TehBeyond Posted June 18, 2007 Posted June 18, 2007 For those of us that have the computer do things while we are gone, this program is a godsend. It will allow your computer to keep downloading, converting, archiving, or whatever while preventing other users from screwing around with it. Now you don't have to worry about your brother, roommate, parents, spouse, etc. stopping whatever you told it to do! When you run the script, it "hibernates" in the background. Then, when you press CTRL+ALT+L, the lock engages. This is where the true innovation comes in... I designed the Lock to use "keystroke passwords." This means that you could set mouse scrolls or clicks as characters in your password. You can also use keys that normally cannot be part of passwords, such as CTRL, SHIFT, NUMLOCK, etc. The default password in the code and compiled version is left-click, right-click, CTRL, ALT. To change it, open up the Help page for _IsPressed and use the two-digit codes provided. I considered writing a password "recorder," but decided against it because it could be exploited for other purposes. (ie, keylogging) Sorry, but you'll have to do this manually. Please note that with the proper password, there is no way a user could circumvent the lock. Programs, however, are another story. A "Spammer" program could rip through this lock faster than you could say "Oops!" However, once the Lock is engaged, it would be very difficult to launch such a program. Conclusion: Set your password, compile, and dump it in your Startup folder or write a Startup registry key for it. You'll be glad you did! --A few notes on the compiled version... It can be decompiled with a blank passphrase. It contains the mp3 and icon file that I thought went well with the program. Feel free to remove or change these. ProductiveLock.zip If you took the time to read through this whole post, kudos to you!. I would appreciate any comments... I would have told you I have Alzheimer's, but I forgot.My Splendid-Tastic Blog
TehBeyond Posted June 18, 2007 Author Posted June 18, 2007 I just realized that I forgot to add the icon file to the .zip, so, in case any of you want it... Spam.ico (from Leo's Icon Archive) I would have told you I have Alzheimer's, but I forgot.My Splendid-Tastic Blog
Skrip Posted June 18, 2007 Posted June 18, 2007 Please explain exactly what it does. I realise you have told us that it locks the computer, but how does it do that? What does it actually do? [left][sub]We're trapped in the belly of this horrible machine.[/sub][sup]And the machine is bleeding to death...[/sup][sup][/sup][/left]
TehBeyond Posted June 18, 2007 Author Posted June 18, 2007 It creates a GUI. It traps the mouse cursor within this GUI. Whenever another window/program becomes active, it changes it back to the Lock GUI. This should defeat ALT+TAB. It will close the Task Manager when opened, so as to prevent killing off the Lock by users. Granted, someone could WIN+L your computer... but that wouldn't do them any good, so you have to hope that they don't do that. I would have told you I have Alzheimer's, but I forgot.My Splendid-Tastic Blog
ryantollefson Posted June 26, 2007 Posted June 26, 2007 If you're quick with a keyboard you can disable it...While locked:Hit Ctrl+Alt+DelThen quickly hit Alt+E (for end process) and it will end the app.
jvanegmond Posted June 26, 2007 Posted June 26, 2007 I like the fact that passwords can be a lot more difficult with this. github.com/jvanegmond
sandman Posted June 27, 2007 Posted June 27, 2007 (edited) Cool, but the GUI could be a little better..Well that's just me.. I'm used to all these darn Web 2.0 graphics.edit: I added in a mask behind the lock window.. now people can't see what you're doing either, let alone meddle with it. It still doesn't look very pretty, unfortunately.expandcollapse popup#cs This code written by TehBeyond tehbeyond@gmail.com 6/17/07 This code modifed by sandman__ may_contain_peanuts2@yahoo.com 6/27/07 This code modifed by _________ ___________________ ________ This code modifed by _________ ___________________ ________ Feel free to modify this code, but leave this portion intact. Add your name/email to a Modifed By line before distributing your code. ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ||||||||||||||||||||||||||||||||Description|||||||||||||||||||||||||||||||||||| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| This script is intended for disabling the use of your computer while it is 'busy.' Examples I can think of include archiving, downloading, file converting... the list goes on. With the use of Productive Lock, your brother, roommate, parents, girlfriend, fiancee, etc. will be unable to screw with your computer. Please note that this script is VERY secure if the password is chosen well, but it could be bypassed by a 'spamming' program. It would, however, be nigh impossible to launch another program once the Lock has been activated. In summary, it is almost as secure as Win+L, but allows the computer to continue whatever it was doing. I recommend putting it in your startup folder or writing a registry startup key. #ce #include <misc.au3> #include <guiconstants.au3> ;~ #NoTrayIcon _Singleton(@ScriptFullPath);The default password is below. To change it, use the _IsPressed key list. If FileExists(@TempDir&"lock.mp3")=0 Then FileInstall(@ScriptDir&"\lock.mp3",@TempDir&"lock.mp3");Not really necessary...but I like it. $pwstring = "01021112";left mouse click, right mouse click, control, then alt ;Defining some variables... $pwindex = 2 $complete = 0 $timer = 0 $maskwin = GUICreate("lockmask", @DesktopWidth, @DesktopHeight, 0, 0, $WS_POPUPWINDOW, $WS_EX_TOOLWINDOW) GUISetBkColor(0x3B3E62, $maskwin) ;~ WinSetTrans($maskwin, "", 230) $lockwin = GUICreate("Productive Lock", 400, 300, -1, -1, BitOR($WS_POPUPWINDOW, $WS_CHILD));Create GUI GUISetBkColor(0x3B3E62, $lockwin) GUICtrlCreateLabel("This computer has been locked by Productive Lock.", 4, 16, 388, 24, $SS_CENTER) GUICtrlSetFont(-1, 12, 500, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0xFF0000) GUICtrlCreateLabel("Please enter your keystroke password to unlock.", 4, 72, 388, 20, $SS_CENTER) GUICtrlSetFont(-1, 12, 400, 0, "MS Sans Serif") GUICtrlSetColor(-1, 0xFF0000) GUISetFont(10) GUICtrlCreateLabel("Please note that resistance is futile. Productive Lock", -4, 136, 390, 17, $SS_CENTER) GUICtrlCreateLabel("supports long, complex keystroke passwords.", -4, 152, 393, 17, $SS_CENTER) GUICtrlCreateLabel("It also defeats attempts to circumvent the Lock.", -4, 168, 392, 17, $SS_CENTER) GUICtrlCreateLabel("Oh, and do have a nice day.", -4, 208, 395, 17, $SS_CENTER) GUICtrlCreateLabel("~Courtesy of TehBeyond and AutoIt", -4, 280, 395, 17, $SS_CENTER) SoundPlay(@TempDir&"lock.mp3");my voice, letting you know the script launched. _ReduceMemory();this func should be included in the default installation of AutoIt. It is just that good. While 1;"hibernate" in backround forever. If _IsPressed("11") And _IsPressed("12") And _IsPressed("4C") Then;Ctrl+alt+l launches Productive Lock... ;--------HotKeySet is also an option. However, I prefer _IsPressed because some programs like to override AutoIt hotkeys. $mousetimer = TimerInit() If WinExists("Windows Task Manager") Then;eliminate use of Task Manager by closing window WinClose("Windows Task Manager") #cs ---------Alternately, Task Manager can be closed by clicking the 'X' in the corner... just uncomment these lines. WinActivate("Windows Task Manager") $taskman=WinGetPos("Windows Task Manager") MouseClick("primary",$taskman[0]+$taskman[2]-15,$taskman[1]+15,1,0) ---------Alt+F4 can also be used. Just uncomment these lines. WinActivate("Windows Task Manager") Send("!{F4}") ;---I included the above because sometimes AutoIt doesn't seem to like to WinClose Task Manager.(it could just be the operater...me :D) #ce EndIf GUISetState(@SW_SHOW, $maskwin) GUISetState(@SW_SHOW, $lockwin) WinActivate("Productive Lock") MouseMove(@DesktopWidth / 2, @DesktopHeight / 2, 0);center mouse _MouseTrap(@DesktopWidth / 2 - 190, @DesktopHeight / 2 - 130, @DesktopWidth / 2 + 190, @DesktopHeight / 2 + 125);trap mouse in window Do If Not WinActive("Productive Lock") Then;the user hit alt+tab or ctrl+alt+del WinClose("Windows Task Manager");eliminates use of Task Manager by closing window WinActivate("Productive Lock") WinSetState("Windows Task Manager", '', @SW_DISABLE);just in case it refuses to close, disables the controls (occasionally AutoIt doesn't close Task Manager) MouseClick("primary", @DesktopWidth / 2, @DesktopHeight / 2, 1, 0);center mouse, the click is just in case user had time to right-click outside of the window _MouseTrap(@DesktopWidth / 2 - 190, @DesktopHeight / 2 - 130, @DesktopWidth / 2 + 190, @DesktopHeight / 2 + 125);trap mouse in window EndIf If TimerDiff($timer) > 2000 Then;if more than two seconds have passed since last correct key... $timer = 0;reset the timer $pwindex = 2;reset how far along in entering the password the user is $pwchar = StringLeft($pwstring, $pwindex);reset the current password character to the first button EndIf Workhorse($pwchar) Sleep(10) If TimerDiff($mousetimer) > 239000 Then ;every 3 mins, 59 secs... MouseClick("primary", @DesktopWidth / 2, @DesktopHeight / 2, 1, 0);this should prevent screensaver (unless the wait time is under four minutes) $mousetimer = TimerInit() EndIf Until $complete = 1 GUISetState(@SW_HIDE, $maskwin) GUISetState(@SW_HIDE, $lockwin) ;I like to re-set variables when not in use. (personal preference only) $timer = 0 $mousetimer = 0 $pwindex = 0 $complete = 0 _MouseTrap(-1, -1, -1, -1);cancel the MouseTrap _ReduceMemory() EndIf Sleep(50);adjust the sleep time based