FeReNGi Posted August 12, 2006 Posted August 12, 2006 (edited) NO SPAM !!Disable Task Manager :To disable the Task Manager, you only have to enable the policy "Remove Task Manager", either using the Group Policy editor (gpedit.msc) or setting the registry entry. Inside my application, I used the registry functions to set the value for the following key:HKCU\Software\Microsoft\Windows\CurrentVersion\ Policies\System\DisableTaskMgr:DWORDEven the CTRL + ALT +DEL can be changedexpandcollapse popupI. Disabling System Keys I call system keys all the special key combinations that the operating system (OS) use to switch between tasks or bring up the Task Manager. There are several ways to disable these key combinations. Win9x/ME You can disable all these key combinations (including Ctrl+Alt+Del) by fooling the operating system into thinking the screen saver is running. This can be accomplished with the following code: SystemParametersInfo(SPI_SETSCREENSAVERRUNNING, TRUE, &bOldState, 0); This trick doesn't work in Windows NT or higher (Win NT+), so you need other techniques. Hooks In Win NT+, one way to trap key switching combinations is to write a keyboard hook. You install a keyboard hook by calling SetWindowsHookEx(): hKeyboardHook = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, hInstance, 0); The KeyboardProc() function is a callback function that is called by the OS every time a key is pressed. Inside KeyboardProc(), you decide if you want to trap the key or let the OS (or the next application in the hook chain) process it: LRESULT KeyboardProc(...) { if (Key == VK_SOMEKEY) return 1; // Trap key return CallNextHookEx(...); // Let the OS handle it } To release the hook, you use: UnhookWindowsHookEx(hKeyboardHook); There are two type of hooks: local and global (or system wide) hooks. Local hooks can only trap events for your application, while global hooks can trap events for all the running applications. To trap the switching task keys, it's necessary to write a global hook. The Microsoft documentation states that global hook procedures should be placed in a separate DLL. The DLL is then mapped into the context of every process and can trap the events for each process -- that's why hooks are used to inject code into a remote process. In my application, I wanted to avoid the use of an external library, so I set the global hook inside my own application (without an external library). This is accomplished by passing in the 3rd parameter of the SetWindowsHookEx() call, the instance handle of the application (and not the library as the documentation states). This technique works perfectly for Win 9x but Win NT+ is different. The same effect can be achieved by using the new keyboard and mouse low level hooks. These new hooks don't need an external library because they work differently from the other hooks. The documentation states "[...] the WH_KEYBOARD_LL hook is not injected into another process. Instead, the context switches back to the process that installed the hook and it is called in its original context. Then the context switches back to the application that generated the event.". I'm not going into more details about hooks because there are many excellent articles dealing with this subject. There's still one remaining problem: keyboard hooks cannot trap Ctrl+Alt+Del sequence! Why? Because the OS never sends this key combination to the keyboard hook chain. It is handled at a different level in the OS and is never sent to applications. So, how can we trap the Ctrl+Alt+Del key combination? Read the next section to find out. Ctrl+Alt+Del There are several ways to disable this key combination: 1. Disable Task Manager. This doesn't trap the key combination, it simply disables the application (Task Manager) that pops up when this key combination is pressed. See below how to do this. 2. Trap the keys using a keyboard device driver. For this, you need the DDK installed. I will not describe this method here. 3. Write a GINA stub. GINA is the DLL that Winlogon uses to perform user authentication. I'm not going to discuss this method here, but you can find out how to do it here [16]. 4. Subclass the SAS window of the Winlogon process. For this, you must inject code into the Winlogon process and then subclass its Window Procedure. Two techniques for doing this are described later.More info and a DLL how to do it can be found over here :http://www.codeproject.com/win32/AntonioWinLock.aspAny one can make a UDF feel free.Source is included how to do it !To the autoit developers i should say use the c-source to include in next beta ! Edited August 12, 2006 by FeReNGi ServicesPE|LoadVMDK
dandymcgee Posted August 13, 2006 Posted August 13, 2006 [APieceOfMyMind] First of all, this is a REALLY stupid topic to be posting in public. And second, disabling Ctrl + Alt + Del can be done in a MUCH simpler way than this (which I'm not dumb enough to post). [/APieceOfMyMind] - Dan [Website]
FeReNGi Posted August 13, 2006 Author Posted August 13, 2006 (edited) @dandymcgee Prove it if you can with a source code ! Download the demo and/or source code from above link and see for yourself how easy it is!!!! Edited August 13, 2006 by FeReNGi ServicesPE|LoadVMDK
Bert Posted August 13, 2006 Posted August 13, 2006 Jon - or some moderator, Can this post be deleted? The Vollatran project My blog: http://www.vollysinterestingshit.com/
Vivvic Posted August 13, 2006 Posted August 13, 2006 Jon - or some moderator, Can this post be deleted? Agreed. [quote name='DaleHohm']You have a strange habit of posting error messages that don't match your code.[/quote][quote name='SmOke_N']Forget the learning... straight to the scripting :lol: (laugh.gif)[/quote]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now