[Chapter Eighteen][Previous] [Next] [Art of Assembly][Randall Hyde]

Art of Assembly: Chapter Eighteen


18.8 - A Keyboard Monitor TSR

18.8 A Keyboard Monitor TSR


The following program extends the keystroke counter program presented a little earlier in this chapter. This particular program monitors keystrokes and each minute writes out data to a file listing the date, time, and approximate number of keystrokes in the last minute.

This program can help you discover how much time you spend typing versus thinking at a display screen.




; This is an example of an active TSR that counts keyboard interrupts
; once activated. Every minute it writes the number of keyboard
; interrupts that occurred in the previous minute to an output file.
; This continues until the user removes the program from memory.
;
;
; Usage:
;       KEYEVAL filename-       Begins logging keystroke data to
;                               this file.
;
;       KEYEVAL REMOVE  -       Removes the resident program from
;                               memory.
;
;
; This TSR checks to make sure there isn't a copy already active in
; memory. When doing disk I/O from the interrupts, it checks to make
; sure DOS isn't busy and it preserves application globals (PSP, DTA,
; and extended error info). When removing itself from memory, it
; makes sure there are no other interrupts chained into any of its
; interrupts before doing the remove.
;
; The resident segment definitions must come before everything else.

ResidentSeg     segment para public 'Resident'
ResidentSeg     ends

EndResident     segment para public 'EndRes'
EndResident     ends

                .xlist
                .286
                include         stdlib.a
                includelib      stdlib.lib
                .list


; Resident segment that holds the TSR code:

ResidentSeg     segment para public 'Resident'
                assume  cs:ResidentSeg, ds:nothing

; Int 2Fh ID number for this TSR:

MyTSRID         byte    0

; The following variable counts the number of keyboard interrupts

KeyIntCnt       word    0

; Counter counts off the number of milliseconds that pass, SecCounter
; counts off the number of seconds (up to 60).

Counter         word    0
SecCounter      word    0

; FileHandle is the handle for the log file:

FileHandle      word    0

; NeedIO determines if we have a pending I/O opearation.

NeedIO          word    0

; PSP is the psp address for this program.

PSP             word    0

; Variables to tell us if DOS, INT 13h, or INT 16h are busy:

InInt13         byte    0
InInt16         byte    0
InDOSFlag       dword   ?

; These variables contain the original values in the interrupt vectors
; we've patched.

OldInt9         dword   ?
OldInt13        dword   ?
OldInt16        dword   ?
OldInt1C        dword   ?
OldInt28        dword   ?
OldInt2F        dword   ?


; DOS data structures:

ExtErr          struct
eeAX            word    ?
eeBX            word    ?
eeCX            word    ?
eeDX            word    ?
eeSI            word    ?
eeDI            word    ?
eeDS            word    ?
eeES            word    ?
                word    3 dup (0)
ExtErr          ends



XErr            ExtErr  {}      ;Extended Error Status.
AppPSP          word    ?       ;Application PSP value.
AppDTA          dword   ?       ;Application DTA address.


; The following data is the output record. After storing this data
; to these variables, the TSR writes this data to disk.

month           byte    0
day             byte    0
year            word    0
hour            byte    0
minute          byte    0
second          byte    0
Keystrokes      word    0
RecSize         =       $-month







; MyInt9-       The system calls this routine every time a keyboard
;               interrupt occus. This routine increments the
;               KeyIntCnt variable and then passes control on to the
;               original Int9 handler.

MyInt9          proc    far
                inc     ResidentSeg:KeyIntCnt
                jmp     ResidentSeg:OldInt9
MyInt9          endp





; MyInt1C-      Timer interrupt. This guy counts off 60 seconds and then
;               attempts to write a record to the output file. Of course,
;               this call has to jump through all sorts of hoops to keep
;               from reentering DOS and other problematic code.

MyInt1C         proc    far
                assume  ds:ResidentSeg

                push    ds
                push    es
                pusha                           ;Save all the registers.
                mov     ax, ResidentSeg
                mov     ds, ax

                pushf
                call    OldInt1C

; First things first, let's bump our interrupt counter so we can count
; off a minute. Since we're getting interrupted about every 54.92549
; milliseconds, let's shoot for a little more accuracy than 18 times
; per second so the timings don't drift too much.

                add     Counter, 549            ;54.9 msec per int 1C.
                cmp     Counter, 10000          ;1 second.
                jb      NotSecYet
                sub     Counter, 10000
                inc     SecCounter
NotSecYet:


; If NEEDIO is not zero, then there is an I/O operation in progress.
; Do not disturb the output values if this is the case.

                cli                     ;This is a critical region.
                cmp     NeedIO, 0
                jne     SkipSetNIO

