Jump to content
Sign in to follow this  
AtomR

Blocking USB Keyboard and Mouse

Recommended Posts

AtomR

Good afternoon,

I am working on a project for my company that has a machine with a computer that provides limited access to a system i'm working. The system has a monitor, a keypad and a usb port available but everything else is inside a box and the public can't access it (unless they pry it open but that's an entirelly different problem). I need to prevent users from being able to connect a keyboard and then using ctrl + alt + del to close my program and access the computer. Basically the usb port is supposed to allow users to save data using our ui into flash drives and nothing else. I cannot use blockinput because of the keypad and even then i think it would not block ctrl alt del. I can't use User Group Policy because it would also block the keypad.

Are there any ideas on how I could accomplish this?

The machine is a bar and cofee shop machine where people can enjoy some tabletop-like games and nothing malicious at all.

Share this post


Link to post
Share on other sites
AtomR

Thank you for your reply. I'm not entirelly sure how that can help. I'm not good at interpreting MSDN help especially when dealing with system specific functions. I am relativelly proficient at high level programing but programing at a low level is not really something i'm really good at.

I suppose i'd have to use AutoIt to open the "User32.dll" and use the WM_DEVICECHANGE method to know when a device has connected. But how can I possibly block the device with autoit after it has been detected?

Share this post


Link to post
Share on other sites
AtomR

But the machine will be placed in "third party" locations that are usually as careless with the hardware as the their custmoers are. An alarm really wouldn't be a solution. The better solution would be to actually not have a usb port available but I feel that is what would make us stand out from the "competition". So i'm leaving that as the last possible solution should all else fail.

[edit]

A less gracefull solution would be to remove task manager option from the ctrl+alt+del screen :S

Edited by AtomR

Share this post


Link to post
Share on other sites
Mat

WM_DEVICECHANGE is a Window Message, so you'd need to register it for a GUI using GUIRegisterMsg. I haven't tested so I'm not sure if you need to call RegisterDeviceNotification first, this isn't part of the api I've worked with before.

Just occured to me that just detecting raw input devices might be an easier option. Again, I don't know as I've never tried or tested anything like this, but try registering the WM_INPUT_DEVICE_CHANGE message first.

See _WinAPI_RegisterRawInputDevices for an example of registering for mouse input. 

For some reason GetRegisteredRawInputDevices is always returning zero devices for me. Doh! Because I didn't have any devices registered. _WinAPI_EnumRawInputDevices() works perfectly though, and also gives you the device type (HID, keyboard and mouse).

Edit: For the second step, there should be a way to disable the device, or get windows to unmount it. If not then locking the workstation, or just shutting down would work.

Edited by Mat

Share this post


Link to post
Share on other sites
AtomR

Shutting down the machine would work perfectly.

My system already detects the existence of as internal usb pen to make sure it is a valid copy in case someone tries to clone it. (this part is not helpfull at all) Since I have one keyboard always on I suppose I could count how many keyboards are detected at any given time and if a second one is detected it shuts down.

Thank you both so much for the help.

Edited by AtomR

Share this post


Link to post
Share on other sites
NewPlaza

You can always disable the control key altogether.  But by doing this would also pervent you from gaining access via CTRL-ALT-DEL.

You would have to boot in WinPE and make a registry change before you can access CTRL-ALT-DEL.

Share this post


Link to post
Share on other sites
AtomR

Out of curiosity how could I disable the controll key, NewPlaza?

Share this post


Link to post
Share on other sites
FireFox

Hi,

Have you tried the HotKeySet function?

Br, FireFox.


 

OS : Win XP SP2 (32 bits) / Win 7 SP1 (64 bits) / Win 8 (64 bits) | Autoit version: latest stable / beta.
Hardware : Intel(R) Core(TM) i5-2400 CPU @ 3.10Ghz / 8 GiB RAM DDR3.

My UDFs : Skype UDF | TrayIconEx UDF | GUI Panel UDF | Excel XML UDF | Is_Pressed_UDF

My Projects : YouTube Multi-downloader | FTP Easy-UP | Lock'n | WinKill | AVICapture | Skype TM | Tap Maker | ShellNew | Scriptner | Const Replacer | FT_Pocket | Chrome theme maker

My Examples : Capture toolIP Camera | Crosshair | Draw Captured Region | Picture Screensaver | Jscreenfix | Drivetemp | Picture viewer

My Snippets : Basic TCP | Systray_GetIconIndex | Intercept End task | Winpcap various | Advanced HotKeySet | Transparent Edit control

 

Share this post


Link to post
Share on other sites
NewPlaza

Out of curiosity how could I disable the controll key, NewPlaza?

 

REG ADD "HKLMSYSTEMControlSet001ControlKeyboard Layout" /v "Scancode Map" /t REG_BINARY /d 00000000000000000300000000003800000038e000000000 /f

 

Though it's really the ALT key that get disable not control key.. Anyhow I use this bit here in WinPE to prevent anyone ALT-TAB to other windows.

