killcity44

i want to set something similiar up to the dialog that asks you to press CTRL, ALT and Delete before asking for passwords in WIndows 2000. how can i do this?

Infinite Recursion

when do you want it to execute, on demand or in the start up sequence?

__________________
http://jasonpowers.net

"There are a thousand hacking at the branches of evil to one who is striking at the root."

Rory

Unless you're willing to write a HAL mode keyboard driver, there is absolutely no way you can detect ctrl + alt + delete using events, directX, low level keyboard hooks or even kernel mode calls. The LSASS components built into the kernel "swallow" this keystroke and pass it directly to MsGina (winlogon.exe).
Unless you're willing to go to extreme lengths, or take the Trojan route I don't think you can get functionality for that specific keystroke, especially not in VB.

You could quite easily set up a normal password dialog box: just make the dialog. A brief note though: if you want a truly secure password dialog, do not use the default VB text box with a character mask. It is possible to extract the password using memory hackers, window messages and what not. You should not store the actual password in the textbox, instead put it in a variable or something. Alternatively get a user control that embeds this functionality, or even better use the microsoft Masked Edit control which runs an updated text box.

As for processing the password, though Microsoft will tell you to use hashes and SecureRTLZeroMemory and so on, a normal If statement will do, unless you're writing something for NASA!

Hope this helps!

drruggy

[PHP]Private Sub Timer1_Timer()
Dim keystate As Long

keystate = Getasynckeystate(vbKeyDelete)
If (keystate And &H1) = &H1 Then
Text1 = Text1 + "Delete has been pressed"
End If
keystate = Getasynckeystate(vbKeyControl)
If (keystate And &H1) = &H1 Then
Text1 = Text1 + "{ctrl}"
End If

keystate = Getasynckeystate(vbKeyMenu)
If (keystate And &H1) = &H1 Then
Text1 = Text1 + "{alt}"
End If
End Sub[/PHP]

Hope that helps.

Rory

As I said before, it won't hook Ctrl Alt and Delete on Windows NT (it may hook the Ctrl and Alt and even the Delete key separately appearing as individual keys, but this is not the keystroke, but simply "human error" in pressing the keys) - you'll find that if you specifically raise an event on that keystroke.
Many people have tried this, some with bad intentions, to "spoof" the user into giving logon details. Consequently the kernel intercepts this "magical" keystroke at the Hardware Abstraction Layer (this actually registers as an interrupt, like the power button) to provide this added layer of security, and in some cases reboot the computer.

kbirger

well Key Trap seems to do it... http://www.gold-software.com/KeyTrap-review566.htm try it yourselves, it handles ctrl+alt+del the same as other keystrokes, at least transparently enough for it to not be a driver-level thing. isn't there a way to catch the interrupt message? i believe it's 0x0019..

Rory

Again it's a modified keyboard driver. And the second would involve installing a root kit to modify the operating system, specifically the kernel, not the sort of thing a legitimate program does! If you're writing a trojan, they're better ways to go about it... (disable/hook the oemlayer for a start!)