Hooks don’t play well with others
Last night I spent a few hours hacking at some c code in an attempt to make two things.
First, a Keylogger that doesn’t flag with AV and that uses minimul hooking, basically staying in UserLand.
Second, A little utility I’m calling tigger. The concept behind Tigger is sort of like pivot from Metasploit. Take traffic in one side and throw it out the other. To visualize this:
Source -> Tigger Server -> Target.
Ideally, Tigger could and will be used for something along the lines of DMZ hopping, or just hoping traffic around inside of a network in order to avoid burning your original point of access.
I ran into a problem with the Keylogger however, when I went to Compile I got a compilation error stating KBDLLHOOKSTRUCT was undefined. After googling I only received two results, the one mentions to define a preprocessor, or add a preprocessor into the project properties. After adding the following line:
#define _WIN32_WINNT 0×401
Everything compiles just fine. The problem however, presents itself when you run the keylogger. Everything seems to be hooking correctly, but when you let it go, and type things in it doesn’t seem to log. Any one with more win32 experience have a reason why making the preprocessor declaration would allow me to compile, but somewhere hinder the functionality of the hooks?