Compartilhar via

StickyKeys

  • Artigo

Many universities have student kiosks spread around the campus to allow students to accomplish important tasks like deposit money in an account for purchasing meals and making hotel reservations (see image) for Mom’s visit. Problem is that kids these days, well they know how to use their computers (better than you and me and the whole XPe team combined) and they know about things like StickyKeys. StickyKeys is an accessibility feature for people with disabilities; this feature allows a user to press a modifier key (e.g. Shift, Ctrl, Alt) in sequence instead of simultaneously.

One way to enable (and disable) StickyKeys is via the “shortcut” of pressing the Shift key five times. As you can see in the photo, the shortcut also gives a student access to the Start menu which is not necessarily a good thing (notice the Shutdown button the Start menu).

The XPe component that owns the registry key for StickyKeys (HKEY_CURRENT_USER\CONTROL PANEL\ACCESSIBILITY\STICKYKEYS\FLAGS) is “Accessibility Control Panel.” The default value for this registry key is 510 (0x1FE); turning off the shortcut changes the value to 506 (0x1FA). Disabling the shortcut is only half of what you should do. Providing another method (i.e. programmatically) of enabling or disabling StickyKeys is the other half because, clearly, people with disabilities also need to use kiosks.

- Jim

Comments

  • Anonymous
    July 30, 2007
    PingBack from http://darrentwiss.com/blog/?p=18

  • Anonymous
    August 23, 2007
    The comment has been removed

  • Anonymous
    August 15, 2008
    [photo found on sirbrett84 's flickr page] Ah yes, from the pic above you can see that the age old issue

  • Anonymous
    May 25, 2009
    Oh yes, ive hacked many Kiosks using that method. The job sign up kiosk at Food 4 Less ran Windows XPe and in about 3 minutes I made it to the System32 folder using the sticky keys method. I was able to run commands as an administrator on that Kiosk but luckily for F4L im not a malacious hacker lol I just do it for fun then I put it back to normal. Btw the blog writer is right about kids knowing about computers...im 14 years old and ive found vunerabilities in Windows based kiosks in almost every store I walk into. Ive hacked kiosks running Windows CE, Windows XP, and Windows 2000.