PDA

View Full Version : NSALogger.exe



kung foo man
1st April 2016, 05:19
First I had the idea of a webcam watching myself, analyzing my behaviour, which would then eventually scream "stop procrastinating" at me, but I realized it should way simpler to detect procrastination without an AI + webcam (lol).

Kinda simply by checking the foreground window on Windows Desktop, writing the title of the active window it to a file and then let a process like B3 parse/analyze the output:



01.04.2016 05:56:45:182 window=0000000000550A72 process_id= 3292 processImageName=C:\Users\lama1_000\Desktop\Active WindowLogger\activeWindowLogger.exe title=C:\Users\lama1_000\Desktop\ActiveWindowLogge r\activeWindowLogger.exe
01.04.2016 05:57:43:285 window=0000000000060758 process_id= 4156 processImageName=C:\Program Files (x86)\Notepad++\notepad++.exe title=C:\Users\lama1_000\Desktop\ActiveWindowLogge r\ActiveWindowLogger.cpp - Notepad++
01.04.2016 05:57:46:111 window=0000000000060758 process_id= 4156 processImageName=C:\Program Files (x86)\Notepad++\notepad++.exe title=C:\Users\lama1_000\Desktop\ActiveWindowLogge r\build.bat - Notepad++
01.04.2016 05:57:47:374 window=0000000000060758 process_id= 4156 processImageName=C:\Program Files (x86)\Notepad++\notepad++.exe title=C:\Users\lama1_000\Desktop\SoftEngineJSPart2 \index.html - Notepad++
01.04.2016 05:57:47:778 window=0000000000060758 process_id= 4156 processImageName=C:\Program Files (x86)\Notepad++\notepad++.exe title=C:\Users\lama1_000\Desktop\SoftEngineJSPart2 \SoftEngine.js - Notepad++
01.04.2016 05:57:50:050 window=0000000000060758 process_id= 4156 processImageName=C:\Program Files (x86)\Notepad++\notepad++.exe title=C:\Users\lama1_000\Desktop\SoftEngineJSPart2 \babylon.math.js - Notepad++
01.04.2016 05:57:51:212 window=0000000000550A72 process_id= 3292 processImageName=C:\Users\lama1_000\Desktop\Active WindowLogger\activeWindowLogger.exe title=C:\Users\lama1_000\Desktop\ActiveWindowLogge r\activeWindowLogger.exe
01.04.2016 05:57:59:420 window=000000000006097C process_id= 6980 processImageName=C:\Users\LAMA1_~1\AppData\Local\T emp\Process Explorer64.exe title=Process Explorer - Sysinternals: www.sysinternals.com [ADMIN\lama1_000]
01.04.2016 05:58:06:575 window=00000000002F09E0 process_id= 6980 processImageName=C:\Users\LAMA1_~1\AppData\Local\T emp\Process Explorer64.exe title=i_view32.exe:108 Properties
01.04.2016 05:58:15:898 window=000000000006097C process_id= 6980 processImageName=C:\Users\LAMA1_~1\AppData\Local\T emp\Process Explorer64.exe title=Process Explorer - Sysinternals: www.sysinternals.com [ADMIN\lama1_000]
01.04.2016 05:58:20:388 window=0000000000030254 process_id= 6004 processImageName=C:\Program Files (x86)\Mozilla Firefox\firefox.exe title=lied_17.mp3 - Mozilla Firefox
01.04.2016 05:58:22:055 window=000000000006097C process_id= 6980 processImageName=C:\Users\LAMA1_~1\AppData\Local\T emp\Process Explorer64.exe title=Process Explorer - Sysinternals: www.sysinternals.com [ADMIN\lama1_000]
01.04.2016 05:58:27:651 window=0000000000030254 process_id= 6004 processImageName=C:\Program Files (x86)\Mozilla Firefox\firefox.exe title=lied_17.mp3 - Mozilla Firefox
01.04.2016 05:58:30:731 window=0000000000030254 process_id= 6004 processImageName=C:\Program Files (x86)\Mozilla Firefox\firefox.exe title=A Sci-Fi Short Film HD: "At the End" - by Jason J. Whitmore - YouTube - Mozilla Firefox
01.04.2016 05:58:38:049 window=0000000000010106 process_id= 1056 processImageName=C:\Windows\explorer.exe title=
01.04.2016 05:58:38:151 window=0000000000070710 process_id= 1056 processImageName=C:\Windows\explorer.exe title=ActiveWindowLogger
01.04.2016 05:58:39:060 window=0000000000010106 process_id= 1056 processImageName=C:\Windows\explorer.exe title=
01.04.2016 05:58:40:924 window=000000000004007E process_id= 1056 processImageName=C:\Windows\explorer.exe title=Dieser PC
01.04.2016 05:58:42:031 window=0000000000550A72 process_id= 3292 processImageName=C:\Users\lama1_000\Desktop\Active WindowLogger\activeWindowLogger.exe title=C:\Users\lama1_000\Desktop\ActiveWindowLogge r\activeWindowLogger.exe


