You need to indicate which token you are using.
There are several options here:
- hardware token
- software token application (Mac OS, Windows, iOS, Android, Windows Mobile and some others).
- web browser token
Please check this link for more details: http://www.emc.com/security/rsa-securid/rsa-securid-software-authenticators.htm#!offerings_for_web_browsers
With a hardware token, you will need to use some kind of camera and read the pixels of the received image (I can not help you)
Software token is simpler.
I recently created a small command line tool that can execute, enter a PIN code and read the password generated in the token application. I cannot send you a tool (a property of my company), but I can give you some tips on what you need to do to create your own application that will do the same.
But first you need to say if you use a software token or not.
OK Since you have a software token, I will describe what my application does to automatically connect to a VPN.
1) you need your software token to configure this before.
In addition, this VPN client must also be configured, and the connection must be listed in the list of available connections.
When it is configured, you can make your automatic VPN connection.
We have a software token similar to this: https://ssl.seagate.com/ssl/docs/soft_token_install_instructions.html
Our VPN client looks something like this: http://wireless-setup.wsu.edu/msIPSEC.html
2) After setting up all the tools, you can start the VPN connection.
You must be prepared for a deep investigation. The RSA guys worked very hard to make it impossible; this is what we do here.
They do not use conventional controls. They created their own control, which I do not have spec for.
I did this using the C ++ and WIN32 API functions. This is my recipe.
a) reading parameters passed to the program
b) check the parameters I have a number of parameters, such as the PIN code, the connection number for the installation, the command to start when the connection is established, etc. They can be hard-coded, but to be flexible, I can pass them from the command line.
c) check for token use [EnumWindows]
Token app can have 2 top-level windows [the one you enter the PIN, and the password code]
If I find that both windows are open, I close the application and restart it.
You can try sending WM_CLOSE message to close the application. I simulate the action of users to click the close button "X"
//restore it <if minimized> SendMessage(hwndTokenApplicationPinWindow,WM_SYSCOMMAND,SC_RESTORE,NULL); //close the app SendMessage(hwndTokenApplicationPinWindow,WM_LBUTTONDOWN,MK_LBUTTON,MAKELPARAM(223,14)); SendMessage(hwndTokenApplicationPinWindow, WM_LBUTTONUP,0,MAKELPARAM(223,14));
To run it, I use the CreateProcess function.
When you restart the application or open only one window, you can enter the PIN code.
d) Enter PIN
I imitate users with the left mouse button on the output window WM_LBUTTONDOWN, WM_LBUTTONUP.
I get in touch using WM_CHAR.
After entering, click "OK" using WM_LBUTTONDOWN, WM_LBUTTONUP.
Upon completion, you should open a password window.
e) Read access code
To get the access code, I use the Copy from token button. This button Copy data to the clipboard.
We simulate clicking this button: WM_LBUTTONDOWN, WM_LBUTTONUP
And read the data from the clipboard:
BOOL InvalidData = FALSE; OpenClipboard(NULL); HANDLE clip0 = GetClipboardData(CF_UNICODETEXT); wchar_t* p=(wchar_t*)GlobalLock(clip0); if(wcslen(p) == MaxPasscodeSize-1) wcscpy_s(currentPasscode,MaxPasscodeSize,p); else if(wcslen(p) != MaxPasscodeSize-1 && wcslen(p) != 0) { wprintf(L"Error: Passcode in clipboard is invalid\n"); InvalidData = TRUE; } GlobalUnlock(clip0); CloseClipboard();
You now have a password ready for use in the CISCO VPN client.
Please let me know if this makes sense to you.
If so, and your application works up to this point, let me know and I will give instructions for working with the VPN client.
If you need more detailed instructions for the above steps, please let me know.