Project 12: Automating Keypresses in Windows (10 Points + 15 pts. extra)

What You Need for This Project

Purpose

Learn how to control keystrokes sent to a browser with scripting. This is a very powerful technique to automate processes.

Getting AutoHotKey

AutoHotKey is a free utility that makes it easy to script keypresses.

In a browser, go to this URL:

http://ahkscript.org/download/

At the top of the page, click Installer.

Run the downloaded file. Click "Express Installation" and install the software with the default options.

When you see the "AutoHotKey Setup" box shown below, click "View the Tutorial".

Read through the first section, titled "Creating a script", as shown below. Follow the instructions to create a script that automatically opens Google.

Note: if you are using a virtual Windows machine in VMware Fusion, the Logo key won't work. Replace the # (Logo) with ^! (Ctrl+Alt) to run the script.

Skim the Tutorial

Read through the tutorial quickly, without memorizing anything or doing the examples. The point is to find out what AutoHotKey can do, and get a general idea what it's good for. When you are actually writing scripts, you will need to review sections of this tutorial.

This is a skill you should develop--using a new language. There are many languages, but they are all pretty much the same, with variables, loops, etc.

Using the Login Form With a Mouse

In Chrome, open this page:

http://attack.samsclass.info/p12a-form1.htm

First, use the mouse to click one radio button in each row, as shown below, and click Submit.

Unless you are very lucky, you will see an "Access Denied!" message. Click the Back button in your browser to return to the login page.

Notice that the buttons you clicked are still selected here. Click the Refresh button to clear them.

Using the Login Form With the Keyboard

In the "Project 12a: Form 1 (10 pts.) - Google Chrome" window, click the Refresh button.

On your keyboard, press the Tab key. In "Row 1", the "A" button is highlighted, as shown below.

On your keyboard, press the Tab key several more times. Watch to see that these items are highlighted, in this order:

Click Refresh and then press these keys, to log in using buttons C and 2: You see the Access Denied message shown below:

Our goal here is to write a script that will try all login combinations, and save the results.

So after each attempt, we need to issue keypresses that will save the source code of the results page, record which login attempt we made, and close the source code window.

We'll use the filename to records the login attempt: "32" (button 3 on first row, button 2 on second row).

To do those actions, press these keys:

Setting the Google Chrome Home Page and Startup Page

If it's not there, install Google Chrome in your Windows machine.

Open Chrome. Go to chrome://settings

In the "On startup" section, click the "Open the New Tab page" button, as shown below.

In the Appearance section, set your home page to attack.samsclass.info/p12a-form1.htm as shown below.

Close Chrome.

Finding the Path to Chrome

On your Windows desktop, click Start.

In the Search box, type in CHROME

In the results, right-cick "Google Chrome" and click Properties.

The "Target:" field shows the path to launch Chrome, as shown below. On my machine it was "C:\Users\student\AppData\Local\Google\Chrome\Application\chrome.exe".

Make a note of this path--you will need it in the script below.

Example Script

Here's the script I used. You may need to adjust the path to Chrome and the Sleep times for your system.
#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
; #Warn  ; Enable warnings to assist with detecting common errors.
SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
SetWorkingDir %A_ScriptDir%  ; Ensures a consistent starting directory.

; TO USE: 
; First delete all old "11", "12", etc. files from the Chrome default save directory
; Close Chrome
; Double-click the script icon
; Press Ctrl+Alt+1

^!1::
Run C:\Users\student\AppData\Local\Google\Chrome\Application\chrome.exe
WinWait New Tab - Google Chrome
WinActivate

row1 := 1
Loop 11
{
    row2 := 1
    Loop 9
    {    
        Send !{home}
        WinWait Project 12a: Form 1 (10 pts.) - Google Chrome
        WinActivate
        Send {tab}

        numright := row1 - 1
        Loop %numright%
        {
            Send {Right}
        }
        Send {space}

        Send {tab}
        numright := row2 - 1
        Loop %numright%
        {
            Send {Right}
        }
        Send {space}

        Send {Enter}
        Sleep 500
        Send ^u
        Sleep 500
        Send ^s
        Sleep 500

        Send %row1%
        Send %row2%
        Sleep 500
        Send {Enter}
        Sleep 500

        Send ^w
        row2 := row2 + 1
    }
    row1 := row1 + 1
}
When the script works, you should have a lot of files in a directory with names "11", "12", etc., as shown below.

Saving a Screen Image

Make sure your screen shows several of the files with numerical names, like 11 and 12.

Press the PrintScrn key in the upper-right portion of the keyboard. That will copy the whole desktop to the clipboard.

YOU MUST SUBMIT A FULL-SCREEN IMAGE TO GET FULL CREDIT!

Open Paint and paste in the image.

Save the image with the filename "Your Name Proj 12a". Use your real name, not the literal text "Your Name".

Finding the Winning Login

In this case, the "Congratulations!" page is larger than the "No Access" page, so all you need to do is sort the files by Size to find the winning page.

Double-click the largest pages one by one to find the winning page.

Note: When I did it, there were three files with abnormally large filesizes, caused by my script running too fast and saving the login page instead of the results page. If you don't find a real "Congratulations" page, you may have to slow down the script and run it again. To slow it down, change the Sleep times to larger values.

When you find the winning page, save a full-desktop image as shown below:

Saving a Screen Image

Make sure your screen shows the "Congratulations!" page.

Press the PrintScrn key in the upper-right portion of the keyboard. That will copy the whole desktop to the clipboard.

YOU MUST SUBMIT A FULL-SCREEN IMAGE TO GET FULL CREDIT!

Open Paint and paste in the image.

Save the image with the filename "Your Name Proj 12b". Use your real name, not the literal text "Your Name".

Challenge (+15 pts.)

Find the winning page for this form:

http://attack.samsclass.info/p12c-form2.htm

Save a full-screen image like this, with the filename "Your Name Proj 12c". Use your real name, not the literal text "Your Name". :

Turning in your Project

Email the images to cnit.124@gmail.com with the subject line: Proj 12 from YOUR NAME


Last Modified: 4-21-14 1:16 pm