TechQA.

WTS LastInputTime

216 views Asked by At

i'm trying to retrive the difference between CurrentTime and LastInputTime and comparing it to another value. CurrentTime is updating correctly but LastInputTime is always a constant value, i dont know why sometimes is 0 , sometimes is other constant value . Any help ?

void localSessions()
{
    while (TRUE)
    {
        cout << "Risky local logon sessions :" << endl;
        DWORD pCount;
        PWTS_SESSION_INFO pSessionsInfo=new WTS_SESSION_INFO[MAX_SESSIONS];
        WTSEnumerateSessionsA(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pSessionsInfo, &pCount);
        DWORD bytes;
        for (auto it = 0; it < pCount; it++)
        {
            WTSINFOEX* ptr;
            if (pSessionsInfo[it].State == WTSActive)
            {
                INT ret = WTSQuerySessionInformationA(WTS_CURRENT_SERVER_HANDLE, pSessionsInfo[it].SessionId, WTSSessionInfoEx, (LPSTR*)&ptr, &bytes);
                if (ret != 0)
                {
                    INT ret = Gambit::OS::Environment::GetOSVersion();
                    INT unlocked = 0, unknown = 0;
                    LONGLONG last_input = ptr->Data.WTSInfoExLevel1.CurrentTime.QuadPart - ptr->Data.WTSInfoExLevel1.LastInputTime.QuadPart;
                    cout << last_input << endl;
                    HANDLE token;
                    WTSQueryUserToken(pSessionsInfo[it].SessionId, &token);
                    ImpersonateLoggedOnUser(token);
                    BOOL active;
                    SystemParametersInfo(SPI_GETSCREENSAVERRUNNING, 0, &active, 0);
                    RevertToSelf();
                    if (!(ret >= 16 && ret <= 19))
                    {
                        if ((ptr->Data.WTSInfoExLevel1.SessionFlags & WTS_SESSIONSTATE_UNLOCK) != 0)
                        {
                            unlocked = 1;
                        }
                    }
                    else if (ret >= 16 && ret <= 19)
                    {
                        if ((ptr->Data.WTSInfoExLevel1.SessionFlags & WTS_SESSIONSTATE_LOCK) != 0)
                        {
                            unlocked = 1;
                        }
                    }
                    if (unlocked == 1 && active == FALSE && last_input > 500000000000)
                    {
                        cout << "Winstation name : " << ptr->Data.WTSInfoExLevel1.WinStationName << endl;
                        cout << "UserName name : " << ptr->Data.WTSInfoExLevel1.UserName << endl;
                        cout << "Domain name : " << ptr->Data.WTSInfoExLevel1.DomainName << endl;
                    }

                    cout << endl;
                }
            }
        }
        cout << endl << endl;
        Sleep(1000);
    }
}
c++ winapi wtsapi32
Original Q&A
1

There are 1 answers

0
Rita Han On BEST ANSWER

LastInputTime is zero for a local session.

For a remote session, when there is no user input after last query of LastInputTime, it will keep unchanged. If there is a user input (like mouse move etc), LastInputTime will update to new time.

If you want to monitor local session user input time you can use GetLastInputInfo instead.

Related Questions in C++

Related Questions in WINAPI

Related Questions in WTSAPI32

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions