keylogger in Python

Bengt Richter bokr at oz.net
Mon Aug 1 01:46:58 EDT 2005 

On Sat, 30 Jul 2005 18:21:09 GMT, Dennis Lee Bieber <wlfraed at ix.netcom.com> wrote:

>On 30 Jul 2005 01:11:32 -0700, "Jay" <jaymail at gawab.com> declaimed the
>following in comp.lang.python:
>
>> ok, i thought for 2 seconds i might have created a Keylogger in python
>
[...]
>
>	Doing key logging is highly OS dependent. Under AmigaOS, one
>would inject a key handler at high-priority into the OS input stream
>chain (a linked list of priority ordered programs that want to see
>input). The logger would receive, on its input port, an OS packet with
>the timestamp and key codes, could log it, and then return it to the OS
>to be passed to the next program in the chain (some programs consume the
>stream and don't pass it on). It was also easy to inject fake events --
>a program could inject, for example, disk-change events that other
>programs would respond to.
>
>	On Windows... I don't know for sure... Chapter 27 of
>"Programming Applications for Microsoft Windows 4th Ed." might be of use
>(may also be a more up-to-date version available too). It shows some
>system call of AttachThreadInput() being used to link a program's input
>stream (queue in the book's terminology) to another program so both
>receive the same data (I think). You're logger would have to hook into
>the process start-up system  so that it could link to every process that
>might be reading keys.

I'd go to

http://msdn.microsoft.com/library/en-us/winui/winui/windowsuserinterface/windowing/hooks/abouthooks.asp?frame=true#wh_journalrecordhook

for starters. Also, if you have a w32 sdk, you likely have the source for an old windows message "spy" program (in C),
along with makefile and bits and pieces it needs. You could cannibalize to do specifically keyboard-oriented stuff, and
differentiate alt-stuff from plain stuff etc. You can also monitor the activity of individual widgets and whatnot and
copy the messages they receive to change text and resize and all manner of stuff.

Try typing spyxx.hlp and see if spy++ help comes up. Or possibly run an older spy.exe for an
example of interactively selecting what to monitor. Then you could write a C module to provide
a python interface to those capabilities. Have fun ;-)

Regards,
Bengt Richter

More information about the Python-list mailing list