It could even make statistics like "Your day on PC: 40% Hackernews, 30% Steam Chat, 10% 4Chan, 10% Visual Studio, ...". Which would show on a glance how much time you wasted. I don't know about you all, but I mostly just can't get shit done.

So I started just wrote a bit Win32 code to log the window titles, which is only about 50 lines of C code:



#include <stdio.h>
#include <stdlib.h>
#include <windows.h>
#include <Winternl.h>
#define SLEEPTIME 50 // in milliseconds

// my gcc didn't know about QueryFullProcessImageNameA(), prolly remove in some other gcc versions or Visual Studio
extern "C" WINBASEAPI BOOL WINAPI QueryFullProcessImageNameA(HANDLE hProcess, DWORD dwFlags, LPSTR lpExeName, PDWORD lpdwSize);

int main() {
HWND window, oldWindow;
char title[4096], oldTitle[sizeof(title)]; // whatever the fuckin limit is, i dont wanna hit one
SYSTEMTIME lt;
int first = 1;
while (1) {
window = GetForegroundWindow();
if (window == NULL) { // happens when focusing the taskbar
Sleep(SLEEPTIME);
continue;
}
int ret = GetWindowText(window, title, sizeof(title));
if (ret == 0) {
//printf("NO WINDOW TEXT!\n");
}
if ( ! first) { // don't compare against uninitialized oldWindow and oldTitle
int windowTitleChanged = strcmp(title, oldTitle) != 0;
int hwndChanged = window != oldWindow;
//printf("titleChanged = %d hwndChanged = %d\n", windowTitleChanged, hwndChanged);
if ( !windowTitleChanged && !hwndChanged ) {
Sleep(SLEEPTIME);
continue;
}
}
//HMONITOR monitor = MonitorFromWindow(window, MONITOR_DEFAULTTONULL);
GetLocalTime(&lt);
DWORD windowProcessID;
GetWindowThreadProcessId(window, &windowProcessID);
HANDLE windowProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE, windowProcessID);
char processImageName[4096];
DWORD stringSize = sizeof(processImageName);
QueryFullProcessImageNameA(windowProcess, 0, processImageName, &stringSize);
printf("%.2d.%02d.%02d %02d:%02d:%02d:%03d window=%p process_id=%5d processImageName=%s title=%s\n",
lt.wDay, lt.wMonth, lt.wYear, lt.wHour, lt.wMinute, lt.wSecond, lt.wMilliseconds,
window, windowProcessID,
processImageName,
title
);
strncpy(oldTitle, title, sizeof(title));
oldWindow = window;
first = 0;
Sleep(SLEEPTIME);
}
}


Compiling: g++ NSALogger.cpp -o NSALogger.exe
pause


Maybe somebody wants to push the idea further, I imagined stuff like:
- if serious procrastination is detected (e.g. playing Agar.io for 2 hours), then firefox.exe will be terminated
- have some computer voice commenting on your interactions, kinda as fun gag
- having a website where this data gets send to, with a search function through the window titles to find ppl to chat with

Ni3ls
1st April 2016, 12:18
Oh oh no self control!