Jump to content
Sign in to follow this  
Sachamo512

Blocking Input & Not Requiring Admin Popup

Recommended Posts

Sachamo512

I am writting a security program that includes a system of batch and Autoit files that will prevent unwanted people from accessing your computer. I am very good with batch programming, so I was able to code all of that out very easily. However, this is my first time really using AutoIt, so my knowledge is pretty limited.

The way the program works is like this (leaving out all the minor details, of course):

  • Batch file runs on startup
  • If it determines that the user is legitimate, it does nothing
  • However, if the user is not legit, then it loads the BlockInput autoit script and loops it
  • Until the user authenticates themselves, the keyboard & mouse remain locked

BlockInput File:

#RequireAdmin

BlockInput(1)

MsgBox(0, "Test", "Authentication required! PC is locked!")

I found the BlockInput command, which (ALMOST!) does what I want it to do. It blocks mouse & keyboard input, unless I do control+alt+delete. As you can see, this would be a major problem, since the unauthorized user could just access task manager and close the program. So, I need some way to prevent this from happening.

My other problem is that I need the autoit script to not require admin rights. Even clicking the "Run as Admin" box in Advanced Options, it still brings up the pop-up window...not very effective...

If anybody has a solution to either one of my problems, I would greatly appreciate it!

Edited by Sachamo512

Share this post


Link to post
Share on other sites
kaotkbliss

I found the BlockInput command, which (ALMOST!) does what I want it to do. It blocks mouse & keyboard input, unless I do control+alt+delete. As you can see, this would be a major problem, since the unauthorized user could just access task manager and close the program. So, I need some way to prevent this from happening.

If anybody has a solution to either one of my problems, I would greatly appreciate it!

I have never used AutoIt's block input, but are you sure it wouldn't work? I know every time I use CTRL+ALT+DELETE and select task manager, it goes back to windows and loads task man. I would think that as soon as windows comes back up, all input would be blocked again (keeping the user from using the mouse or keyboard from ending any tasks).

Just a thought


010101000110100001101001011100110010000001101001011100110010000

001101101011110010010000001110011011010010110011100100001

My Android cat and mouse game
https://play.google.com/store/apps/details?id=com.KaosVisions.WhiskersNSqueek

We're gonna need another Timmy!

Share this post


Link to post
Share on other sites
evilertoaster

ctrl+alt+delete is a stable point of windows and is not trivial to disable, doing so is outside the scope of an the AutoIt standard library, but there may be some UDF's around. If not look at these for some ideas:

http://techsupt.winbatch.com/TS/T000001049F4.html

http://bytes.com/topic/net/answers/106520-disable-ctrl-alt-delete-visual-basic-net

http://webcache.googleusercontent.com/search?q=cache:4rQhCsqLFiMJ:www.experts-exchange.com/OS/Miscellaneous/Q_20493187.html+&cd=7&hl=en&ct=clnk&gl=us

Your second question doesn't make much sense...

The first line of your script is #RequireAdmin.

That makes your script require admin rights... if you dont want it, remove it...

You're essentially saying something similar to:

BlockInput(1)

How can I make this script not block input?

Share this post


Link to post
Share on other sites
Sachamo512

that's what I was hoping for too, but alas, it does not work. I can even click outside of the task manager and it unlocks the mouse and everything...

using #RequireAdmin was the only way I could get it to block inpupt in the first place...without it, it just displayed the msgbox, but wouldn't freeze anything. So that's why I added it. I'll take a look at the UDF's, thanks!

EDIT:

Okay, I removed the #RequireAdmin line and it still works. The only problem now is that, since I am on Windows 7, it still requires me to manually allow it to run...

Your links gave me a good idea, thanks

Edited by Sachamo512

Share this post


Link to post
Share on other sites
omikron48

I don't get it. What do you mean by "legitimate"? Isn't your script working within a console session, meaning that a user is already logged in on Windows?

At what instance is a person trying to use the computer illegitimate?

Is the computer in a workgroup or an AD environment?

Share this post


Link to post
Share on other sites
Sachamo512

I plan on making this program and selling it, so I am not willing to share the exact details of how it works...for fear of someone else stealing my idea xD

So if you would just please answer the question, I would greatly appreciate the help!

Share this post


Link to post
Share on other sites
omikron48

Your idea does not make sense.

If the computer is in an Active Directory environment, configuration of the security policy will disallow an account from logging in on a computer. You can also set the screen saver to activate at a certain idle time and ask for password on resume, thus preventing any person from messing around with an unattended computer.

If the computer is in a workgroup, it's pretty much the same thing except you make your settings via gpedit.msc.

So I really don't get it. Why should you need a lockout program when you are already logged in on a computer? Why go through all that trouble is simply locking the computer when you leave it alone is a viable option?

Or are you trying to recreate something akin to the independently set screen saver password like in Windows 98?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×