tags:

views:

62

answers:

2
Q: 

Key logging in .NET

Is it possible to write a key logger in Visual Basic.NET? Is this the right language to be using?

So far, I've gotten a console app to read input and append to a file.

1)How can I make a .NET program "catch" all keyboard input?

2)How do I make a process not show up in Task Manager?

This is not for a virus, but rather a parental control program for a specific clientele. No malicious intent here.

+1  A: 
  1. You need to set a Keyboard Hook.
  2. This is extremely difficult and is not possible on 64-bit editions of Windows.
    If you're really doing this with consent, this shouldn't be necessary.
SLaks  2010-04-26 02:43:21
What's different in 64-bit edition of Windows?
Sam  2010-04-26 02:45:34
@Sam - +1 - I dunno, but I once heard something about negative Process ID's. I am guessing that PID's are tied to memory addresses which work differently in x64 Windows.
Moshe  2010-04-26 02:47:45
@Sam: PatchGuard. http://en.wikipedia.org/wiki/Kernel_Patch_Protection
SLaks  2010-04-26 02:48:37
`If you're really doing this with consent, this shouldn't be necessary.` Consent of who? Parents or their savvy kids?
Moshe  2010-04-26 02:52:09
I see. Sam is correct. `C:\Windows\svchost.exe` is the best way to hide it.
SLaks  2010-04-26 02:53:58
And, that will not mess with the authentic svchost?
Moshe  2010-04-26 02:56:15
No; that's in `system32`.
SLaks  2010-04-26 02:57:51
Stupid Stupid me. Shoulda' known. I suppose any system name is good enough, but svchost takes the cake.
Moshe  2010-04-26 02:58:50
Yes; svchost is the only process that will legitimately have multiple copies running.
SLaks  2010-04-26 03:00:31
Why am I not surprised?
SLaks  2010-04-26 03:02:27
@SLaks - Lol. I don't give out that much info on the net, but let's just say that we're similar enough.I got more ideas. This is just the beginning. Thanks.
Moshe  2010-04-26 03:09:34
Probably will. I go back to Yeshiva tomorrow and have not enough time to thoroughly test...
Moshe  2010-04-26 03:12:21
What/where are you learning?
SLaks  2010-04-26 03:13:35
Sent u a messg.
Moshe  2010-04-26 03:19:56
@SLaks - Right. My spelling isn't good on 3hrs of sleep at 11:30pm the next night. :-) EDIT: I'm deleting that comment. It will not let me edit.
Moshe  2010-04-26 14:24:49
+1  A: 

  1. Here's a sample of how to write a key logger in .net. http://www.scratchprojects.com/2008/09/csharp_keylogger_p01.php

  2. Your best bet for making it not show up in Task Manager is to make it look like something that belongs. Call it "svchost.exe". :-)

Sam  2010-04-26 02:48:26
@Sam - Indeed. Silly old me... *I* am `svchost.exe`. No, *I*.
Moshe  2010-04-26 02:49:59
I'm more of a VB kinda guy, but I'm going to read up on both.
Moshe  2010-04-26 02:54:22

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?