I'm writing a screen saver type app that needs to stop the user from accessing the system without typing a password. I want to catch/supress the various methods a user might try to exit the application, but all research I do seems to point me to "you can't".
Anything in C# or C++ would be great.
I've thought of disabling the keyboard, but then I would have other issues.
You can't. The whole point of Ctrl+Alt+Del is that only the system gets to handle it, 'cause that way the system can always handle it.
Fortunately, Windows has built-in support for password-protected screensavers (available as the "On resume, password protect" option in Display Properties, or via group policy). Just use that.
To add to what Shog9 said, if your application could intercept ctrl+alt+del, then your application would be able to pretend to be the Windows Login dialog, and by doing so trick the end-user into typing their credentials into your application.
If you do want to replace the Windows Login dialog, see Winlogon and GINA (but this says, "GINA DLLs are ignored in Windows Vista", and I haven't heard what's what for Vista).
if someone asked I'd not tell them they can't.
More specifically, your "application software" can't: instead, by design, only "system software" can do this; and it isn't that you're not allowed to or not able to write system software, but your OP seemed to be quite clearly asking how to do it without writing system software ... and the answer to that is that you can't: because the system is designed to prevent an application from hooking these key combinations.
Can you give me direction to writing the system things.. I actually think this would be better if it were system level.. It's for an OEM so kind of the point really. Also if I wrote it system level, I could write an app to control it.
A keyboard filter device driver, or a GINA DLL, for example, would be considered system software: installed by an administrator (or OEM) and run as part of the O/S.
I don't know about GINA beyond its name; and I've already (above) given a link it in MSDN. I expect that it's Win32 user-mode code.
Device drivers are a different topic: e.g. Getting Started on Driver Development.
Is there a way to remap the keyboard so that delete isn't where it was?
I still not sure that you and/or your boss have the right idea. IMHO you shouldn't be an application which prevents the user from pressing Ctrl-Alt-Del. If you want to stop the user from accessing the system without typing a password, then you ought to lock (password-protect) the system, as if the user had pressed Ctrl Alt Del and then selected "Lock this computer". To unlock the computer they would then need to press Ctrl Alt Del and enter their credentials into WinLogon.
However, ignoring what you ought to do and concentrating instead on what you're capable of doing, if you want to intercept the keyboard, apparently it can be done. I haven't studied keyboards myself, but this post and this post claim success, by writing a "Keyboard Filter Driver" (which is a kind of kernel-mode, not Win32, device driver). If you write one of these though you may get some push-back, e.g. like this reaction from a DDK MVP, or this reaction from an anti-snooping product.
I have not tested it but what about using SetWindowsHookEx()
From MSDN documentantion:
WH_KEYBOARD_LL
Windows NT/2000/XP:
Installs a hook procedure that monitors low-level keyboard input events. For more information, see the LowLevelKeyboardProc hook procedure.
It is possible to intercept crtl+alt+del, though obviously Microsoft made it very difficult to do, because then you could pop-up a fake lock dialog, and record people's passwords.
The answer is to write a device driver. I can't remember if you can just use a plain old keyboard filter, or if you have to write a keyboard ISR. Either way, its certainly possible, but with great pain if you have no driver experience.
As this seems to be a good collection spot for the accrual of various means with which to "intercept" the three key psuedo-break
control alt delete, here is something I encountered yesterday that may be of use.
http://cuinl.tripod.com/Tips/enablectrldel.htm
In my opinion, when it seems that the only practical and timely option is to cut the power (i.e. MECHANICAL removal of the battery of an overloaded android-like handheld computer) to halt whatever procession or malfunction results in rather solid and complete ( or long enduring) irresponsiveness-- it appears that a dangerous and frustrating lineage continues--- and continues to get worse.
Especially with the removal of sensible and straightforward things like mechanical speaker volume controls. ( sure, bulky, more material, but of course that is just the thing, what good to an individual or being is infinite and perfect consciousness without a handle on it or it's experience?)
It is a lineage of approaches to designing the -environment that is responsible for the responsiveness to the user- part of a critical and truly meaningful technological interface. ( The only?)
I say put some buttons --direct-to-hardware-control-- back on the things --at least until the software aspects of these technologies become fully adapted to artificial soft interfacing, which I account for in an exhaustive accounting of all heuristical provisionings.
Even in the mechanics of the universe I bet there's a handy reset, restore, suspend, halt type of function(s) for the safety and fundamental viability of the presence of what would constitute as the designer of all that follows the initiating perpetual mystery of existence: INTELLIGENT AWARENESS and WILL.
"Process Explorer" by Mark Russinovich (http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx) does it, and it had been doing before Sysinternals was bought by Microsoft.
