1

I'm making a program that records all the keyboard actions, and stores this information into a log file (Keylogger). I just can't seem to find a good way of doing this.

What I have so far: A LowLevelKeyboardProc, The Virtual Key Code + the Scan Code of the Key being pressed.

What I would like: Using these codes, I will process and write information about the keyboard action being done. For invisible keys I would like the format: "[SHIFT], [ENTER], [ESC], etc. And for visible keys I would simply like their Ascii value (both Upper Case, and Lower Case), including if they enter: !@#$%,etc..

I have a few ideas, but I don't know how I could capture everything. I have the information, I just don't know how to process it efficiently.

casablanca
  • 69,683
  • 7
  • 133
  • 150
Logostic
  • 11
  • 4

2 Answers2

1

Refer to my post from here: Other Post

I've got example code for how to install a low-level keyboard hook and how to process the keystrokes.

Community
  • 1
  • 1
syllogism
  • 655
  • 1
  • 4
  • 12
0

Since you already have the hook working, all you need is a mapping from key codes to names for special keys. Just pre-populate an array of strings indexed by the key code:

const char *map[256];

map[VK_SHIFT] = "[SHIFT]";
map[VK_ENTER] = "[ENTER]";
...

Then in your hook function, check if the key is a printable character, if so, print it directly, otherwise lookup the name of the key and print that:

if (isprint(vkCode))
  yourFile << char(vkCode);
else
  yourFile << map[vkCode];
casablanca
  • 69,683
  • 7
  • 133
  • 150
  • "error: expected constructor, destructor, or type conversion before '=' token" on line "map[VK_SHIFT] = "[SHIFT]";". I'm missing something aren't I? – Logostic Feb 04 '11 at 23:04
  • @Logostic: Maybe the identifier `map` is conflicting with the `std::map` container. Try using a different name. – casablanca Feb 04 '11 at 23:20
  • I changed the name, same problem. – Logostic Feb 04 '11 at 23:26
  • @Logostic: It works fine for me. Where did you type in this code? – casablanca Feb 04 '11 at 23:54
  • I used it globally, and I tried adding "public" but that didn't work either. I don't want to write it in my hookproc because wouldn't it cause them to be declared every time? – Logostic Feb 05 '11 at 00:13
  • @Logostic: You can't initialize it at the global level. You can declare the map globally and initialize it once in `main` or elsewhere. – casablanca Feb 05 '11 at 01:40
  • Sorry for the late reply. It's working by the way. I just want to know a few things. What's the benefit of using "const char *map[256];" over a standard map from the class? Also, how would I be able to determine if a key exists in the "const char*" map? – Logostic Feb 16 '11 at 01:58
  • @Logostic: Oh, this `map` was just a name to indicate that the array maps indices to key names. `std::map` is a generic container to map any key to any value. The array just contains `char *` pointers, and since they're global, they're `NULL` by default -- I'm not sure what you mean by "key exists". – casablanca Feb 16 '11 at 03:31
  • Well I've reformulated my program, and when an invalid key is used in the map, the program closes. So I'm looking to make an if statement to determine if the key exists before entering the map. How would I be able to do this? – Logostic Feb 16 '11 at 16:07
  • Just check `if (map[i] != NULL)` – casablanca Feb 16 '11 at 17:42
  • if (map[p->vkCode] == NULL) { cout << "0";}else{cout << "1";} I'm getting 1 from some keys that aren't in my map. And it doesn't print anything if I try to print the value. – Logostic Feb 16 '11 at 22:01
  • @Logostic: You may have to zero out the array manually then -- loop through the array and set `map[i] = NULL` before you initialize your map. – casablanca Feb 16 '11 at 22:15
  • If I were to put all of this into my hookproc, wouldn't declaring the array and all of its contents be a burden since it would happen every time I pressed a keyboard button? Do you have any suggestions regarding efficiency? – Logostic Feb 17 '11 at 16:25
  • @Logostic: No, you need not put this into the hook procedure. You can make your map global and just initialize it once in your main function. – casablanca Feb 18 '11 at 00:07