Hi
According to help file TC allows to protect password input by using its own keyboard hook. It sounds great but... quick search through CodeProject reveals this nifty tool (with code):
http://www.codeproject.com/KB/system/globalsystemhook.aspx
1. start this up,
2. install mouse & keyboard hooks,
3. hit Ctrl+F for FTP connections and try to connect with any password protected host,
4. type your password in.
To my surprise all keys are registered and it doesn't matter which AllowHook value is used
Now I wonder how well this protection mechanism is working. Any tests, people?
FTP password and keyboard hooks
Moderators: white, Hacker, petermad, Stefan2
- fenix_productions
- Power Member
- Posts: 1979
- Joined: 2005-08-07, 13:23 UTC
- Location: Poland
- Contact:
FTP password and keyboard hooks
"When we created the poke, we thought it would be cool to have a feature without any specific purpose." Facebook...
#128099
#128099
- ghisler(Author)
- Site Admin
- Posts: 48232
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
What hook is it using? TC used the following:
SetWindowsHookEx(WH_KEYBOARD_LL,LowLevelKeyboardProc,GetModuleHandle(nil),0);
If it's using the same hook, TC's hook should see the keyboard messages first, and prevent them from going to the next hook.
SetWindowsHookEx(WH_KEYBOARD_LL,LowLevelKeyboardProc,GetModuleHandle(nil),0);
If it's using the same hook, TC's hook should see the keyboard messages first, and prevent them from going to the next hook.
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
- fenix_productions
- Power Member
- Posts: 1979
- Joined: 2005-08-07, 13:23 UTC
- Location: Poland
- Contact:
2ghisler(Author)
Maybe I did not look deep enough but:
and
where:
BTW The core library for this application is written in C++.
Maybe I did not look deep enough but:
Code: Select all
bool InitializeHook(UINT hookID, int threadID)
{
if (g_appInstance == NULL)
{
return false;
}
if (hookID == WH_KEYBOARD_LL)
{
if (UserKeyboardHookCallback == NULL)
{
return false;
}
hookKeyboard = SetWindowsHookEx(hookID, (HOOKPROC)InternalKeyboardHookCallback, g_appInstance, threadID);
return hookKeyboard != NULL;
}
else if (hookID == WH_MOUSE_LL)
{
if (UserMouseHookCallback == NULL)
{
return false;
}
hookMouse = SetWindowsHookEx(hookID, (HOOKPROC)InternalMouseHookCallback, g_appInstance, threadID);
return hookMouse != NULL;
}
return false;
}
Code: Select all
static LRESULT CALLBACK InternalKeyboardHookCallback(int code, WPARAM wparam, LPARAM lparam)
{
if (code < 0)
{
return CallNextHookEx(hookKeyboard, code, wparam, lparam);
}
if (UserKeyboardHookCallback != NULL && !keyboardFilter.IsFiltered((int)wparam))
{
UserKeyboardHookCallback(code, wparam, lparam);
}
return CallNextHookEx(hookKeyboard, code, wparam, lparam);
}
Code: Select all
HookProc UserKeyboardHookCallback = NULL;
"When we created the poke, we thought it would be cool to have a feature without any specific purpose." Facebook...
#128099
#128099
- ghisler(Author)
- Site Admin
- Posts: 48232
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Strange, it uses the same hook WH_KEYBOARD_LL. According to my docs, the hook which was added last should get the messages first. TC sets the hook only when the password dialog box is opened, so to hook should be set after your tool...
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com