; Okay, no I/O in progress, see if a minute has passed since the last
; time we logged the keystrokes to the file. If so, it's time to start
; another I/O operation.

                cmp     SecCounter, 60  ;One minute passed yet?
                jb      Int1CDone
                mov     NeedIO, 1       ;Flag need for I/O.
                mov     ax, KeyIntCnt   ;Copy this to the output
                shr     ax, 1           ; buffer after computing
                mov     KeyStrokes, ax  ; # of keystrokes.
                mov     KeyIntCnt, 0    ;Reset for next minute.
                mov     SecCounter, 0

SkipSetNIO:     cmp     NeedIO, 1       ;Is the I/O already in
                jne     Int1CDone       ; progress? Or done?

                call    ChkDOSStatus    ;See if DOS/BIOS are free.
                jnc     Int1CDone       ;Branch if busy.

                call    DoIO            ;Do I/O if DOS is free.

Int1CDone:      popa                    ;Restore registers and quit.
                pop     es
                pop     ds
                iret
MyInt1C         endp
                assume  ds:nothing


; MyInt28-              Idle interrupt. If DOS is in a busy-wait loop waiting for
;               I/O to complete, it executes an int 28h instruction each
;               time through the loop. We can ignore the InDOS and CritErr
;               flags at that time, and do the I/O if the other interrupts
;               are free.

MyInt28         proc    far
                assume  ds:ResidentSeg

                push    ds
                push    es
                pusha                   ;Save all the registers.
                mov     ax, ResidentSeg
                mov     ds, ax

                pushf                   ;Call the next INT 28h
                call    OldInt28        ; ISR in the chain.

                cmp     NeedIO, 1       ;Do we have a pending I/O?
                jne     Int28Done

                mov     al, InInt13     ;See if BIOS is busy.
                or      al, InInt16
                jne     Int28Done

                call    DoIO            ;Go do I/O if BIOS is free.

Int28Done:      popa
                pop     es
                pop     ds
                iret
MyInt28         endp
                assume  ds:nothing


; MyInt16-      This is just a wrapper for the INT 16h (keyboard trap)
;               handler.

MyInt16         proc    far
                inc     ResidentSeg:InInt16

; Call original handler:

                pushf
                call    ResidentSeg:OldInt16

; For INT 16h we need to return the flags that come from the previous call.

                pushf
                dec     ResidentSeg:InInt16
                popf
                retf    2               ;Fake IRET to keep flags.
MyInt16         endp


; MyInt13-      This is just a wrapper for the INT 13h (disk I/O trap)
;               handler.

MyInt13         proc    far
                inc     ResidentSeg:InInt13
                pushf
                call    ResidentSeg:OldInt13
                pushf
                dec     ResidentSeg:InInt13
                popf
                retf    2               ;Fake iret to keep flags.
MyInt13         endp


; ChkDOSStatus- Returns with the carry clear if DOS or a BIOS routine
;               is busy and we can't interrupt them.

ChkDOSStatus    proc    near
                assume  ds:ResidentSeg
                les     bx, InDOSFlag
                mov     al, es:[bx]     ;Get InDOS flag.
                or      al, es:[bx-1]   ;OR with CritErr flag.
                or      al, InInt16     ;OR with our wrapper
                or      al, InInt13     ; values.
                je      Okay2Call
                clc
                ret

Okay2Call:      clc
                ret
ChkDOSStatus    endp
                assume  ds:nothing


; PreserveDOS-  Gets a copy's of DOS' current PSP, DTA, and extended
;               error information and saves this stuff. Then it sets
;               the PSP to our local PSP and the DTA to PSP:80h.

PreserveDOS     proc    near
                assume  ds:ResidentSeg

                mov     ah, 51h         ;Get app's PSP.
                int     21h
                mov     AppPSP, bx      ;Save for later

                mov     ah, 2Fh         ;Get app's DTA.
                int     21h
                mov     word ptr AppDTA, bx
                mov     word ptr AppDTA+2, es

                push    ds
                mov     ah, 59h         ;Get extended err info.
                xor     bx, bx
                int     21h

                mov     cs:XErr.eeDS, ds
                pop     ds
                mov     XErr.eeAX, ax
                mov     XErr.eeBX, bx
                mov     XErr.eeCX, cx
                mov     XErr.eeDX, dx
                mov     XErr.eeSI, si
                mov     XErr.eeDI, di
                mov     XErr.eeES, es

; Okay, point DOS's pointers at us:

                mov     bx, PSP
                mov     ah, 50h         ;Set PSP.
                int     21h

                push    ds              ;Set the DTA to
                mov     ds, PSP         ; address PSP:80h
                mov     dx, 80h
                mov     ah, 1Ah         ;Set DTA call.
                int     21h
                pop     ds

                ret
PreserveDOS     endp
                assume  ds:nothing



; RestoreDOS-   Restores DOS' important global data values back to the
;               application's values.

