• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1160
  • Last Modified:

How to emulate a CTRL+ALT+DEL Sequence (secure attention sequence)

I am writing a Windows NT service that needs to popup the standard “user logon” dialog box.

I know in advance that the workstation is locked. The basic idea is to emulate a “secure attention sequence”, i.e. CTRL+ALT+DEL. The user will be responsible for fill the login credentials. I would like to know, for example, if I can call a function on Winlogon.exe , or the standard Gina (msgina.dll) , for example.

The premises are:

1.      I can’t replace the GINA
2.      I need a code that works inside a service (I am using Microsoft Visual C++).

  • 2
  • 2
1 Solution
The whole idea of Ctrl+Alt+Del to bring up the login is to *prevent* programmatically opening the login dialog. Of course, anything is possible.
Have you tried keybd_event?

// Press the three keys down
keybd_event(VK_CONTROL, MapVirtualKey(VK_CONTROL, 0), 0, 0);
keybd_event(VK_MENU, MapVirtualKey(VK_MENU, 0), 0, 0);
keybd_event(VK_DELETE, MapVirtualKey(VK_DELETE, 0), 0, 0);

// Release the keys
keybd_event(VK_CONTROL, MapVirtualKey(VK_CONTROL, 0), KEYEVENTF_KEYUP, 0);
keybd_event(VK_MENU, MapVirtualKey(VK_MENU, 0), KEYEVENTF_KEYUP, 0);
keybd_event(VK_DELETE, MapVirtualKey(VK_DELETE, 0), KEYEVENTF_KEYUP, 0);

I don't have any service source code handy to test it, but it should work. The docs for keybd_event say that the keyboard *driver* calls this to inject input, so it may work.

I feel bad to state the same again as in your very Q in the C++ area, but: The logon desktop is secured quite "heavily". You cannot use any of the above functions successfully without gaining access to that very desktop. and, that is not possible.
Actually, there is a solution that I posted at http:Q_21095286.html

// Static routine used to fool Winlogon into thinking CtrlAltDel was pressed

void *
SimulateCtrlAltDelThreadFn(void *context)
     HDESK old_desktop = GetThreadDesktop(GetCurrentThreadId());

     // Switch into the Winlogon desktop
     if (!vncService::SelectDesktop("Winlogon"))
          vnclog.Print(LL_INTERR, VNCLOG("failed to select logon desktop\n"));
          return FALSE;

     vnclog.Print(LL_ALL, VNCLOG("generating ctrl-alt-del\n"));

     // Fake a hotkey event to any windows we find there.... :(
     // Winlogon uses hotkeys to trap Ctrl-Alt-Del...

     // Switch back to our original desktop
     if (old_desktop != NULL)

     return NULL;

ant the related USENET posting at http://groups.google.com/groups?lr=&ie=UTF-8&selm=3F9D5000.303%40davebsoft.com

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now