ioliver 0 Posted August 27, 2004 Share Posted August 27, 2004 (edited) I did this a while back. It starts IE in kiosk mode, and does a few other things. It was usefull for trying to build an IE based kiosk. I can't remember if I ever posted it. So, here it is: expandcollapse popup; kioskwatch3.au3 ; March 9, 2004 ; Built with AutoIt3 ; Starts Internet Explorer in Kiosk Mode and ; prevents any (Ctrl +) HotKeys from being used. ; March 3, 2004: Added Maintenance Mode ; Maintenance Mode starts a Command Prompt ; March 4, 2004: Script now block (Alt + Tab), ; and will close any Pop-up windows ; March 9, 2004: Added the function to check for 2 minutes of Idle Time Global $StartTime ; Read in Maintenance Password $maintpw = IniRead("C:\kw3.ini", "Settings", "PW", "") Call ("StartTimer") Run("runapp C:\Program Files\Internet Explorer\iexplore.exe -k http://URL") AutoItSetOption("WinTitleMatchMode", 2);2 = Any Substring While 1;Infinite Loop ; Handles IdleTime $MPos1 = MouseGetPos() $CPos1 = WinGetCaretPos() ; Handles Hotkeys If WinActive(" - Microsoft Internet Explorer") Then HotKeySet("!{TAB}", "Block") HotKeySet("^h", "Block") HotKeySet("^a", "Block") HotKeySet("^b", "Block") HotKeySet("^c", "Block") HotKeySet("^f", "Block") HotKeySet("^l", "Block") HotKeySet("^n", "Block") HotKeySet("^o", "Block") HotKeySet("^p", "Block") HotKeySet("^s", "Block") HotKeySet("^v", "Block") HotKeySet("^w", "Block") HotKeySet("^x", "Block") HotKeySet("^!z", "Maintenance") EndIf ; Block Pop-ups If WinExists("Connect to URL") Then WinClose("Connect to URL") EndIf If WinExists("Microsoft Internet Explorer", "&Yes") Then WinActivate("Microsoft Internet Explorer", "&Yes") Send("!y") EndIf ; Handles IdleTime (Continued) $MPos2 = MouseGetPos() $CPos2 = WinGetCaretPos() If $MPos1[0] <> $MPos2[0] Then Call("StartTimer") ElseIf $CPos1[0] <> $CPos2[0] Then Call("StartTimer") EndIf $EndTime = TimerStop($StartTime) If $EndTime > 120000 Then;120000 = 2 minutes Call("CloseIE") Call("StartTimer") EndIf Sleep(3);Reduces the load this script puts on the CPU time Wend Func Block() EndFunc Func StartTimer() $StartTime = TimerStart() EndFunc Func CloseIE() $title = WinGetTitle(" - Microsoft Internet Explorer") If $title <> "http://URL/ - Microsoft Internet Explorer" Then Send("!{F4}");Closes the Internet Explorer Window EndIf EndFunc Func Maintenance() $Password = InputBox("AutoIT3 - KioskWatch3 Maintenance Mode", "Enter KioskWatch3 Maintenance Mode Password:", "", "*") If $Password = $maintpw Then Run("cmd") Else MsgBox(0, "AutoIT3 - KioskWatch3 Maintenance Mode", "Invalid Password!", 3) EndIf EndFunc I hope it helps someone. Let me know what you think? Thanks again for all your help, Ian Edit: Works well if you make this Script the shell, or make a BAT file that calls this script the shell, I'm not sure. It may work as the shell if you compile (AUT2EXE) it. Thanks again Edited August 27, 2004 by ioliver "Blessed be the name of the Lord" - Job 1:21Check out Search IMF Link to post Share on other sites
msb5150 0 Posted August 29, 2004 Share Posted August 29, 2004 Just a few suggestions: 1) Perhaps use the following registry change to disable the ability to close internet explorer: [HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\ Restrictions] "NoBrowserClose"=dword:00000001 2) I can't find the settings now, but it is possible to disable the menu items in the ctrl-alt-del menu so that the unscrupulous user can only choose 'Cancel" Alternatively you could choose start the task manager upon ctrl-alt-del and then immediately close it from the script 3) Lastly you should constantly check that iexplore.exe is still running lest the user use the alt-f4 keystroke to get past it. Link to post Share on other sites
scriptkitty 1 Posted August 30, 2004 Share Posted August 30, 2004 Also need to disable the taskbar, windows keys, etc. Looks like you have a good start. Also make sure that you watch out for websites where they can add thier own links, like. <a href="c:\">Access my Cdrive</a> AutoIt3, the MACGYVER Pocket Knife for computers. Link to post Share on other sites
ioliver 0 Posted August 30, 2004 Author Share Posted August 30, 2004 Thanks for checking out the script, and I appreciate all the suggestions. I may try to implement all those things to make a production version of the script. When I wrote this script it was to replace a Netscape based Netsetter Kiosk application. So I used the script in combonation with some Local Group Policy settings and some Registry Hacks to do a lot of the things you suggested. Like, disable the Task Bar and the Ctrl + Alt + Del Menu items. Thanks again for all your help, please continue to make suggestions as to how I can improve it, and when I get time I'll try to implement those. Ian "Blessed be the name of the Lord" - Job 1:21Check out Search IMF Link to post Share on other sites
Bartokv 1 Posted August 30, 2004 Share Posted August 30, 2004 These other keys will also help to lock the system down a bit more:[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoActiveDesktopChanges"=dword:00000001 "NoSetActiveDesktop"=dword:00000001 "NoNetHood"=dword:00000001 "NoFind"=dword:00000001 "NoRun"=dword:00000001 "NoChangeStartMenu"=dword:00000001 "NoFolderOptions"=dword:00000001 "NoRecentDocsMenu"=dword:00000001 "NoRecentDocsHistory"=dword:00000001 "NoSetTaskbar"=dword:00000001 "NoTrayContextMenu"=dword:00000001 "NoFileMenu"=dword:00000001 "NoViewContextMenu"=dword:00000001 "NoMSAppLogo5ChannelNotify"=dword:00000001...Although these keys help to secure the system, please keep in mind that some would-be attackers are very determined and could still gain control of the box. It would also help to make sure that people don't have physical access to the power cord, floppy/cd drives, or USB/network ports on the system.BTW: Good job on the script! Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now