Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate

AutoHotkey As Keylogger Protection- Possible?


  • Please log in to reply
3 replies to this topic
Erastus
  • Guests
  • Last active:
  • Joined: --
Hello,

I play World of Warcraft, and am worried about my account being compromised by keyloggers. Then I thought of AutoHotKey, and the obvious question arose: could it help circumvent a keylogger.

For example, let's say my password is donthackme1.

If I make an autohotkey script like this
::password 3::donthackme1

Would that help circumvent the problem perhaps? I am hoping that most keyloggers can only detect what I actually input, not what autohotkey simulates. If that doesn't work, do you think a script that inputs the password in a different order might work. AKA, type dnt, left arrow and fill in the o, me, then left arrow twice and put in the hack, then go to the end and press 1.

Your thoughts are most appreciated!

Helpy
  • Guests
  • Last active:
  • Joined: --
You should instead find a good program to detect and remove keyloggers...

Lexikos
  • Administrators
  • 9391 posts
  • Last active:
  • Joined: 17 Oct 2006

AKA, type dnt, left arrow and fill in the o, me, then left arrow twice and put in the hack, then go to the end and press 1.

This would only help if the keylogger specifically logs keys that have displayable characters. It would be possible for it to log the arrow keys/home/end as well, in which case it could easily figure out what you typed.

I am hoping that most keyloggers can only detect what I actually input, not what autohotkey simulates.

Considering that other instances of AutoHotkey can detect both simulated and physical input, it most likely wouldn't help. For example, this hotstring:
::k::okay
generates these keypresses:
08  00E	i	d	0.05	Backspace      	
08  00E	i	u	0.00	Backspace      	
4F  018	i	d	0.00	O              	
4F  018	i	u	0.00	O              	
4B  025	i	d	0.00	K              	
4B  025	i	u	0.00	K              	
41  01E	i	d	0.00	A              	
41  01E	i	u	0.02	A              	
59  015	i	d	0.00	Y              	
59  015	i	u	0.00	Y              	
20  039	i	d	0.00	Space          	
20  039	i	u	0.00	Space
Open an AutoHotkey main window and click View -> Key history... or use the KeyHistory command from an AHK script. The script has to have the keyboard hook installed for it to work (see KeyHistory.)

You should instead find a good program to detect and remove keyloggers...

I agree with Helpy.

Erastus
  • Guests
  • Last active:
  • Joined: --
Thanks for the replies!

1. I suppose that alternatively, I could have the mouse move and click to insert the password. The basic idea that I heard is that some actions cannot be recorded by the keylogger.

2. Clearly prevention is better than a roundabout cure. That said, we don't always know when we get a keylogger. This would be a simple layer of extra protection. (Just FYI, I run Semantec anti-virus, Spybot S&D, and firefox NoScripts. I have decent protection, but I figure an extra layer can't hurt.)

Thanks