This article from 2002 updated in 2006 explains one way to do it without writing a keyboard driver.
http://www.codeproject.com/KB/system/preventclose.aspx?msg=1666328
starting taskmgr.exe in hidden window would do the job if you just wanted to suppres the call to task manager
ProcessStartInfo taskmgr = new ProcessStartInfo()
{
FileName = "taskmgr.exe",
WindowStyle = ProcessWindowStyle.Hidden
};
Process.Start(taskmgr);
You could achieve that in XP and before, but with Vista not anymore.
Try investigating if you could write an application that starts itself as a password protected screensaver.
Screensavers can do more than just display pretty pictures - I've seen interactive screensavers before that used the mouse and keyboard to provide a simple game, though I can't remember which version of windows I saw this running on... It could well have been windows 95. (In which case all bets are off).
What about intercepting ctrl and alt keypresses while your program is running, and .cancel'ing those keypresses?
I don't know how well this would work, if at all in Vista, but it's worth a try.
I remember doing something like this around the year 2001, so it was probably running on 98. Been too long since I've even tried to mess with anything like locking out ctrl-alt-del.
Ok.. I'm not going to post the code here
But the gyst is this
create a keyboard hook.
when the user presses ctrl || alt || delete set bools to true.. if they press anything else set them all to false.
switch (p_key)
{
default: Clear(); break;
case Keys.LMenu: altHit = true; break;
case Keys.RMenu: altHit = true; break;
case Keys.LControlKey: ctrlHit = true; break;
case Keys.RControlKey: ctrlHit = true; break;
case Keys.Delete: delHit = true; break;
when the screen has focus looses it to the task manager, close the bloody thing.
The screen flashes so fast the user never notices it.
And I can do what ever I want.
I'll admit this is a kludge, but it does result in the desired effect. (OH I wish I didn't have to do this)
I was reading this doc page, and some thought and searching brought me to this question.
https://learn.microsoft.com/en-us/windows/win32/learnwin32/keyboard-input
I have not tested it, but there is this excerpt:
As the name implies, system key strokes are primarily intended for use
by the operating system. If you intercept the WM_SYSKEYDOWN message,
call DefWindowProc afterward. Otherwise, you will block the operating
system from handling the command.
Seems like a security hole to me if it actually works like it says.
You can still intercept Ctrl + Alt + Del in windows 7.
This is the way Process explorer does it:
http://mygreenpaste.blogspot.com/2005/07/image-file-execution-options-good-evil.html
Related
Here is the deal:
I want to make a Live Display feature, for my ElePhone p8000. I know there is Live Display feature already implemented, but its not working. Instead of that it has an app called MiraVision in which you can manually set modes. Like, when outside is bright u set the mode to outside, and u can clearly see everything on the display. In evenings u have to manually set it (again), on night mode, so it doesn't hurt your eyes.
Anyways, I want to build an APP that will have an option for LiveDisplay ON/OFF. When it's on, it will keep record of the clock, so when its day the brightness will be high, and when its night it will go dark, and change modes in the MiraVision app respectively.
I have experience in C++, C# programming, and a little bit in Java. So first of all I want to know is this possible? (i think it definitely is), and if you can give me any kind of help (tutorials, posts..whatever you think its helpful)
Thanks!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Being a victim of a Key Logger attack on android, I want to develop a solution for KeyLogger attacks for android. I know basic java and a little about android and very little about Information Security. I am also aware that whatever knowledge I have is not enough to figure out and to develop a solution. I just like to discuss my idea and to see if it is feasible.
Here is what I have:
An android application, which wants to secure user input, must provide a secret key(which can be obtained from server, for a specific user or session) when invoking the android keyboard.
Android keyboard will receive the secret key and use it to encrypt user input and broadcast KEYPRESS event(or whatever event android keyboard broadcasts) with encrypted value.
When an application receives KEYPRESS event, it decrypt's the value in KEYPRESS even to get the actual user input.
I just came to realize that, screenshot can be used to get what user types with latest image-2-text software's. But that is completely a different domain, IMHO.
So, what do you think about it? Is it possible to do it?
Update
I was completely wrong about my phone got owned. Actually, it was never got hacked. But, what really got hacked was me. Yes, I have something in my body, which just copies everything that my brain can receive. And it also capable of receiving and making my brain to do it. I still dont know, why I am able to write this update. May be, who ever put that thing in my body using me as a marketing material. Thanks for answers for my dumb question.
Not realistically.
Few programmers are dealing with low-level input themselves. That is usually handled by other things. Web developers, for example, rarely get involved on a keystroke-by-keystroke basis, even for finding out when those events occur (e.g., for real-time validation), let alone for manually processing that input (e.g., putting the next character typed after the cursor of the field and advancing the cursor by one position).
