VisualC++信息安全编程(6)穿透卡巴斯基的键盘记录编程-网络战技术
在国家之间的网络战争中,窃取密码是个很重要的事情。而密码往往是键盘输入的。利用原始设备输入变化RawInput 实现键盘记录,并穿透最牛的杀毒软件卡巴斯基。
引用外国人的原始设备输入变化的类。请柬代码与详细注解。
#ifndef _RAWINPUT_H
#define _RAWINPUT_H
#include <windows.h>
/*
* The input is in the regular message flow,
* the app is required to call DefWindowProc
* so that the system can perform clean ups.
*/
#define RIM_INPUT 0
/*
* The input is sink only. The app is expected
* to behave nicely.
*/
#define RIM_INPUTSINK 1
/*
* Raw Input data header
*/
typedef struct tagRAWINPUTHEADER {
DWORD dwType;
DWORD dwSize;
HANDLE hDevice;
WPARAM wParam;
} RAWINPUTHEADER, *PRAWINPUTHEADER, *LPRAWINPUTHEADER;
/*
* Type of the raw input
*/
#define RIM_TYPEMOUSE 0
#define RIM_TYPEKEYBOARD 1
#define RIM_TYPEHID 2
/*
* Raw format of the mouse input
*/
typedef struct tagRAWMOUSE {
/*
* Indicator flags.
*/
USHORT usFlags;
/*
* The transition state of the mouse buttons.
*/
union {
ULONG ulButtons;
struct {
USHORT usButtonFlags;
USHORT usButtonData;
};
};
/*
* The raw state of the mouse buttons.
*/
ULONG ulRawButtons;
/*
* The signed relative or absolute motion in the X direction.
*/
LONG lLastX;
/*
* The signed relative or absolute motion in the Y direction.
*/
LONG lLastY;
/*
* Device-specific additional information for the event.
*/
ULONG ulExtraInformation;
} RAWMOUSE, *PRAWMOUSE, *LPRAWMOUSE;
/*
* Define the mouse button state indicators.
*/
#define RI_MOUSE_LEFT_BUTTON_DOWN 0x0001 // Left Button changed to down.
#define RI_MOUSE_LEFT_BUTTON_UP 0x0002 // Left Button changed to up.
#define RI_MOUSE_RIGHT_BUTTON_DOWN 0x0004 // Right Button changed to down.
#define RI_MOUSE_RIGHT_BUTTON_UP 0x0008 // Right Button changed to up.
#define RI_MOUSE_MIDDLE_BUTTON_DOWN 0x0010 // Middle Button changed to down.
#define RI_MOUSE_MIDDLE_BUTTON_UP 0x0020 // Middle Button changed to up.
#define RI_MOUSE_BUTTON_1_DOWN RI_MOUSE_LEFT_BUTTON_DOWN
#define RI_MOUSE_BUTTON_1_UP RI_MOUSE_LEFT_BUTTON_UP
#define RI_MOUSE_BUTTON_2_DOWN RI_MOUSE_RIGHT_BUTTON_DOWN
#define RI_MOUSE_BUTTON_2_UP RI_MOUSE_RIGHT_BUTTON_UP
#define RI_MOUSE_BUTTON_3_DOWN RI_MOUSE_MIDDLE_BUTTON_DOWN
#define RI_MOUSE_BUTTON_3_UP RI_MOUSE_MIDDLE_BUTTON_UP
#define RI_MOUSE_BUTTON_4_DOWN 0x0040
#define RI_MOUSE_BUTTON_4_UP 0x0080
#define RI_MOUSE_BUTTON_5_DOWN 0x0100
#define RI_MOUSE_BUTTON_5_UP 0x0200
/*
* If usButtonFlags has RI_MOUSE_WHEEL, the wheel delta is stored in usButtonData.
* Take it as a signed value.
*/
#define RI_MOUSE_WHEEL 0x0400
/*
* Define the mouse indicator flags.
*/
#define MOUSE_MOVE_RELATIVE 0
#define MOUSE_MOVE_ABSOLUTE 1
#define MOUSE_VIRTUAL_DESKTOP 0x02 // the coordinates are mapped to the virtual desktop
#define MOUSE_ATTRIBUTES_CHANGED 0x04 // requery for mouse attributes
/*
* Raw format of the keyboard input
*/
typedef struct tagRAWKEYBOARD {
/*
* The "make" scan code (key depression).
*/
USHORT MakeCode;
/*
* The flags field indicates a "break" (key release) and other
* miscellaneous scan code information defined in ntddkbd.h.
*/
USHORT Flags;
USHORT Reserved;
/*
* Windows message compatible information
*/
USHORT VKey;
UINT Message;
/*
* Device-specific additional information for the event.
*/
ULONG ExtraInformation;
} RAWKEYBOARD, *PRAWKEYBOARD, *LPRAWKEYBOARD;
/*
* Define the keyboard overrun MakeCode.
*/
#define KEYBOARD_OVERRUN_MAKE_CODE 0xFF
/*
* Define the keyboard input data Flags.
*/
#define RI_KEY_MAKE 0
#define RI_KEY_BREAK 1
#define RI_KEY_E0
补充:综合编程 , 安全编程 ,
