A Question About How To Judge The Status Of Windows Winlogon

[kmps]

I am now writtring a GUI with auto3 beta,and anybody can tell me how can I judge the status of Windows

winlogon:

1.Windows are waiting someone to login

2.someone had login into the desktop

3.someone had login into the desktop and he locked the windows by press Win+L

[kmps]

I wander if AUTOIT can do that job?

but no one can tell me?

I am now writtring a GUI with auto3 beta,and anybody can tell me how can I judge the status of Windows

winlogon:

1.Windows are waiting someone to login

2.someone had login into the desktop

3.someone had login into the desktop and he locked the windows by press Win+L

[Bert]

Well, at the logon screen, explorer.exe isn't running. I don't know what else you can use.

serious question: why do you need to know this? just curious...

[kmps]

thank you very much!I am writtring a script which can do something when windows is locked

Well, at the logon screen, explorer.exe isn't running. I don't know what else you can use.

serious question: why do you need to know this? just curious...

[SmOke_N]

thank you very much!I am writtring a script which can do something when windows is locked

I seriously don't see you getting a serious answer on this question with out a detailed description of what your trying to accomplish and why.

[DaveF]

vollyman's answer is what I've used in the past for this purpose.

There are a (finite) number of legitimate purposes that this could be put to. I've used ZENWorks to run a script at boot-up that put up a "Message of the Day" wallpaper if no user was logged in. I had the script test for EXPLORER.EXE to insure that the script wouldn't clobber a logged in user's wallpaper if the ZEN service didn't beat the user logging in before running the script.

[Bert]

I'm with SmOKe_N on this one. In your first post, you made it out like you wanted something to run without anyone logged in. There are VERY few uses for this that I could even think of that would be ok. Most everything I do think of are bad. If that is the case, we don't take kindly to that around here. Would you mind explaining what you plan to do? It would go a long way in us understanding your intentions.

[kmps]

hello,

I am now writting a script like this:

1.the script run as a windows service

2.when winlogon displayed login dialog,the script will to see if anyone want to login and if in 5 mins,no one login,my script will create a random safe password for the admin account until someone want to login it will

change the password to the static so that the user can login

3.after the user login to the system,the script will change the password to a random safe password

in a word,the purpose of this script is to strenth the safety of windows admin password

but now I can't judge if someone want to login,the windows seemed to hide the action of mouse and keyboard when no one had login.so please help me,thank you very much!

I'm with SmOKe_N on this one. In your first post, you made it out like you wanted something to run without anyone logged in. There are VERY few uses for this that I could even think of that would be ok. Most everything I do think of are bad. If that is the case, we don't take kindly to that around here. Would you mind explaining what you plan to do? It would go a long way in us understanding your intentions.

[Confuzzled]

hello,

I am now writting a script like this:

1.the script run as a windows service

2.when winlogon displayed login dialog,the script will to see if anyone want to login and if in 5 mins,no one login,my script will create a random safe password for the admin account until someone want to login it will

change the password to the static so that the user can login

3.after the user login to the system,the script will change the password to a random safe password

in a word,the purpose of this script is to strenth the safety of windows admin password

but now I can't judge if someone want to login,the windows seemed to hide the action of mouse and keyboard when no one had login.so please help me,thank you very much!

Oh I see - you're going to improve on the Windows internal security by bolstering it with a skript that can be readily disassembled. Of course you will hide the admin password in a manner that hackers cannot decrypt by looking at the code, won't you? Will your skript contain keylogging elements to get the password the user types in (for comparison purpose only of course)?

Just wondering.

[Bert]

I see the idea of what the guy is attempting. It is a good idea, but if you change the admin password to something random, how will you know what it is when you need to access it? For example, you need to do a quick fix to all the workstations due to a virus outbreak. How would you manage this when the admin password is random?

May I make a suggestion? You could use a "token" that has a password generator built in. It is a series of numbers that cvhanges every 60 seconds, and is matched to a server that has the same program running. This way the passwords match. The Administrator password can be set by the server, so you wouldn't need to have a script running on the workstation. You could also change the local administrator ID to something else with @##$$)#& of charators in the name, to make it more secure. goto http://www.rsasecurity.com/ and you can get more information on this concept.

[kmps]

thanks all good men,

about the above question:"if you change the admin password to something random, how will you know what it is when you need to access it?"(from Vollyman)

in fact I know how to make the password to stop change when I needed,but the real problem I have to solve is how I can judge when I need to do so?

you can image:when the windows boot finished and displayed a login dialog

1.when there's no user to login,my script runing background to make password change very 60 seconds to protect the windows

2.when somebody wants to login,my script know what he want and stop the password change and set the password to the one user know.but this is the problem,how can i know somebody wants to login?by tracting

the action of mouse and keyboard?so sorry,Microsoft Windows hide them all.and that's the problem I had to

solve.

so if you had any good idea to help me to solve this problem,please tell me,thank you!

I see the idea of what the guy is attempting. It is a good idea, but if you change the admin password to something random, how will you know what it is when you need to access it? For example, you need to do a quick fix to all the workstations due to a virus outbreak. How would you manage this when the admin password is random?

May I make a suggestion? You could use a "token" that has a password generator built in. It is a series of numbers that cvhanges every 60 seconds, and is matched to a server that has the same program running. This way the passwords match. The Administrator password can be set by the server, so you wouldn't need to have a script running on the workstation. You could also change the local administrator ID to something else with @##$$)#& of charators in the name, to make it more secure. goto http://www.rsasecurity.com/ and you can get more information on this concept.

