
  --url https://kmexpert.screenconnect.com/App_Extensions/1df8aea1-ca3f-4a73-933f-bbcc679001a4/Service.ashx/ExecuteCommand \
  --header 'content-type: application/json' \
  --data '["15ac0278-a512-4ebc-a155-1c0477250788","ipconfig"]'

I have look a lot of topic and this topic : http://forum.screenconnect.com/yaf_postst1210_Another-Integration-Demo.aspx
But I don't know how to add a key to file web.config with a cloud instance...

Thank you for your help and sorry for my english !

Edited by user Wednesday, October 11, 2017 9:27:48 AM(UTC)  | Reason: Not specified

#2 Posted : Friday, October 13, 2017 12:06:53 PM(UTC)

Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,468
United States

Thanks: 3 times
Was thanked: 304 time(s) in 261 post(s)
You get the 403 from the first method likely because of XSS and CSRF defense measures we've implemented for security reasons in roughly 6.0ish. At this time I do not believe there is a way to disable this protection within the cloud.

Also, you should add some kind of authentication to your methods, I was just able to hit your first method based upon information in your post and I'm guessing I could execute commands against your sessions based upon the information returned.
ScreenConnect Team
#3 Posted : Saturday, October 14, 2017 4:28:36 PM(UTC)

Rank: Guest

Joined: 10/11/2017(UTC)
Posts: 2


Thanks for your response.

Does it mean there is no way to use ajax?

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.