设计背景

Win系统带有API可以获取键入值,本小程序主要应用了一个网上广为流传的类,可以说一个测试DEMO。有俗称为键盘钩子

设计思路

使用Win API获取建入值

相关技术

Win API

功能

开启记录,记录每个键盘键入值,最终可以导出

主要类

    class globalKeyboardHook

    {

        #region Constant, Structure and Delegate Definitions

        /// <summary>

        /// defines the callback type for the hook

        /// </summary>

        public delegate int keyboardHookProc(int code, int wParam, ref keyboardHookStruct lParam);

        public struct keyboardHookStruct

        {

            public int vkCode;

            public int scanCode;

            public int flags;

            public int time;

            public int dwExtraInfo;

        }

        const int WH_KEYBOARD_LL = 13;

        const int WM_KEYDOWN = 0x100;

        const int WM_KEYUP = 0x101;

        const int WM_SYSKEYDOWN = 0x104;

        const int WM_SYSKEYUP = 0x105;

        #endregion

        #region Instance Variables

        /// <summary>

        /// The collections of keys to watch for

        /// </summary>

        //public List<Keys> HookedKeys = new List<Keys>();

        /// <summary>

        /// Handle to the hook, need this to unhook and call the next hook

        /// </summary>

        IntPtr hhook = IntPtr.Zero;

        #endregion

        #region Events

        /// <summary>

        /// Occurs when one of the hooked keys is pressed

        /// </summary>

        public event KeyEventHandler KeyDown;

        /// <summary>

        /// Occurs when one of the hooked keys is released

        /// </summary>

        public event KeyEventHandler KeyUp;

        #endregion

        #region Constructors and Destructors

        /// <summary>

        /// Initializes a new instance of the <see cref="globalKeyboardHook"/> class and installs the keyboard hook.

        /// </summary>

        public globalKeyboardHook()

        {

            hook();

        }

        /// <summary>

        /// Releases unmanaged resources and performs other cleanup operations before the

        /// <see cref="globalKeyboardHook"/> is reclaimed by garbage collection and uninstalls the keyboard hook.

        /// </summary>

        ~globalKeyboardHook()

        {

            unhook();

        }

        #endregion

        #region Public Methods

        /// <summary>

        /// Installs the global hook

        /// </summary>

        public void hook()

        {

            IntPtr hInstance = LoadLibrary("User32");

            hhook = SetWindowsHookEx(WH_KEYBOARD_LL, hookProc, hInstance, 0);

        }

        /// <summary>

        /// Uninstalls the global hook

        /// </summary>

        public void unhook()

        {

            UnhookWindowsHookEx(hhook);

        }

        /// <summary>

        /// The callback for the keyboard hook

        /// </summary>

        /// <param name="code">The hook code, if it isn't >= 0, the function shouldn't do anyting</param>

        /// <param name="wParam">The event type</param>

        /// <param name="lParam">The keyhook event information</param>

        /// <returns></returns>

        public int hookProc(int code, int wParam, ref keyboardHookStruct lParam)

        {

            if (code >= 0)

            {

                Keys key = (Keys)lParam.vkCode;

                //if (HookedKeys.Contains(key))

                //{

                    KeyEventArgs kea = new KeyEventArgs(key);

                    if ((wParam == WM_KEYDOWN || wParam == WM_SYSKEYDOWN) && (KeyDown != null))

                    {

                        KeyDown(this, kea);

                    }

                    else if ((wParam == WM_KEYUP || wParam == WM_SYSKEYUP) && (KeyUp != null))

                    {

                        KeyUp(this, kea);

                    }

                    if (kea.Handled)

                        return 1;

                //}

            }

            return CallNextHookEx(hhook, code, wParam, ref lParam);

        }

        #endregion

        #region DLL imports

        /// <summary>

        /// Sets the windows hook, do the desired event, one of hInstance or threadId must be non-null

        /// </summary>

        /// <param name="idHook">The id of the event you want to hook</param>

        /// <param name="callback">The callback.</param>

        /// <param name="hInstance">The handle you want to attach the event to, can be null</param>

        /// <param name="threadId">The thread you want to attach the event to, can be null</param>

        /// <returns>a handle to the desired hook</returns>

        [DllImport("user32.dll")]

        static extern IntPtr SetWindowsHookEx(int idHook, keyboardHookProc callback, IntPtr hInstance, uint threadId);

        /// <summary>

        /// Unhooks the windows hook.

        /// </summary>

        /// <param name="hInstance">The hook handle that was returned from SetWindowsHookEx</param>

        /// <returns>True if successful, false otherwise</returns>

        [DllImport("user32.dll")]

        static extern bool UnhookWindowsHookEx(IntPtr hInstance);

        /// <summary>

        /// Calls the next hook.

        /// </summary>

        /// <param name="idHook">The hook id</param>

        /// <param name="nCode">The hook code</param>

        /// <param name="wParam">The wparam.</param>

        /// <param name="lParam">The lparam.</param>

        /// <returns></returns>

        [DllImport("user32.dll")]

        static extern int CallNextHookEx(IntPtr idHook, int nCode, int wParam, ref keyboardHookStruct lParam);

        /// <summary>

        /// Loads the library.

