stackoom
  简体   繁体   中英

Access OSK(on screen keyboard) handle from desktop app without administrator rights

 原文  2015-02-11 12:36:45       windows/ winapi/ privileges/ kiosk-mode

Question

I have a desktop delphi application that runs without administrator rights on windows 7 and 8. This application, needs to send (SendInput) mouse events(click and move) to another running apps. This app works like a driver for a remote wifi pen, that controls mouse over desktop. When the focus is over OSK(on screen keyboard), the mouse move with left key pressed dont work, the osk windows dont move, all others applications move when receive these mouve events. I cand get handle of OSK. When I run my app with administrator privileges(UAC) all works fine, OSK move when app send mouve envets. I think that problem is related to UAC. I found a way to bypass the UAC like this http://www.thewindowsclub.com/create-elevated-shortcut-run-programs-bypass-uac , but is not a good ideia in some enviroments. There is a way to bypass the UAC without underground ways ? Or how can I force the OSK to respond on all mouse events that I send to him.

1 answers

solution1
 4 ACCPTED  2015-02-11 14:01:17

Here is a snip of the manifest that is embedded in Osk.exe: 

<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
  <security>
    <requestedPrivileges>
      <requestedExecutionLevel level="asInvoker" uiAccess="true"/>
    </requestedPrivileges>
  </security>
</trustInfo>

Note the level it asks for, asInvoker does not ask for UAC elevation, only requireAdministrator does. In other words, it runs with whatever privileges the starting program has. You can tell, you don't get the consent prompt when you start Osk.exe

What matters here is uiAccess . With it set to true , the program bypasses UIPI. The lesser-known twin of UAC, User Interface Privilege Isolation protects against shatter attacks by disallowing another process to poke keystrokes and mouse clicks into the window owned by an elevated app. Such a process still runs in high integrity mode, that's why you cannot poke into Osk yourself, but doesn't have the privileges enabled that make an UAC elevated app dangerous.

This is not unusual, most any program that uses UI Automation or provides an accessibility feature needs to be able to do this. Like Osk.exe, it needs to be able to poke keystrokes into any app. Clearly what you want to do as well.

Getting uiAccess does not require the user to consent to a prompt like UAC elevation does. The operating system has to "trust" you. Covered well in this MSDN article , "UIAccess for UI automation applications" section. I'll just summarize it here:

  • Set uiAccess="true" in the application manifest
  • Your executable must have valid digital certificate, the kind you buy from a vendor like Verisign.
  • Your executable must be stored in a directory that has write access denied, in a subdirectory of c:\\program files or c:\\windows.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Run app from .bat file with administrator rights from startup? Autohotkey - Gamepad as Mouse - how to use osk.exe (On Screen Keyboard) How to run Heroku CLI without administrator rights? SVN client on windows without administrator rights Move On-Screen Keyboard (osk.exe) with C# & Win API Start program as administrator on account without admin rights without typing password Folder access issue in window7 with out administrator rights Where can I create a directory without Administrator Rights / Privileges? Application add to startup ( need administrator rights to start app ) Give Administrator rights to the application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM