Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Detecting SendInput

Status
Not open for further replies.
Opieo

Opieo

Programmer
Jul 26, 2006
454
0
0
GB
I am making a little game application on the side. I intend for my program to use DirectInput.
I was wondering if there was any way to detect the difference between the input coming from the keyboard itself or if somebody is trying to fake input using the SendInput function.

Might anybody know if this is possible at all?

I have tried googling Detect SendInput and similar but have not found anything helpful for being able to tell the difference between real keyboard input, and somebody using a program somewhere to SendInput (I know of the exact SendInput function being available to at least Delphi, C#, C++, Python, and something similar for a couple other languages, it is a Windows function from my understanding).

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Sort by date Sort by votes
if I read this post correctly, I don't think you will ever tell the difference. Are you trying to stop bots?

/Daddy

-----------------------------------------------------
What You See Is What You Get
Never underestimate tha powah of tha google!
 
Upvote 0 Downvote
You probably want to investigate a low level keyboard hook, specifically WH_KEYBOARD_LL Hook. The lParam of this hook's callback function (LowLevelKeyboardProc) points to a KBDLLHOOKSTRUCT structure which contains an 8-bit flag. Bit 5 of this flag indicates whether the keyboard event is real or injected.
 
Upvote 0 Downvote
Yes my goal is to stop botting.
Strong, thank you for a nudge in that direction. I will look into it.

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Upvote 0 Downvote
Opie, my point is that there are a LOT of ways faking keyboard input some of them are easily detectable (like the keyboard hook), others not. If the hacker writes a low level filter for the keyboard driver, you'll never be able to detect that.

/Daddy

-----------------------------------------------------
What You See Is What You Get
Never underestimate tha powah of tha google!
 
Upvote 0 Downvote
They could also end up writing their own DLL and have the DLL send keyboard input. I was just wondering how much effort would be required to stop SendInput since it is so easily implemented. I know it is impossible to stop all methods. Just trying to cover some of the easier bases.

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Upvote 0 Downvote
Detecting it could be pretty easy depending on how far down one goes (and the trouble one is willing to go through).
After more extensive research, I have decided that it is not worth my time.
Basically I would need API hooks so far down that I would be at the rootkit level (without the rootkit activity).
See this link for the structure that contains a single bit to indicate whether it is legitimate or injected.
MSDN Article

There is also a program that does this kind of stuff, called GameGuard, and it causes problems with some other programs because it operates at this level.
I do not want that sort of reputation, and if people are really that determined, so be it.
I know that botting is impossible to stop to an extent. If people want to bot it, they will just be the ones missing out on the fun (that is if my game is as fun as I am hoping it will be).

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Upvote 0 Downvote
That link is to the structure I already advised you about
 
Upvote 0 Downvote
That it is.
And now there is a direct link to it.
Thank you for pointing me in the direction I needed to be pointed. My experience with API hooking is still very small, and mostly follows the high level hooking where I have borrowed code from others.
Thank you again guys.

~
“Your request is not unlike your lower intestine: stinky, and loaded with danger.” — Ace Ventura.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

PHH1955
  • Locked
  • Question
SendInput and VK_SHIFT using C++
Replies
0
Views
86
PHH1955
PHH1955
Adder
  • Locked
  • Question
Windows: Detecting User logoff / shutdown 1
Replies
1
Views
57
strongm
strongm
XPPROGRAMMER
  • Locked
  • Question
Detecting mouse location over a menu... 1
Replies
2
Views
57
XPPROGRAMMER
XPPROGRAMMER
drosten
  • Locked
  • Question
detecting a USB connection event
Replies
1
Views
45
AirCon
AirCon
solla
  • Locked
  • Question
Detecting whether mouse button is pressed 3
Replies
5
Views
78
GameDude
GameDude

Part and Inventory Search

Sponsor

Back
Top