Keystroke Logging

Key Logger

This article is about how to log keystrokes. There is an article on this topic, "Hooking the Keyboard," already on CodeGuru.

Regarding that key logger, it is a system-wide hook. But, that article is a little bit old, and says that if we need to install a system-wide hook, we have to make it in a shared DLL, but that it will divide our code into some pieces and it will be difficult to hide it in the system.

Windows 2000 onwards provides system-wide, low-level hooks. By using these hooks, we can have a system-wide hook in a single program/project. We can use this functionality to set a system-wide hook.

HHOOK
SetWindowsHookEx
(int idHook, HOOKPROC lpfn, HINSTANCE hMod, DWORD dwThreadId);

idHook is the hook ID for which we want to hook. Windows supports the following hooks:

  • WH_CALLWNDPROC
  • WH_CALLWNDPROCRET
  • WH_CBT
  • WH_DEBUG
  • WH_FOREGROUNDIDLE
  • WH_GETMESSAGE
  • WH_JOURNALPLAYBACK
  • WH_JOURNALRECORD
  • WH_KEYBOARD
  • WH_KEYBOARD_LL
  • WH_MOUSE
  • WH_MOUSE_LL
  • WH_MSGFILTER
  • WH_SHELL
  • WH_SYSMSGFILTER

The lpfn parameter is a function pointer to a callback function that we want to invoke after getting the event.

hMod is the handle of the current application. It is different from the window handle; it can be retrieved by calling the AfxGetInstanceHandle function of MFC.

dwThreadId,

This specifies the identifier of the thread with which the hook procedure is to be associated. If this parameter is zero, the hook procedure is associated with all existing threads running in the same desktop as the calling thread.

I am enclosing a running example for hooking the keyboard.



About the Author

Pradeep Kumar Paijwar

Working as Senior Software Engineer in India Need something, Get it here Things chang over time, Now I work on mobile devices Symbian/J2ME/Windows Mobile/BREW/Android/IPhone

  • Experise in C,C++,
  • SNMP,TCP/IP,
  • Socket Programming.
  • Embeded Systems
  • Experience on Solaris,Linux,Windows
  • Symbian OS.

    Hands on Experience of

  • Visual Studio
  • Rational ClearCase
  • Perforce

Comments

  • nice

    Posted by acc on 07/25/2013 12:11am

    Many parents nowadays are concerning about children’s online safety, for the Internet bullying is lurking on the Internet and children are always the targets. Monitoring children doesn’t mean parents break in children’s private space or snoop their personal secrets, proper children computer monitoring can ensure the children’s online safety and parents can take actions to prevent their children from being hurt in time.

    Reply
  • Cheap Oakley Frogskins no tax worldwide

    Posted by trkhgxnrf on 06/27/2013 03:50pm

    CHEap OaklEyS ,Oakley sunglasses, Jim started at $ 300, with better manufacturing performance, look more beautiful simple beliefs create. It's not vital for you, should you only here is a relaxed wearer howevere, Oakley asserted this is really good. ray ban outlet ,Lance Armstrong Lance Armstrong is one of the world's most famous cyclist, his legendary status has become away from the fashion or genius might be described. Oakley, Sunglasses delicious selection of rich colors, from chocolate to berry, flat every complexion and hair color to take a position. Cheap Oakley Radar ,Oakley sunglasses aren't just stop the sun, even so the other hit the decorative surface. The trendy appearance and fashion style, it will likely be your good option. Why Oakley could turn into professional some of the athletes preferred choice, the brand would be the primary objective from the knife edge of this marketplace at present wearer Kun pounds copy of the safety and eye safety. Oakley's tone is a simple gadget, 1 of three consider About Oakley tone a selected is valid, usually is UV safe. At the lake or sailing: you'll find an overall building or housing to block the sun's rays or perhaps the sky, few individuals are up against a single, and through the reflection of diffuse radiation as well as the water inside entire sky. As there are a large number of types of glasses, you will be sure to become a little thing, and relates to any person's spouse and children. Oakley may be worth a purchase of all said and done, the people's lifestyle, sports or polarized sunglasses will get the best product manufacturers with this. Oakley sunglasses is the unique one permits you to change a glasses, this is from the early 1980s, giving you a chance to employ a history of the resurrection of the original tool. The standards to contemplate glasses UV400 Neiaokeli sun to regularly, it guaranteed, carefully selected, along with previous experiments, it is to offer substitute for the supplier's supplier Oakley sunglasses. The rise in personal as part of your clothing line, so you feel comfortable clothing and accessories, good deal point as well as simple supply through the interest on fashionable women's equipment and ladies, the trend of clothing is crucial. Purchase the ideal company can be sure of top quality and solid guarantee scheme, are unable to simply mention how much interest and welcome jealous eyes.

    Reply
  • Would you mind sharing the source code?

    Posted by greenhand on 04/21/2006 09:26pm

    Hello Pradeep, I am just a beginner starting to 'hook'. With a lot of references, both online and books, I still can't get SetWindowsHookEx to work as your program does. Could you share the source code?? or just a bit more tips. greenhand

    Reply
  • How can execute plogit without ask me the path of a file?

    Posted by ronalquin on 08/12/2005 10:17am

    How can execute plogit without ask me the full path and filename?

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Live Event Date: September 10, 2014 @ 11:00 a.m. ET / 8:00 a.m. PT Modern mobile applications connect systems-of-engagement (mobile apps) with systems-of-record (traditional IT) to deliver new and innovative business value. But the lifecycle for development of mobile apps is also new and different. Emerging trends in mobile development call for faster delivery of incremental features, coupled with feedback from the users of the app "in the wild". This loop of continuous delivery and continuous feedback is …

  • As mobile devices have pushed their way into the enterprise, they have brought cloud apps along with them. This app explosion means account passwords are multiplying, which exposes corporate data and leads to help desk calls from frustrated users. This paper will discover how IT can improve user productivity, gain visibility and control over SaaS and mobile apps, and stop password sprawl. Download this white paper to learn: How you can leverage your existing AD to manage app access. Key capabilities to …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds