Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.1k views
in Technique[技术] by (71.8m points)

windows - Detect if keyboard or mouse events are triggered by a software

Is there a way to determine whether the keyboard or mouse events are triggered from a hardware rather than an application like TeamViewer, Steam or some other remote desktop software in a desktop application running on Windows?

My purpose is not to prevent bots, but to prevent remote access to the application.

It seems that RawInput API lets me detect fake events sent using SendInput API. Is it correct?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

The low-level keyboard/mouse hooks provided by SetWindowsHookEx() report if input was generated by actual devices or injected by application code.

For a low-level keyboard hook, the hook provides a pointer to a KBDLLHOOKSTRUCT structure, which has a flags member that contains a LLKHF_INJECTED flag for fake input.

For a low-level mouse hook, the hook provides a pointer to a MSLLHOOKSTRUCT structure, which has a flags member that contains either a LLMHF_INJECTED or LLMHF_LOWER_IL_INJECTED flag for fake input.

Either hook can return a non-zero value to block the input from being passed to the rest of the hook chain, and consequently to the target window.

Regarding the Raw Input API, according to (an older version of 1) the documentation for the GetRawInputDeviceInfo() function:

hDevice [in, optional]
Type: HANDLE

A handle to the raw input device. This comes from the lParam of the WM_INPUT message, from the hDevice member of RAWINPUTHEADER, or from GetRawInputDeviceList. It can also be NULL if an application inserts input data, for example, by using SendInput.

1: the highlighted note has been removed in the current version of the documentation, I do not know why.

So, the hDevice that is reported by a WM_INPUT message will be NULL for fake input.

however, it is not possible to block input with the Raw Input API. You still need a low-level hook for that.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...