Download Source Code
Download Demo Project
Note: I intend to make another version, and beside removing bugs
and making current code more reliable, I also want to add new features. What
features would you like to see in a Keylogger or how could this program be
extended? (Please email me at one of the email addresses at the end of the
article)
Introduction
This program is capable of capturing any keys at any time. This program can
also be customised to preferences. I have created a user interface where you can
change options and settings. I have also included a function, where you can
block any keys/key combinations pressed.
Using the code
All the keyboard logging/blocking related code is in a module called
Keyboard.vb. When you first start the program you might be given an error which
says that "Block.txt" is in use or it cannot find "Settings.Set", ignore them
and the next time you start the program it should be fixed. In order
to see the user interface, you will need to press F12 to exit stealth
mode then double-click on the notify icon that appears in the Notification Area
(System Tray).
Functions
Below is a list of impotant functions and how they are used
IsHooked - Blocking Keys
(- Public Function IsHooked(ByRef Hookstruct As KBDLLHOOKSTRUCT) As
Boolean -)
This function is used to block the key/key combination that has been
pressed, to block a key all you have to do is put in 'Return True' :
Public Function IsHooked(ByRef Hookstruct As KBDLLHOOKSTRUCT) As Boolean
Return True
End Sub
However, this would block any key that is pressed so in order to just block
the specified keys you should use Hookstruct.vkcode and the GetAsyncKeyState()
function:
Public Function IsHooked(ByRef Hookstruct As KBDLLHOOKSTRUCT) As Boolean
If Hookstruct.vkcode = 13 Then
Return True
End If
Return False
End Sub
This would block the 'Enter' Key as the keycode for the enter key is 13.
Instead of 13, Keys.Enter or VK_ENTER could also be used: Hookstruct.vkcode = 13
> Hookstruct.vkcode = Keys.Enter OR Hookstruct.vkcode = VK_ENTER
To block key combinations the GetAsyncKeyState() function should be used:
Public Function IsHooked(ByRef Hookstruct As KBDLLHOOKSTRUCT) As Boolean
If GetAsyncKeyState(VK_MENU) and Hookstruct.vkcode = VK_TAB Then
Return True
End If
Return False
End Sub
This would block the key combination ALT + TAB. It first checks too see if
the ALT key is down, then it checks too see if the TAB has been pressed. This
also means that the Keys ALT and TAB can still be used, but not
together.
HookKeyboard & KeyboardCallback - Logging Keys
(- Public Sub HookKeyboard() -)
(- Public Function
KeyboardCallback(ByVal Code As Integer, _
ByVal wParam As Integer, _
ByRef lParam As
KBDLLHOOKSTRUCT) As Integer -)
These two functions are used in logging every key pressed, first HookKeyboard
is called from the load event in the main form (Form1.vb) and through a
timer, this then 'Hooks' the keyboard and enables the program to log every key
pressed. It does this by first retrieving every key pressed before the system
does. HookKeyboard then calls KeyboardCallback which determines which key has
been pressed. The variable wParam is used to check if any key has been pressed
at all:
If wParam = WM_KEYDOWN Then
Once we know that a key has been pressed we have to determine which key it
was. This part is easy:
keycode = lParam.vkCode
lParam.vkCode contains the keycode for the key that has been pressed.
In my program, I have used these functions to gather all the keys pressed
then write it to a Log File when the user has switched programs:
GetForegroundWindow, GetWindowTextLength, GetWindowText - Logging Keys
(- Private Declare Function GetWindowText Lib "user32" Alias
"GetWindowTextA" (ByVal hwnd As Integer, ByVal lpString As String, ByVal cch As
Integer) As Integer -)
(- Private Declare Function GetWindowTextLength Lib
"user32" Alias "GetWindowTextLengthA" (ByVal hwnd As Integer) As Integer
-)
(- Private Declare Function GetForegroundWindow Lib "user32" () As Integer
-)
In Timer1 I have used these functions to get the program titles that the user
has active. The timer builds up a list of Keys (KeysList) that has been pressed,
and when the user switches to another program it writes the program title and
the keys into the Log file.
If title <> last And last <> "" Then
writekeys()
End If
It records the windows titles into a variable and checks it agaisnt the new
window title, if they are the same the user has still got the same program
activated, if they are different the user has switched windows and the keys are
written into the Log File.
CreateDefaultSI - Settings
(- Public Function CreateDefaultSI() -)
This is a more simple function which is called if the settings file cannot be
found and is corrupt. It deletes the old settings file (if any) then replaces it
with a new one with the default settings.
Most functions have not been reviewed in this article and I have just
covered the main ones, if you have any questions or need help concerning the
code email me at one of the emails listed at the end of this article.
This program was created by Pedram Emrouznejad (p3pedram@hotmail.com, pthree2004@aol.com, pedramscomputer3@aol.com)
Please
read the Read Me file (Read Me!!!.txt) (It Explains a lot of stuff)This program
is not intended for malicious activities. Use this program at your own
risk!
Please retain all credits and give a reference to me and my email when
using this code.
). This is also where you start to understand the breadth of your knowledge because you only see a few specs of land far off in the distance in the ocean of knowledge.
!
In regard to your post:
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Rant 
Admin