Announcement

Collapse

Maintenance

The forum could be offline for 30-60 minutes in the very near future for maintenance (said 3pm Pacific). I was behind on getting this notice. I do apologize.
See more
See less

Removing Right Click->Copy

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Removing Right Click->Copy

    I have an edit control that I would like to remove the ability to copy the material from.
    It's used to show bad login attempts to the application, and in itself poses a minor security threat, and I just want to remove the ability to copy the material from it without using a label etc...

    On the other hand that may be my best workaround....hmmmmm

    Meanwhile, how would one do that?

    Scott


    ------------------
    Scott
    mailto:[email protected][email protected]</A>
    Scott Turchin
    MCSE, MCP+I
    http://www.tngbbs.com
    ----------------------
    True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

  • #2
    scott --
    try this.
    Code:
       #compile exe
       #register none
       #dim all
       #include "win32api.inc"
    
       callback function dlgproc
          if cbmsg = %wm_destroy then postquitmessage 0
       end function
    
       function pbmain()
          local msg as tagmsg, hdlg as long, hwndt as long
          dialog new 0 ,", , , 200, 100, %ws_caption or %ws_sysmenu to hdlg
          control add textbox, hdlg, 101, "try to copy me" + $crlf + "ha-ha", _
             10, 10, 170, 30, %es_wantreturn or %es_multiline, %ws_ex_clientedge
          dialog show modeless hdlg call dlgproc
          hwndt = getdlgitem(hdlg, 101)
          while getmessage(msg, %null, 0, 0)
             if msg.hwnd = hwndt and msg.message = %wm_rbuttondown then
                msgbox "he-he"
             elseif msg.hwnd = hwndt and msg.message = %wm_char and msg.wparam = 3 then
                msgbox "ha-ha"
             elseif isdialogmessage(hdlg, msg) = %false then
                translatemessage msg: dispatchmessage msg
             end if
          loop
       end function
    but if to talk seriously...
    there is a lot of guys, which are able to do enough complex things
    see, for a example, http://www.powerbasic.com/support/pb...ead.php?t=2465

    i feel that it's necessary to discuss a thread how to prevent similar "gifts".
    probably, an author doesn't want to do something "criminal".
    but similar technique can be used to write viruses, to bypass protection (if program tests own crc) and so on.

    [this message has been edited by semen matusovski (edited july 18, 2000).]

    Comment


    • #3
      Semen --

      Pressing Shift-Delete allows your program's text to be copied.

      Heh-Heh.

      -- Eric

      ------------------
      Perfect Sync: Perfect Sync Development Tools
      Email: mailto:[email protected][email protected]</A>

      "Not my circus, not my monkeys."

      Comment


      • #4
        Scott --

        If you use a label or just about any other control, a program like Spy++ could be used to grab the text pretty easily. And it's very easy to write a program (10 lines?) that will capture any text that the mouse points to.

        Probably the most secure way would be to "draw" the text as a graphics image, using the DrawText API. That way the text string itself will never actually be stored by Windows. The most a person could do would be Alt-PrintScreen to capture an image of the text.

        Or do you need to protect against that too?

        -- Eric

        ------------------
        Perfect Sync: Perfect Sync Development Tools
        Email: mailto:[email protected][email protected]</A>

        "Not my circus, not my monkeys."

        Comment


        • #5
          Eric --
          Even I (enough far from hacker's technique) is able to write during 10 minutes a global keyboard hook, which integrate DLL into process and simply changes Callback function.
          That's why I suggested to discuss a question how to prevent hacker's attacks.

          ------------------

          Comment


          • #6
            Perhaps processing %WM_CONTEXTMENU and display your own
            pop-up will do the trick?

            ------------------
            Fred
            mailto:[email protected][email protected]</A>
            http://www.oxenby.se

            Fred
            mailto:[email protected][email protected]</A>
            http://www.oxenby.se

            Comment


            • #7
              I just put it in a listview, problem solved LOL

              Can someone copy it using the API?

              Sure, and I can type anything on a keyboard, who would believe such a thing if they extracted it with another app....


              It's just a real mild thing, but all in all just having the password ATTEMPTS could land me on NTBUGTRAQ when run on an NT box because someone might see it and recognize that the person was CLOSE on his password, thus giving away possibly an administrators password..


              It was probably a bad idea to even log when a bad password was given, or at the very least logging the password attempt...

              In fact, I think I will just remove it so the right click copy is not an issue..


              BUt now that I see the challenges here, I am curious as to how to do it LOL


              scott


              ------------------
              Scott
              mailto:[email protected][email protected]</A>
              Scott Turchin
              MCSE, MCP+I
              http://www.tngbbs.com
              ----------------------
              True Karate-do is this: that in daily life, one's mind and body be trained and developed in a spirit of humility; and that in critical times, one be devoted utterly to the cause of justice. -Gichin Funakoshi

              Comment


              • #8
                i just put it in a listview... can someone copy it using the api?

                scott -- http://www.powerbasic.com/support/pb...ad.php?t=22658
                sample #2

                if you want safety, you need even not to store in memory in open form.
                (about monitor simply forget).

                ------------------

                Comment

                Working...
                X