Moreover, users are not in the habit of changing their input methods frequently. I do not plug in a different USB keyboard when I am visiting Stack Overflow versus when I am visiting Tweetdeck, for example. In the world of Android, this means that the user is going to expect their input method editor to work on all apps and not have to keep changing input method editors just to make some people happy.
Furthermore, you cannot magically change the protocol between input method editor (a.k.a., soft keyboard) and the Android OS. Your keyboard will raise key events. You are welcome to say that your keyboard offers up substitutions for those events as an "encryption" mechanism, but that would be more of a crude substitution cipher (e.g., "whenever the user types A, send over ;"), as you cannot unilaterally decide to expand the key event space.
As a result, not only will you need to write your input method editor, but you will need to write your own custom ROM with a custom Android framework that can handle the "decryption". Or, you would have to force all the worlds' developers to rewrite their apps. And in either case, a keylogger could trivially detect that yours is the input method editor and note that fact, so whoever is using the logs can do some trivial decryption to convert ; back into A.
Now, if you are writing some app where you want to avoid a rogue input method editor, you are welcome to bake in your own data entry keyboard into that app. Then, you will merely anger many of the users of your app, as your in-app keyboard is not the one that they want to use, or lacks features that they are used to (e.g., support for blind users, support for their particular language).
Here is what I would do to implement a secure input method paradigm - as expressed in the question - for Android:
First of all, I am assuming that you have read and understood the "Security" section for InputMethodManager here:
InputMethodManager
So, what we need to develop is an Input Method (IME) which is an Android service, which, along wth the custom keypad view, implements two interfaces:
InputMethod
InputMethodSession
As per the security section in the documentation referred to above, the user need to willingly accept your IME as the system IME. Also, Android will make sure that only system will bind to your service and use the InputMethod interface which is used to show/hide the keyboard etc. So, here things are pretty secure for you and all apps that uses your keyboard.
Now, coming to the security framework that you want to implement:
Lets call it as Secure Input Method - SIM - and lets define our security domain as your IME and the applications that wishes to use your SIM. Here is the significance of the second Interface InputMethodSession
The most important - and often ignored method of this interface is the key of this solution and it is called: appPrivateCommand. This interface allows a private command sent from the application to the IME. As per the documentation, this method can be used to provide domain-specific features that are only known between IME and their clients - and this is exactly what you need for your SIM.
So, using this interface, the apps in your security domain can pass any security information (say, some form of credentials) they want to hand over to your IME. It is up to you to define a method where your service can communicate with a authentication server which processes the client app submitted credentials and approves it. Now if the encryption keys are derived by both your IME and the client, you have established a secure channel of communication between your SIM and its client app (say, via encryption using a derived key from these credentialsd).
You can even customize this whole mechanism by defining some key sequences (like Control+Alt+Del in Windows) which initiates the whole thing by user himself and you can even provide a visual indication (say, a shining green icon) on your keyboard that the input channel is secured... Possibilities are many :)
Hope this helps.
You can do this only if you are developing your own keypad and configure Android to use it. It is not that hard with some experience in Android programming.
Just search in Google for "custom keypad for android" for more inputs.
Working on a new personal project with jframe. My goal is to close the frame in an ActionListener to the background, and when specific keys are pressed (Ctrl+Shft+L), I want to open the frame back up.
I'm not sure how I can do this keeping CPU usage low. I know I can set the frames visibility to false and then probably use a generic ActionListener for the keys however I have a few problems (and questions).
Is this the best way to do it? I'm trying to keep the CPU usage as low as possible.
Will the ActionListener even work while the frame's not visible?
How do I listen to multiple key presses? I have an idea but it doesn't sound like it will work.
Well, the problem is that java is designed to be platform independent.
Too achieve that, there have to be some limitations for the programms written in this programming language.
You want to capture keystrokes even if your window/programm doesn't have the focus set on it.
In fact what you need to write is some kind of global keylistener.
You can't do such things in java. In fact you have to choose a much more machine-oriented programming language like c/c++ to achieve what you want.
In java such stuff is only possible using the Java Native Interface (short JNI).
Using JNI it is possible to write a library for hooking the keyevents in for example c/c++ and call the librarys' methods using a java programm.
JNativeHook ( https://github.com/kwhat/jnativehook ) is using this exact approach. But well, i haven't tried this framework so i can't tell if it's working.
But i once used this and it worked fine for me: http://softk.de/opensource/jglobalkeylistener.html
You can just download the source and don't panic even if the site is written in german, the source-code is documented in english and even the comments within the code are in english.
PS: if that doesn't work, it may help you to google for things like "java global keylogger", because thats exactly what a keylogger is doing (well it obviously also logs the keys) and i think there will be much more stuff that may help you.
Greetings, Loki
Is this the best way to do it? I'm trying to keep the CPU usage as low as possible.