Edited April 12, 2006 by kmps

[kmps]

it seems no one knows how to solve this problem? or it's a impossibel mission?

maybe only Bill Gates can help me?

thanks all good men,

about the above question:"if you change the admin password to something random, how will you know what it is when you need to access it?"(from Vollyman)

in fact I know how to make the password to stop change when I needed,but the real problem I have to solve is how I can judge when I need to do so?

you can image:when the windows boot finished and displayed a login dialog

1.when there's no user to login,my script runing background to make password change very 60 seconds to protect the windows

2.when somebody wants to login,my script know what he want and stop the password change and set the password to the one user know.but this is the problem,how can i know somebody wants to login?by tracting

the action of mouse and keyboard?so sorry,Microsoft Windows hide them all.and that's the problem I had to

solve.

so if you had any good idea to help me to solve this problem,please tell me,thank you!

[Confuzzled]

it seems no one knows how to solve this problem? or it's a impossibel mission?

maybe only Bill Gates can help me?

What happens to your PC when it crashes or locks up - how are you going to recover if the admin password is now a random, unknown value. Break out the toolkit and add precious downtime while you hack the admin password? Not can't help - can't see the point of it all.

[greenmachine]

What happens to your PC when it crashes or locks up - how are you going to recover if the admin password is now a random, unknown value. Break out the toolkit and add precious downtime while you hack the admin password? Not can't help - can't see the point of it all.

Instead of having a random password (because the above situation is real), why don't you just make your admin password really really hard to guess in the first place, and don't tell anyone you don't want to know? Use upper and lower case letters, numbers, symbols, and don't make it remotely close to an english word.

[Bert]

I remember reading somewhere Compaq had a utility that did what you wanted, but at the BIOS level. It would use the system clock to generate a password, and you needed to run a utility on a different PC to get the password for that day. You could do that, and that would provide what you need. Have a script that changed the password by reading the BIOS clock. You can change the clock without booting into the OS. As long as the time matches the time set on the PC you run your "key" utility, you could get the password.

[NightGaunt]

1.when there's no user to login,my script runing background to make password change very 60 seconds to protect the windows

2.when somebody wants to login,my script know what he want and stop the password change and set the password to the one user know.but this is the problem,how can i know somebody wants to login?by tracting

the action of mouse and keyboard?so sorry,Microsoft Windows hide them all.and that's the problem I had to

solve.

I'm confused, you are saying the password is only random when no is trying to log in to the machine? Is this supposed to be a protection against Remote Connection or a brute force SAM-Hack? What is the purpose and maybe you can get a solution. Right now you are just asking for a random password generator to "protect" windows. If we knew exactly what it was you were protecting from we may be able to help better. There are certainly ways to pull this off, but I'm not certain of your reasoning or if Auto-It is the best tool for the job. I couldn't do it with only Auto-It, so I guess I can't help you.

[kmps]

you can image this:

the server is running...,of course my script running as a service backgroud too...

and all the NT count (administrator,user...)on this server will keep changing to a random safe password in 1 min or 2 seconds

and what do you think this solution will protect your server?

and do you agree this is a very saft state for a server?

I'm confused, you are saying the password is only random when no is trying to log in to the machine? Is this supposed to be a protection against Remote Connection or a brute force SAM-Hack? What is the purpose and maybe you can get a solution. Right now you are just asking for a random password generator to "protect" windows. If we knew exactly what it was you were protecting from we may be able to help better. There are certainly ways to pull this off, but I'm not certain of your reasoning or if Auto-It is the best tool for the job. I couldn't do it with only Auto-It, so I guess I can't help you.

[Phases]

you can image this:

the server is running...,of course my script running as a service backgroud too...

and all the NT count (administrator,user...)on this server will keep changing to a random safe password in 1 min or 2 seconds

and what do you think this solution will protect your server?

and do you agree this is a very saft state for a server?

I'm new to AutoIT (and love it!) but I've been a System Administrator for 10+ years.

I don't see any value in this, way too many risks in the password being "randomly" changed. You can rename the Administrator account, use a firewall and disable services to protect from quite a few remote attacks. Good common sense with patching and configuration go a long way to hardening a system

I'd rather have the server email me when someone logs into the system, as I would or would not be expecting a login.

If you're really concerned about the administrator account being used in a bad way... try the following:

Rename the Administrator account (which is recommened by MS anyway)

Create a new Administrator account with no privs

Create a script to monitor for the new Administrator account being logged in and take action as necessary.

[kmps]

thank your reply Phases,

Your security suggestion is very good,I will accept your suggestion to add some monitor function in my script.but I don't so agree with you about "way too many risks in the password being "randomly" changed",

in fact my script doesn't just change the password to a random one,should be a safest (strongest) random one.and I think a dynamic strong password will be safer then a static one,do you agree?

I'm new to AutoIT (and love it!) but I've been a System Administrator for 10+ years.

I don't see any value in this, way too many risks in the password being "randomly" changed. You can rename the Administrator account, use a firewall and disable services to protect from quite a few remote attacks. Good common sense with patching and configuration go a long way to hardening a system

I'd rather have the server email me when someone logs into the system, as I would or would not be expecting a login.

If you're really concerned about the administrator account being used in a bad way... try the following:

Rename the Administrator account (which is recommened by MS anyway)

Create a new Administrator account with no privs

Create a script to monitor for the new Administrator account being logged in and take action as necessary.