文件名称:keyboardlogger
- 所属分类:
- 钩子与API截获
- 资源属性:
- [C/C++] [源码]
- 上传时间:
- 2012-11-26
- 文件大小:
- 61kb
- 下载次数:
- 0次
- 提 供 者:
- ithur******
- 相关连接:
- 无
- 下载说明:
- 别用迅雷下载,失败请重下,重下不扣分!
介绍说明--下载内容均来自于网络,请自行研究使用
inline hook 可以实现兼容PS/2键盘和USB键盘的Logge 源代码
键盘Logger是Hook 键盘类驱动Kbdclass的分发函数,在类驱动的下面是端口驱动。用DeviceTree 可以看到PS/2键盘的端口驱动是i8042prt,USB键盘的端口驱动是Kbdhid。无论是PS/2 键盘还是USB键盘,在端口驱动处理完IRP之后都会调用上层处理的回调函数,即KbdClass 处理输入数据的函数。Hook 这个回调函数,不但可以实现兼容PS/2 键盘和USB 键盘的Logger,而且比分层驱动的方法更加隐蔽。-inline hook can be achieved is compatible with PS/2 keyboard and USB keyboard Logge source code for the keyboard Hook Keyboard Logger is a class driver Kbdclass distribution function, the following is in the class-driven port driver. DeviceTree can be seen with the PS/2 keyboard port driver is i8042prt, USB keyboard port driver is Kbdhid. Both PS/2 keyboard or USB keyboard, processing the IRP in the port driver will be called after the callback function of the upper handle, that is KbdClass processing the input data function. Hook This callback function can be achieved not only compatible with PS/2 keyboard and USB keyboard Logger, and the score-driven approach is more hidden layers.
键盘Logger是Hook 键盘类驱动Kbdclass的分发函数,在类驱动的下面是端口驱动。用DeviceTree 可以看到PS/2键盘的端口驱动是i8042prt,USB键盘的端口驱动是Kbdhid。无论是PS/2 键盘还是USB键盘,在端口驱动处理完IRP之后都会调用上层处理的回调函数,即KbdClass 处理输入数据的函数。Hook 这个回调函数,不但可以实现兼容PS/2 键盘和USB 键盘的Logger,而且比分层驱动的方法更加隐蔽。-inline hook can be achieved is compatible with PS/2 keyboard and USB keyboard Logge source code for the keyboard Hook Keyboard Logger is a class driver Kbdclass distribution function, the following is in the class-driven port driver. DeviceTree can be seen with the PS/2 keyboard port driver is i8042prt, USB keyboard port driver is Kbdhid. Both PS/2 keyboard or USB keyboard, processing the IRP in the port driver will be called after the callback function of the upper handle, that is KbdClass processing the input data function. Hook This callback function can be achieved not only compatible with PS/2 keyboard and USB keyboard Logger, and the score-driven approach is more hidden layers.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
keyboardlogger
..............\dbghelp.h
..............\HookKey.c
..............\HookKey.h
..............\MAKEFILE
..............\ntifs.h
..............\scancode.h
..............\SOURCES
..............\struct.h
..............\sys
..............\...\i386
..............\...\....\HookKey.sys
..............\dbghelp.h
..............\HookKey.c
..............\HookKey.h
..............\MAKEFILE
..............\ntifs.h
..............\scancode.h
..............\SOURCES
..............\struct.h
..............\sys
..............\...\i386
..............\...\....\HookKey.sys