flat assembler
Message board for the users of flat assembler.

Index > Windows > [Closed] How to manipulate keybord stuff.

Goto page Previous  1, 2
Author
Thread Post new topic Reply to topic
Furs



Joined: 04 Mar 2016
Posts: 1532
Furs
I'm pretty sure you can hook it, since AutoHotkey is a thing.
Post 10 Nov 2020, 13:09
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
Furs wrote:
I'm pretty sure you can hook it, since AutoHotkey is a thing.
Yeah, check out my VKEYS tool from the StormKey package (the VKWATCH.DLL is where the magic happens, there are sources included).

It only registers the keystrokes and does not replace them - however, as the documentation of LowLevelKeyboardProc states:
Microsoft Docs wrote:
If the hook procedure processed the message, it may return a nonzero value to prevent the system from passing the message to the rest of the hook chain or the target window procedure.
You can test it by modifying KeyboardProc in VKWATCH.ASM so that it returns a non-zero value - the keystrokes are no longer going to reach the applications.

Fabricating keystrokes is even easier, StormKey does it with keybd_event.
Post 10 Nov 2020, 13:53
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Okay, I like that. So this means the keys can be arbitrarily changed without needing a kernel driver?

But that feels kind of wrong to me. It allows an app to monitor keystrokes in another app. Or maybe I missed something?
Post 10 Nov 2020, 14:09
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7802
Location: Kraków, Poland
Tomasz Grysztar
revolution wrote:
Okay, I like that. So this means the keys can be arbitrarily changed without needing a kernel driver?

But that feels kind of wrong to me. It allows an app to monitor keystrokes in another app. Or maybe I missed something?
Yes, you can do it all from user mode. I just tested, and it works the same on Windows 10 as it used to on the old ones. I'm not sure what the limits are, but it certainly could be used mischievously.
Post 10 Nov 2020, 14:14
View user's profile Send private message Visit poster's website Reply with quote
codeHacker101



Joined: 02 Nov 2020
Posts: 20
codeHacker101
This is seriously good. Thanks
Post 11 Nov 2020, 08:15
View user's profile Send private message Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1532
Furs
revolution wrote:
Okay, I like that. So this means the keys can be arbitrarily changed without needing a kernel driver?

But that feels kind of wrong to me. It allows an app to monitor keystrokes in another app. Or maybe I missed something?
I think they have to be on the same user, or maybe even admin. But honestly I hate the paranoia mindset from the stupid mobile world.

Untrusted applications should be separated by privileges (or different users), but if two apps run in same privilege/container then they should have full access to each other, for convenience.

Unfortunately you see crap like Wayland (on Linux) designed to be ultra-paranoid. I mean yeah X11 is insecure, but this is madness. It makes me so mad.
Post 11 Nov 2020, 13:45
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Furs wrote:
Untrusted applications should be separated by privileges (or different users), but if two apps run in same privilege/container then they should have full access to each other, for convenience.
I see no good reason for that.

What convenience is there when the user has a browser open and typing a banking passphrase, and another "game" app is busy logging that and sending it off to the rogue developer? The user gets robbed blind.
Post 11 Nov 2020, 13:59
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1532
Furs
revolution wrote:
I see no good reason for that.

What convenience is there when the user has a browser open and typing a banking passphrase, and another "game" app is busy logging that and sending it off to the rogue developer? The user gets robbed blind.
Smart typing, macros either triggered by hotkeys or typing a string on a specific app (or edit control). All these require listening to the keyboard; it doesn't make them malware or logging your keystrokes, but they need the same kind of underlying access.

I mean, that's the kind of thing AutoHotkey was made for. You don't really like to automate your workflow do you? Wink
Post 12 Nov 2020, 14:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17716
Location: In your JS exploiting you and your system
revolution
Sending keystrokes based upon a trigger I have no problem with. Monitoring keystrokes from another app, that is where things get shady.

Is it possible to put a trigger on every key and then simply replay that key? If so, then you have just made yourself a keylogger.
Post 12 Nov 2020, 14:45
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 1532
Furs
revolution wrote:
Sending keystrokes based upon a trigger I have no problem with. Monitoring keystrokes from another app, that is where things get shady.

Is it possible to put a trigger on every key and then simply replay that key? If so, then you have just made yourself a keylogger.
Yeah, and you send them based on monitoring keystrokes or pixels or whatever (you can do a lot of stuff with AutoHotkey). The simplest are shortcuts, but even shortcuts are still technically monitoring keystrokes! People (and me) use them all the time, especially in real-time situations (mostly games, but also productive apps, like 3D software or for typing). In many cases you simply pass-through some keys while updating internal logic to know what to do next.

For example outside of game macros, do you know how phones have autofill based on common words? You can do that with AHK so you can type way faster, customized to your needs, without using dedicated software for it. It will work everywhere you want. That's the point. (especially useful if you want to type non-english Unicode stuff)

But for that, of course it has to monitor what you type. Duh. Of course you can make it monitor only on certain apps, windows or controls. The whole point of this is that it does not require this functionality to be built in every single app in existence, and you can customize it to what you want to work on any app.
Post 13 Nov 2020, 13:51
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.