StrokesPlus.net
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
randomConstant  
#1 Posted : Friday, November 5, 2021 9:57:21 AM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Hi everyone, I have this particular scenario in my mind to do certain tasks as S+ launches(such as with Windows startup)..

I would like to disable my machine's controls such as mouse movement(by locking cursor in a 0px rectangle which I can do) and keyboard controls(honestly I have no idea how to do that and still 'unlock' machine later P).

Assuming I have script to 'lock' machine's controls, I would like to run the script immediately after S+ loads settings(after that loading settings UI on startup) so that any 'unexpected guest' looses control over machine even if he manages to bypass machine's login.

I am fine with having to press a secret keyboard shortcut afterwards to run 'unlocking' script and gain control over my machine if it means I have peace of mind that most 'guests' will most probably be unable to do much with my machine. (I know data can still be extracted if you are motivated enough but unexpected scenarios such as locked cursor can throw many minds into fear especially if they don't know about S+ which should be a sin on its own P)

Any tips and additional feature ideas and implementations are much appreciated.
randomConstant  
#2 Posted : Friday, November 5, 2021 10:00:35 AM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
And very sorry about this post being in a 'feature request' section, it's not a feature request, I am just new to using forums. Please move this post to normal discussions if its possible to do as a moderator.
Rob  
#3 Posted : Tuesday, November 9, 2021 3:58:41 PM(UTC)
Rob

Rank: Administration

Reputation:

Groups: Translators, Members, Administrators
Joined: 1/11/2018(UTC)
Posts: 1,066
United States
Location: Tampa, FL

Thanks: 22 times
Was thanked: 315 time(s) in 276 post(s)
The issue in regards to S+ is that its primary means of preventing input is via hooks, and when you press Ctrl+Alt+Delete, Windows doesn't allow other apps to intercept that.

So someone could still get around it to some degree, unless you follow these steps to completely disable Ctrl+Alt+Del:
https://docs.opswat.com/mdkiosk/operating/disabling-windows-hot-keys

You could use a sync keyboard hook to capture and consume all input, while watching for a specific key sequence to reenable normal keyboard operation:
https://forum.strokesplus.net/posts/t7209-Mouse---Keyboard-Event-Subscriptions
a similar mouse hook exists to consume movement

You can also use the S+ function to restrict the mouse to a rectangle:
https://forum.strokesplus.net/posts/t8342-How-to-restrict-the-mouse-at-a-point


This isn't necessarily a quick/simple script given there are a lot of conditions to make sure are properly covered, but I do think it is possible to accomplish.
randomConstant  
#4 Posted : Tuesday, November 9, 2021 4:48:59 PM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Thanks for reply Rob.

I've checked out the links and from what I understand these 'hooks' are executed when S+ starts. So if I'm getting it right you're suggesting to use a hook that consumes all keyboard input rendering machine's input ineffective in other applications besides S+ (after disabling windows shortcut).

This seems like a good approach but kind of too tech-y for me right now, is there a hook or some other way to trigger a certain script(lets say mouse restrict script) to run as soon as S+ starts?

For example: if we wanted to show a 'hi user' DisplayText popup to user as soon as S+ started and there was a script 'sendHiToUser', is there a way to trigger this script to run just after S+ loaded?
Rob  
#5 Posted : Wednesday, November 10, 2021 2:57:24 PM(UTC)
Rob

Rank: Administration

Reputation:

Groups: Translators, Members, Administrators
Joined: 1/11/2018(UTC)
Posts: 1,066
United States
Location: Tampa, FL

Thanks: 22 times
Was thanked: 315 time(s) in 276 post(s)
Yeah, any script in the Global Actions > Load/Unload > Load tab will execute on start/reload.
randomConstant  
#6 Posted : Thursday, November 11, 2021 8:14:42 AM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Wow it was right there in front of me!

Thanks a lot for pointing it out Rob.
Tatarize  
#7 Posted : Tuesday, November 23, 2021 8:40:43 AM(UTC)
Tatarize

Rank: Newbie

Reputation:

Groups: Approved
Joined: 4/13/2021(UTC)
Posts: 3
United States

Thanks: 2 times
Was thanked: 1 time(s) in 1 post(s)
Originally Posted by: randomConstant Go to Quoted Post
Hi everyone, I have this particular scenario in my mind to do certain tasks as S+ launches(such as with Windows startup)..
...
Any tips and additional feature ideas and implementations are much appreciated.


sp.ConsumePhysicalInput(true);

Is literally undefeatable. It times out now, but if you wanted to remove that timeout I think there's an argument for that. Literally I was locked out of my own system a couple times and I have a degree in computer science and could not figure out anyway to do anything. Control + Alt + Delete work a little bit, but once you're back in windows you're locked out again. I am not sure how you eat your cake and have it too, in that this locks you out. But, you might be able to ask somebody should know to hold control 2 seconds after strokes plus is started to avoid falling into stuck world.

sp.ConsumePhysicalInput(true); // Default, 60 second timeout
sp.ConsumePhysicalInput(true, 600); // 600 second timeout
sp.ConsumePhysicalInput(true, 1); // 1 second timeout
sp.ConsumePhysicalInput(true, 0); // Infinite, must manually call stop

Edited by user Tuesday, November 23, 2021 8:46:03 AM(UTC)  | Reason: Added versions.

thanks 1 user thanked Tatarize for this useful post.
randomConstant on 11/23/2021(UTC)
randomConstant  
#8 Posted : Tuesday, November 23, 2021 1:53:21 PM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Thank you Tatarize!

It seems to be an easier way to block all input. However, I decided not to implement this whole 'stuck-pc' idea on my machine because the input would stop as S+ starts and anyone interested enough to snoop on the machine will figure out the link between stuck machine and S+ from its startup notification overlay.

Maybe a delayed BSOD in case the user doesn't stop a 'self-destruct' script with some 'secret' shortcut would be better. Mellow
Rob  
#9 Posted : Tuesday, November 23, 2021 2:20:07 PM(UTC)
Rob

Rank: Administration

Reputation:

Groups: Translators, Members, Administrators
Joined: 1/11/2018(UTC)
Posts: 1,066
United States
Location: Tampa, FL

Thanks: 22 times
Was thanked: 315 time(s) in 276 post(s)
So what's the main goal here?

You just want the PC running, but basically unable to be interacted with?
randomConstant  
#10 Posted : Tuesday, November 23, 2021 2:41:08 PM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Originally Posted by: Rob Go to Quoted Post
So what's the main goal here?

You just want the PC running, but basically unable to be interacted with?


Actually since Windows login is not that hard to bypass I was thinking of a way to use S+ to detect an intruder (when a script is not stopped within a certain time period) and also stop, stuck, or crash the machine confusing the intruder and probably scaring them off.

Since Windows controls can not be stopped for the time S+ takes to startup, making the machine stuck might make the intruder suspicious of S+, so maybe a delayed self-crash BSOD or something similar would be better.

Example:
Owner starts machine, logs into Windows, presses shortcut within 60 seconds after S+ loads, resumes using his machine normally.
Intruder starts machine, bypasses Windows login, continues using machine and does not press shortcut within 60 seconds, machine crashes showing BlueScreenOfDeath, maybe tries 2 more times, thinks he just messed up a fully functional machine, gets scared a bit and leaves machine alone.

We could probably log the intrusion activity in a file somewhere on machine before self-crashing and maybe even take selfie of the intruder from front camera or start monitoring his activity using a keylogger and self-crash after, lets say 5 minutes if we really want to catch the intruder Drool

I am not a security expert by any means but a similar method might be useful when dealing with normies.

Rob  
#11 Posted : Tuesday, November 23, 2021 4:26:13 PM(UTC)
Rob

Rank: Administration

Reputation:

Groups: Translators, Members, Administrators
Joined: 1/11/2018(UTC)
Posts: 1,066
United States
Location: Tampa, FL

Thanks: 22 times
Was thanked: 315 time(s) in 276 post(s)
Sent me down quite a rabbit hole, lol. Only crappy thing is that injecting keyboard input doesn't trigger this BSOD - you have to physically press the keys:

https://www.thewindowsclub.com/force-blue-screen-death-windows

And both of these require elevation:
Code:
sp.RunProgram("taskkill.exe", "/f /im svchost.exe", "runas", "hidden", true, true, false);

(from https://stackoverflow.co...ows-10-or-corrupt-its-os)

Code:
sp.Run("C:\\Users\\Rob\\Downloads\\notmyfaultc.exe crash 0x02");

(NotMyFault from https://docs.microsoft.c...als/downloads/notmyfault)

So then you're down to just consuming all input with some ridiculously long timeout value, along with possibly disabling the Ctrl+Alt+Del key combo.

But unsticking will basically just be rebooting the computer or leveraging StrokesPlus.Input.Hooks.Keyboard.OnKeyboardHookEvent to watch for a certain sequence of keyboard events to release the lock.

The keyboard even hook is fired before S+ consumes the keyboard input, so you can clear the consume and do anything else you need to in there.
thanks 1 user thanked Rob for this useful post.
randomConstant on 11/23/2021(UTC)
randomConstant  
#12 Posted : Tuesday, November 23, 2021 6:29:14 PM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Oh Damn.

This is pretty interesting and maybe I should buy a tin-foil-hat now. Laugh

But the discussion has cleared the following points including my initial query:
  1. Running scripts as S+ starts (using load/unload)
  2. Locking mouse movement and disabling all keyboard input by consuming it (hooks)
  3. Information about some Windows privileged shortcuts and tasks


I do not, however, think that doing all of this with S+ is worth it when dealing with a tech-savvy intruder.
Suggestions for someone likeminded:
  1. For normies just lock the movement and send Windows shutdown keys (such as Win+X, U, U) if the lock-script is not disabled in due time. Maybe even throw in a fake malware popup.
  2. For tech-savvy intruders just run a logger silently after the lock or intruder-detector-script is not disabled in due time and look up their activity later.
  3. Encrypt your data using VeraCrypt or some other trustworthy disk encryption software with a long mixed password, intruders can easily break in through the Windows P.


and thank you again for making this amazing software @developers. Windows is worth using now because of it. Only two software I can't use systems without now are S+ (for Windows) and Niagara Launcher (a minimal/neat launcher for Android).
Rob  
#13 Posted : Tuesday, November 23, 2021 6:49:34 PM(UTC)
Rob

Rank: Administration

Reputation:

Groups: Translators, Members, Administrators
Joined: 1/11/2018(UTC)
Posts: 1,066
United States
Location: Tampa, FL

Thanks: 22 times
Was thanked: 315 time(s) in 276 post(s)
Also, S+ can, via .NET, communicate over the internet. You could make an AWS Lambda function which S- posts to, kicking off some process like sending an SMS or something that a potential intruder is using the system.

Could even have S+ poll a service which returns a string (script). Get a notification that there's an intruder, send back a script for S+ to execute.

Lots of possibilities :)
randomConstant  
#14 Posted : Wednesday, November 24, 2021 12:37:13 PM(UTC)
randomConstant

Rank: Member

Reputation:

Groups: Approved
Joined: 7/17/2021(UTC)
Posts: 20

Thanks: 5 times
Was thanked: 1 time(s) in 1 post(s)
Great!

I'll keep that in mind.

Thanks Rob.
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.