GithubHelp home page GithubHelp logo

hotkeyz's Introduction

Hotkey-based keylogger for Windows

So, I saw a bunch of articles specifying different methods for keylogging (such as this) and I never found one that I used internally in the past.
I thought this could be a nice opportunity to share a (not so) novel keylogging technique, based on Hotkeys! Hotkeyz

What are hotkeys?

I decided to use the RegisterHotKey WinAPI to register "hotkeys" for all across the keyboard.
The huge advantage is that these are system-wide hotkeys, i.e. you get to intercept them, even before they are sent to any thread message pump.
Basically, you supply the following arguments:

  • The window - I use NULL since I didn't want to create my own Window. This means the registers keys are going to be associated with my thread.
  • A unique identifier of type int.
  • Modifiers (e.g. whether SHIFT is pressed). I didn't use any modifiers but you can intercept more stuff that way if you so choose.
  • The Virtual Key code to register.

The only obstacle I had was that RegisterHotKey works too well - messages are not being sent to the intended Window!
To solve that problem, I perform the ol' switcheroo:

  • Receiving hotkeys (by intercepting WM_HOTKEY messages).
  • Unregistering the relevant hotkey. For that I need a quick mapping between the Virtual Key code and the ID I registered the hotkey with, which is quite easy to accomplish with an array.
  • Using the keybd_event WinAPI to simulate a keypress.
  • Re-registering the hotkey again by calling RegisterHotKey one more time.

While I'd never put this in "production code", the rate of typing makes it barely noticable, so this works well.

The other thing I had to take care of is not blocking - I intend on keylogging for a user-defined amount of milliseconds, so I use the PeekMessage WinAPI to not block - I do poll if there are no messages to be processed. Note that I have to perform it from my own thread since the WM_HOTKEY Window Messages are going to only arrive to my thread message queue, as stated in MSDN.

The code

I ended up coding a single file Hotkeyz.c, but I uploaded the Visual Studio 2019 project here.
You can easily re-implement in PowerShell or compile it as a DLL instead of an executable. However, I bear no responsibility on how this is going to be used.

Stay tuned,

Jonathan Bar Or

hotkeyz's People

Contributors

yo-yo-yo-jbo avatar

Stargazers

Nicolas Vincent avatar avatar avatar rn0ch4 avatar souhail avatar avatar bopin avatar

Watchers

avatar

Forkers

ratandc2-features

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.