on how long you hold the ctrl+alt+l hotkey. WEnd Func Workhorse($pwchar_current); I named it this because it is the "workhorse" of the program. It does the actual keypress checking. If _IsPressed($pwchar_current) Then;if the user hits the next button in the password sequence... $timer = TimerInit();start the two-second timer $pwchar = StringRight(StringLeft($pwstring, $pwindex), 2);sets the next button in the password sequence Local $temp = $pwindex $pwindex = $temp + 2;sets how far along in the password sequence the user is If $pwindex - 2 > StringLen($pwstring) Then $complete = 1 ;when the user has entered the last key, notify of completion EndIf EndFunc ;==>Workhorse Func _ReduceMemory($i_PID = -1);w0uter created this ABSOLUTELY AMAZING bit of code. Put into every script you write! If $i_PID <> -1 Then Local $ai_Handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', 0x1f0fff, 'int', False, 'int', $i_PID) Local $ai_Return = DllCall("psapi.dll", 'int', 'EmptyWorkingSet', 'long', $ai_Handle[0]) DllCall('kernel32.dll', 'int', 'CloseHandle', 'int', $ai_Handle[0]) Else Local $ai_Return = DllCall("psapi.dll", 'int', 'EmptyWorkingSet', 'long', -1) EndIf Return $ai_Return[0] EndFunc ;==>_ReduceMemoryEverything else is still the same, I just changed the GUI a bit. Edited June 27, 2007 by sandman [center]"Yes, [our app] runs on Windows as well as Linux, but if you had a Picasso painting, would you put it in the bathroom?" -BitchX.com (IRC client)"I would change the world, but they won't give me the source code." -Unknownsite . blog . portfolio . claimidcode.is.poetry();[/center]
m0nk3yI3unz Posted June 27, 2007 Posted June 27, 2007 (edited) To defeat the WIN+L thing, could you just make a hotkeyset("#","nullfunc") when nullfunc() does nuthing? (Just found a use for the 'bug' that hotkeyset steals key usage xD) Edited June 27, 2007 by m0nk3yI3unz Monkeh.
jvanegmond Posted June 27, 2007 Posted June 27, 2007 Cool, but the GUI could be a little better..Well that's just me.. I'm used to all these darn Web 2.0 graphics.What the fuck is Web 2.0? I have been SO confused over the last days, but never dared ask!! github.com/jvanegmond
sandman Posted June 28, 2007 Posted June 28, 2007 I'm not sure Manadar........... I just kinda mean average-user-friendly when i say that. [center]"Yes, [our app] runs on Windows as well as Linux, but if you had a Picasso painting, would you put it in the bathroom?" -BitchX.com (IRC client)"I would change the world, but they won't give me the source code." -Unknownsite . blog . portfolio . claimidcode.is.poetry();[/center]
evk Posted July 1, 2007 Posted July 1, 2007 Awesome idea. However there is one itty bitty problem. If you hit all of the keys included in your password at the same time (or within the default two seconds) you can get into the system. If you maybe add an else to your Workhorse function where it would reset the string position to the beginning if you hit an incorrect key you might be able to solve the problem.
TehBeyond Posted July 11, 2007 Author Posted July 11, 2007 Awesome idea. However there is one itty bitty problem. If you hit all of the keys included in your password at the same time (or within the default two seconds) you can get into the system. If you maybe add an else to your Workhorse function where it would reset the string position to the beginning if you hit an incorrect key you might be able to solve the problem.You are absolutely correct, I did consider this. However, in order to change that, I would be essentially creating a keylogger which could be modified for malicious use. As I stated before... "with the proper password, there is no way a user could circumvent the lock." By "proper password" I mean that you should be including mouse clicks and choosing keys that are spread about the keyboard. That would make it highly unlikely that someone would mash the keys and mouse long enough to count as the correct password.Also, this is a general comment on various ways to circumvent the lock, you are all absolutely correct. However, if you had not seen the source code would you know how to get around it? Most people would not try the CTRL+ALT+DEL ALT+E trick. Also, if one had not seen the source, he would assume a wrong keypress would start the password over, because that is what he is used to. (In normal passwords, a wrong character = not the password.)As far as the WIN+L hotkeyset null-function goes... I tried it and it didn't work. I think Windows keeps priority over the hotkeys, overriding them all for its own personal use. I would have told you I have Alzheimer's, but I forgot.My Splendid-Tastic Blog
Learning4once Posted August 12, 2007 Posted August 12, 2007 This is excellent for helping me learn thing for a basic part of a security tool I wanted, THANKS!!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now