As previously mentioned, use JNativeHook. It is the only cross-platform solution and it will be much faster and less intensive than a polling approach like while (1) { GetAsyncKeyState(...); Sleep(5); } The biggest performance bottleneck with JNativeHook is the OS, not the library.
Will the ActionListener even work while the frame's not visible?
It will not work unless the frame has focus, but the native library will provide other events that do fire out of focus, so you could make it work by fabricating your own ActionEvent's from the NativeInputEvent listeners. Just make sure you set the library to use the Swing event dispatcher as it does not by default!
How do I listen to multiple key presses? I have an idea but it doesn't sound like it will work.
What do you mean by "multiple key presses?" If you mean auto-repeat when a key is held down, that is handled by sending multiple Key Pressed events after the auto repeat delay is exceeded at an interval of the auto repeat rate. You many also receive multiple Key Typed events if that event produces a printable character. When the key is released, a single key release event will be dispatched. If you mean a sequence of keys or multiple keys at the same time, you will need to do your own tracking or checks in the native input listener, but it should be possible.
Basic Modifier Example: Note that JNativeHook library has both a left and right mask for the modifier keys. I assume you want to use a combination of either the left or the right which makes this a tad more complicated.
public void nativeKeyPressed(NativeKeyEvent e) {
// If the keycode is L
if (e.getKeyCode() == NativeKeyEvent.VK_L) {
// We have a shift mask and a control mask for either the left or right key.
if (e.getModifiers() & NativeInputEvent.SHIFT_MASK && e.getModifiers() & NativeInputEvent.CTRL_MASK) {
// Make sure you don't have extra modifiers like the meta key.
if (e.getModifiers() & ~(NativeInputEvent.SHIFT_MASK | NativeInputEvent.CTRL_MASK) == 0x00) {
....
}
}
}
}
I couldn't come up with a better title, so allow me to elaborate:
There are programs such as JoyToKey, that allowed the user to map button inputs on any joystick to any key event and mouse event. To be frank, I do not know the real underlying implementation here, but it is like either JoyToKey "ubiquitously" sends these mapped inputs to whatever application the user is focusing, or it simply invokes global input events.
So the thing is this, in Java application, if we want to listen to any keyboard or mouse input, we can easily to do that with the KeyListener and MouseListener classes, but what I am talking here is if I want to create a Java application that listens to all of the user's specified inputs, (be it from joystick, touch screen, or whatever) regardless of which application has focus at the time and map these inputs to other inputs and macro. For instance, if I want to perform Hadoken in Street Fighter, I tell the program "hey, if I press 'P' or 'Joystick 1 Button 10', invoke the following keyboard events respectively 'down arrow' in the first (1/60) millisecond, 'down+right arrow' in the next (1/60) millisecond, 'right arrow' in the next (1/60) millisecond and finally 'Z' in the next (1/60) millisecond".
So what I am looking for here is different from JoyToKey in the following aspect:
I am looking for how to write a JoyToKey-like program in Java.
not limited to Joystick only. Allows user to map all sort of hardware inputs to any other hardware input as well.
Due to the nature of Java and we are invoking the OS directly, I am concern about the cross-platform capability. The underlying mechanism of each OS might be a little different, but anyway, is this possible in Java? If so, which Java's API should I be looking for? Are there some hardware-specific problems to be aware of?
If you're on Linux, check out the java-gnome bindings. The org.gnome.gdk package provides access to system-wide device events.
This question sort of extends my other question on robots and captcha. I did what everyone recommend (thanks everyone!), however is it at all possible to detect a robot on the server first? For Example (Once again, I will use Stackoverflow as a reference): Sometimes when I ask a question, Stackoverflow comes back asking me to verify if I am human.
However, sometimes it does not.
How does Stackoverflow do that, because that is what I want to do: Check data and if it looks like a robot, request human verification.
Also this needs to be done on Java (preferably), Perl or PHP.
Thanks
On StackOverflow, it's done by performing the same task too many times too quickly or performing multiple tasks too quickly.
If you want to emulate this, you can keep track of the number and time(s) of recent requests and check to see that everything is within your limits. If it isn't, redirect to a CAPTCHA.
Unfortunately, I don't have enough Java EE experience to provide any code, but hopefully my approach will give you some idea(s).
The simple method would be to log activity (clicks, comments, ect.) and then check the frequency and similarity between these. You can usually detect robots by looking for similar tasks performed repeatedly.
If you are really serious about robot detection, log every keystroke and mouse movements. Regular users have a percentage of error and uncertainty associated with typing and navigating the site. A 100% typo free user that navigates the site easily and quickly (moving the mouse on a straight line from point a to point b) without ever going for the back button is very likely to be a bot.