        /// </summary>

        /// <param name="lpFileName">Name of the library</param>

        /// <returns>A handle to the library</returns>

        [DllImport("kernel32.dll")]

        static extern IntPtr LoadLibrary(string lpFileName);

        #endregion

    }

GitHub

.NET-App/KeyboardRecord/

C# 键盘记录器的更多相关文章

  1. 警惕USB键盘记录器

    最近媒体报道了一种新型的能记录账号.密码输入的“USB键盘记录器”,引发网友关注,该设备看上去和普通U盘没什么区别,将其插入电脑USB接口,然后把键盘线和它连接,该设备就能够自动记录用户在电脑上输入的 ...

  2. wpf键盘记录器

    很简单的一个wpf键盘记录器 这个程序我一样用了全局勾子,之前用的都是winform上运行了,前一段时间 在国外的论坛上逛看到了一个wpf能用的就做了一个小程序记录一下,为了方便大家直关的看我在页面上 ...

  3. 小白日记48:kali渗透测试之Web渗透-XSS(二)-漏洞利用-键盘记录器,xsser

    XSS 原则上:只要XSS漏洞存在,可以编写任何功能的js脚本 [反射型漏洞利用] 键盘记录器:被记录下的数据会发送到攻击者指定的URL地址上 服务器:kali 客户端 启动apache2服务:ser ...

  4. [C语言(VC)] 打造自己的键盘记录器 (zaroty)

    说起键盘记录,想必很多朋友都用过网上流传的一些键盘记录软件吧,但是有没有想过自己写一个呢?也许你会想:会不会很复杂啊?我可以很负责的告诉你,写键盘记录是很简单的.你所需要的仅仅是懂得一些C语言的DLL ...

  5. 安全之路 —— 使用Windows全局钩子打造键盘记录器

    简介 键盘记录功能一直是木马等恶意软件窥探用户隐私的标配,那么这个功能是怎么实现的呢?在Ring3级下,微软就为我们内置了一个Hook窗口消息的API,也就是SetWindowsHookEx函数,这个 ...

  6. 6.文件所有权和权限----免费设置匿名----Windows键盘记录器----简介和python模块

    文件所有权和权限 touch --help cd Desktop mkdir Folder cd Folder clear touch Test1 Test2 Test3 Test4 ls ls -l ...

  7. 使用Windows全局钩子打造键盘记录器

    简介 键盘记录功能一直是木马等恶意软件窥探用户隐私的标配,那么这个功能是怎么实现的呢?在Ring3级下,微软就为我们内置了一个Hook窗口消息的API,也就是SetWindowsHookEx函数,这个 ...

  8. [Assembly]汇编编写简易键盘记录器

    环境:Windows xp sp3工具:masmnotepad++ 首先列出本次编程程序要执行的步骤:(1).读取键盘所输入的字符(2).输出到屏幕上(3).完善Esc.Backspace.空格.回车 ...

  9. Arduino UNO 键盘记录器中时钟接到2口或3口,其它接口不行。马上就要放弃了。要修改例子中时钟的引脚。

随机推荐

  1. 接口自动化学习--mock

    好久没有写学习的总结,都正月十二了,但还是要来个新年快乐鸭. 一直都在看imooc的一套java接口自动化实战课程,现在看到了尾部了,然后想到之前那些testng,mock,httpclient等都没 ...

  2. LINUX系统下跑分测试脚本:unixbench.sh

    linux 系统跑分测试脚本:     一.下载脚本:        wget http://teddysun.com/wp-content/uploads/unixbench.sh 二.更改权限:  ...

  3. 【RabbitMQ】三种Exchange模式——订阅、路由、通配符模式

    https://blog.csdn.net/ww130929/article/details/72842234

  4. react-native初体验(1) — hello world

    没有简介,直接开始干活吧. 默认阅读本文的你已经安装好 nodejs, windows用户需要升级yarn到最新版本. 并且设置安装源为国内的淘宝源: npm config set registry ...

  5. c语言数字图像处理(五):空间滤波

    空间滤波原理 使用大小为m*n的滤波器对大小为M*N的图像进行线性空间滤波,将滤波器模板乘以图像中对应灰度值,相加得模板中心灰度值 a = (m-1)/2, b = (n-1)/2 若f(x+s, y ...

  6. [Unity Shader] 逐顶点光照和逐片元漫反射光照

    书中的6.4节讲的是漫反射的逐顶点光照和逐片元光照. 前一种算法是根据漫反射公式计算顶点颜色(顶点着色器),对颜色插值(光栅化过程)返回每个像素的颜色值(片元着色器). 第二种算法是获得顶点的法线(顶 ...

  7. 离线人脸识别 ArcFaceSharp -- ArcFace 2.0 SDK C#封装库分享

    ArcFaceSharp ArcFaceSharp 是ArcSoft 虹软 ArcFace 2.0 SDK 的一个 C# 封装库,为方便进行 C# 开发而封装.欢迎 Start & Fork. ...

  8. Playfair加密

    前面讲的不管是单码加密还是多码加密都属于单图加密,什么是单图加密和多图加密呢,简单来说单图加密就是一个字母加密一个字母,而多图加密就是一个字符组加密一个字符组.比如双图加密就是两个字母加密两个字母,这 ...

  9. 快速删除docker中的容器

    http://blog.csdn.net/cmzsteven/article/details/49230363

  10. LeetCode 461. Hamming Distance (C++)

    题目: The Hamming distance between two integers is the number of positions at which the corresponding ...