Anyway MS generated chars can't be intercepted by keylogers?
Moderators: JRL, Dorian (MJT support)
Anyway MS generated chars can't be intercepted by keylogers?
Is there any way to make it difficult for keyloggers to intercept keystrokes generated by MS scripts? For example any way to directly insert a string into a browser field?
-
Marcus Tettmar
- Site Admin
- Posts: 7395
- Joined: Thu Sep 19, 2002 3:00 pm
- Location: Dorset, UK
- Contact:
By "browser field" do you mean a form field in a web browser?
If you use WebRecorder's functions, or IETagEvents, then you can directly set the value of a form field WITHOUT simulating keystrokes.
In a similar vein, if you are automating a desktop application and if the object supports it you might be able to use SetControlText or SetObjectText, which again set the published text property directly without simulating key strokes.
ObjectSendKeys and ObjectSendText use a lower level way of sending characters compared to SendText, so give those a try also - depends on how the keylogger works as to whether it will make a difference.
I ought to add that I don't know why you are wanting to circumvent a keylogger, or whether it is legit or not, and we cannot condone breaking terms and conditions of services which may prohibit "robots" or try to detect them. I'm just answering a technical question.
If you use WebRecorder's functions, or IETagEvents, then you can directly set the value of a form field WITHOUT simulating keystrokes.
In a similar vein, if you are automating a desktop application and if the object supports it you might be able to use SetControlText or SetObjectText, which again set the published text property directly without simulating key strokes.
ObjectSendKeys and ObjectSendText use a lower level way of sending characters compared to SendText, so give those a try also - depends on how the keylogger works as to whether it will make a difference.
I ought to add that I don't know why you are wanting to circumvent a keylogger, or whether it is legit or not, and we cannot condone breaking terms and conditions of services which may prohibit "robots" or try to detect them. I'm just answering a technical question.
Marcus Tettmar
http://mjtnet.com/blog/ | http://twitter.com/marcustettmar
Did you know we are now offering affordable monthly subscriptions for Macro Scheduler Standard?
http://mjtnet.com/blog/ | http://twitter.com/marcustettmar
Did you know we are now offering affordable monthly subscriptions for Macro Scheduler Standard?
Thanks for the eleboate answer, I'll try a few. And yes I meant a (logon) field in a browser page.
Yes it is for legit purposes, I'm trying to defeat a possibly infected system when filling in part of an encryption key. The encryption for which the key is, is quite strong. One of the left over risks is a key logger on an infected system. So it would strengthen the whole security if that MS-generated part of the key is much more difficult to log.mtettmar wrote: [.................] I ought to add that I don't know why you are wanting to circumvent a keylogger, or whether it is legit or not, and we cannot condone breaking terms and conditions of services which may prohibit "robots" or try to detect them. I'm just answering a technical question.
