Click here to Skip to main content
Search within:



Next

How to log keyboard inputs in Keyboard Input Filter Driver (kbfiltr)
Sign Up to vote bad
good
See more: C++WindowskeyloggerKernel
I am trying to store all the keyboard inputs being monitored using the kbfiltr driver (given in the Windows Driver Kit). At present, I can only create a text file using the ZwCreateFile routine, inside the DriverEntry routine; but I cannot write any information to file inside the KbFilter_ServiceCallback function. Please help me as to how I can save the intercepted keyboard packets in the log file.
Posted 11 Nov '12 - 22:24
muneeb131434
Add a Solution


1 solution

I did it differently, but you can give it a try,
KbFilter_IsrHook(
    PDEVICE_OBJECT         DeviceObject,               
    PKEYBOARD_INPUT_DATA   CurrentInput, 
    POUTPUT_PACKET         CurrentOutput,
    UCHAR                  StatusByte,
    PUCHAR                 DataByte,
    PBOOLEAN               ContinueProcessing,
    PKEYBOARD_SCAN_STATE   ScanState
    )
*DataByte gives you the actual intercepted keyboard value. You can create a buffer and add to it in a DPCforISR. Once in a while you can have IOCTL call from your application and write it to file.
  Permalink  
Posted 23 Nov '12 - 20:02
Dharmateja Challa1.8K
Edited 23 Nov '12 - 20:34
André Kraak50.9K
v3
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Your Filters
Interested
Ignored
     
0 OriginalGriff 233
1 Sergey Alexandrovich Kryukov 208
2 Rohan Leuva 195
3 Abhinav S 168
4 Mahesh Bailwal 165
0 Sergey Alexandrovich Kryukov 8,474
1 OriginalGriff 6,714
2 CPallini 3,603
3 Rohan Leuva 2,853
4 Maciej Los 2,234


Advertise | Privacy | Mobile
Web03 | 2.6.130516.1 | Last Updated 24 Nov 2012
Copyright © CodeProject, 1999-2013
All Rights Reserved. Terms of Use
Layout: fixed | fluid