Bare in mind this a system wide change. It will affect all users including the login screen & welcome screen.

Share this post


Link to post
Share on other sites
FireFox

If you still want help, just ask :)


 

OS : Win XP SP2 (32 bits) / Win 7 SP1 (64 bits) / Win 8 (64 bits) | Autoit version: latest stable / beta.
Hardware : Intel(R) Core(TM) i5-2400 CPU @ 3.10Ghz / 8 GiB RAM DDR3.

My UDFs : Skype UDF | TrayIconEx UDF | GUI Panel UDF | Excel XML UDF | Is_Pressed_UDF

My Projects : YouTube Multi-downloader | FTP Easy-UP | Lock'n | WinKill | AVICapture | Skype TM | Tap Maker | ShellNew | Scriptner | Const Replacer | FT_Pocket | Chrome theme maker

My Examples : Capture toolIP Camera | Crosshair | Draw Captured Region | Picture Screensaver | Jscreenfix | Drivetemp | Picture viewer

My Snippets : Basic TCP | Systray_GetIconIndex | Intercept End task | Winpcap various | Advanced HotKeySet | Transparent Edit control

 

Share this post


Link to post
Share on other sites
AtomR

I will Firefox. I was just asked to do other tasks today so I really didnt dedicate any time to this problem. I have, however, registered the WM_DEVICECHANGED and it does indeed detect usb plug/unplug but for some reason I am getting uMsg and lParams completelly different from the ones on the MSDN help and those values don't really change regardless of whether i'm plugging or unpluggin and even regardess of what type of usb device is being plugged.

Share this post


Link to post
Share on other sites
FireFox

Follow >this post.

Except the Case statement concerned is: "Case 0xA2, 0xA3".

Br, FireFox.


 

OS : Win XP SP2 (32 bits) / Win 7 SP1 (64 bits) / Win 8 (64 bits) | Autoit version: latest stable / beta.
Hardware : Intel(R) Core(TM) i5-2400 CPU @ 3.10Ghz / 8 GiB RAM DDR3.

My UDFs : Skype UDF | TrayIconEx UDF | GUI Panel UDF | Excel XML UDF | Is_Pressed_UDF

My Projects : YouTube Multi-downloader | FTP Easy-UP | Lock'n | WinKill | AVICapture | Skype TM | Tap Maker | ShellNew | Scriptner | Const Replacer | FT_Pocket | Chrome theme maker

My Examples : Capture toolIP Camera | Crosshair | Draw Captured Region | Picture Screensaver | Jscreenfix | Drivetemp | Picture viewer

My Snippets : Basic TCP | Systray_GetIconIndex | Intercept End task | Winpcap various | Advanced HotKeySet | Transparent Edit control

 

Share this post


Link to post
Share on other sites
Belini

@ AtomR You can disable the manager by editing the registry.

;Disable Task Manager
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System", "DisableTaskMgr", "REG_DWORD", "1")
Sleep(10000)
;Enable Task Manager
RegWrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System", "DisableTaskMgr", "REG_DWORD", "0")
Edited by Belini

Share this post


Link to post
Share on other sites
AtomR

Thank you belini. I had already disabled task manager, change password, log out etc options using the Group Policy Editor ( gpedit.msc) and it does help a lot. It is only possible to access the windows "Switch User" option but I'd prefer to loose all trace of the Windows User Interface for a more polished system. If all else fails this is exactly the solution that I will opt for.

@FireFox: I've downloaded that HotKey UDF and tried. It does indeed capture ctrl alt del but it does not stop windows from taking me to the option screen. Adding the return -1 to the line you mentioned only had the effect that it will not call the function I register but windows options screen is still opened.

Edited by AtomR

Share this post


Link to post
Share on other sites
FireFox

Ah, I didn't know you wanted to block the locked screen. It's not possible to block the hotkey.


 

OS : Win XP SP2 (32 bits) / Win 7 SP1 (64 bits) / Win 8 (64 bits) | Autoit version: latest stable / beta.
Hardware : Intel(R) Core(TM) i5-2400 CPU @ 3.10Ghz / 8 GiB RAM DDR3.

My UDFs : Skype UDF | TrayIconEx UDF | GUI Panel UDF | Excel XML UDF | Is_Pressed_UDF

My Projects : YouTube Multi-downloader | FTP Easy-UP | Lock'n | WinKill | AVICapture | Skype TM | Tap Maker | ShellNew | Scriptner | Const Replacer | FT_Pocket | Chrome theme maker

My Examples : Capture toolIP Camera | Crosshair | Draw Captured Region | Picture Screensaver | Jscreenfix | Drivetemp | Picture viewer

My Snippets : Basic TCP | Systray_GetIconIndex | Intercept End task | Winpcap various | Advanced HotKeySet | Transparent Edit control

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×