Key Logger This article is about how to log keystrokes. There is an article on this topic, “Hooking the Keyboard,” already on CodeGuru. Regarding that key logger, it is a system-wide hook. But, that article is a little bit old, and says that if we need to install a system-wide hook, we have to make […]
CodeGuru content and product recommendations are
editorially independent. We may make money when you click on links
to our partners.
Learn More
Key Logger
This article is about how to log keystrokes. There is an article on this topic, “Hooking the Keyboard,” already on CodeGuru.
Regarding that key logger, it is a system-wide hook. But, that article is a little bit old, and says that if we need to install a system-wide hook, we have to make it in a shared DLL, but that it will divide our code into some pieces and it will be difficult to hide it in the system.
Windows 2000 onwards provides system-wide, low-level hooks. By using these hooks, we can have a system-wide hook in a single program/project. We can use this functionality to set a system-wide hook.
HHOOK
SetWindowsHookEx
(int idHook, HOOKPROC lpfn, HINSTANCE hMod, DWORD dwThreadId);
idHook is the hook ID for which we want to hook. Windows supports the following hooks:
- WH_CALLWNDPROC
- WH_CALLWNDPROCRET
- WH_CBT
- WH_DEBUG
- WH_FOREGROUNDIDLE
- WH_GETMESSAGE
- WH_JOURNALPLAYBACK
- WH_JOURNALRECORD
- WH_KEYBOARD
- WH_KEYBOARD_LL
- WH_MOUSE
- WH_MOUSE_LL
- WH_MSGFILTER
- WH_SHELL
- WH_SYSMSGFILTER
The lpfn parameter is a function pointer to a callback function that we want to invoke after getting the event.
hMod is the handle of the current application. It is different from the window handle; it can be retrieved by calling the AfxGetInstanceHandle function of MFC.
dwThreadId,
This specifies the identifier of the thread with which the hook procedure is to be associated. If this parameter is zero, the hook procedure is associated with all existing threads running in the same desktop as the calling thread.
I am enclosing a running example for hooking the keyboard.