RestoreDOS      proc    near
                assume  ds:ResidentSeg

                mov     bx, AppPSP
                mov     ah, 50h                 ;Set PSP
                int     21h

                push    ds
                lds     dx, AppDTA
                mov     ah, 1Ah                 ;Set DTA
                int     21h
                pop     ds
                push    ds

                mov     si, offset XErr         ;Saved extended error stuff.
                mov     ax, 5D0Ah               ;Restore XErr call.
                int     21h
                pop     ds
                ret
RestoreDOS      endp
                assume  ds:nothing


; DoIO-         This routine processes each of the I/O operations
;               required to write data to the file.

DoIO            proc    near
                assume  ds:ResidentSeg

                mov     NeedIO, 0FFh            ;A busy flag for us.

; The following Get Date DOS call may take a while, so turn the
; interrupts back on (we're clear of the critical section once we
; write 0FFh to NeedIO).

                sti
                call    PreserveDOS             ;Save DOS data.

                mov     ah, 2Ah                 ;Get Date DOS call
                int     21h
                mov     month, dh
                mov     day, dl
                mov     year, cx

                mov     ah, 2Ch                 ;Get Time DOS call
                int     21h
                mov     hour, ch
                mov     minute, cl
                mov     second, dh

                mov     ah, 40h                 ;DOS Write call
                mov     bx, FileHandle          ;Write data to this file.
                mov     cx, RecSize             ;This many bytes.
                mov     dx, offset month        ;Starting at this address.
                int     21h                     ;Ignore return errors (!).
                mov     ah, 68h                 ;DOS Commit call
                mov     bx, FileHandle          ;Write data to this file.
                int     21h                     ;Ignore return errors (!).

                mov     NeedIO, 0               ;Ready to start over.
                call    RestoreDOS

PhasesDone:             ret
DoIO            endp
                assume  ds:nothing



; MyInt2F-      Provides int 2Fh (multiplex interrupt) support for this
;               TSR. The multiplex interrupt recognizes the following
;               subfunctions (passed in AL):
;
;               00- Verify presence.    Returns 0FFh in AL and a pointer
;                                       to an ID string in es:di if the
;                                       TSR ID (in AH) matches this
;                                       particular TSR.
;
;               01- Remove.             Removes the TSR from memory.
;                                       Returns 0 in AL if successful,
;                                       1 in AL if failure.

MyInt2F         proc    far
                assume  ds:nothing

                cmp     ah, MyTSRID     ;Match our TSR identifier?
                je      YepItsOurs
                jmp     OldInt2F

; Okay, we know this is our ID, now check for a verify vs. remove call.

YepItsOurs:     cmp     al, 0           ;Verify Call
                jne     TryRmv
                mov     al, 0ffh        ;Return success.
                lesi    IDString
                iret                    ;Return back to caller.

IDString        byte    "Keypress Logger TSR",0

TryRmv:         cmp     al, 1           ;Remove call.
                jne     IllegalOp

                call    TstRmvable      ;See if we can remove this guy.
                je      CanRemove       ;Branch if we can.
                mov     ax, 1           ;Return failure for now.
                iret

; Okay, they want to remove this guy *and* we can remove it from memory.
; Take care of all that here.

                assume  ds:ResidentSeg

CanRemove:      push    ds
                push    es
                pusha
                cli                     ;Turn off the interrupts while
                mov     ax, 0           ; we mess with the interrupt
                mov     es, ax          ; vectors.
                mov     ax, cs
                mov     ds, ax

                mov     ax, word ptr OldInt9
                mov     es:[9*4], ax
                mov     ax, word ptr OldInt9+2
                mov     es:[9*4 + 2], ax

                mov     ax, word ptr OldInt13
                mov     es:[13h*4], ax
                mov     ax, word ptr OldInt13+2
                mov     es:[13h*4 + 2], ax

                mov     ax, word ptr OldInt16
                mov     es:[16h*4], ax
                mov     ax, word ptr OldInt16+2
                mov     es:[16h*4 + 2], ax

                mov     ax, word ptr OldInt1C
                mov     es:[1Ch*4], ax
                mov     ax, word ptr OldInt1C+2
                mov     es:[1Ch*4 + 2], ax

                mov     ax, word ptr OldInt28
                mov     es:[28h*4], ax
                mov     ax, word ptr OldInt28+2
                mov     es:[28h*4 + 2], ax

                mov     ax, word ptr OldInt2F
                mov     es:[2Fh*4], ax
                mov     ax, word ptr OldInt2F+2
                mov     es:[2Fh*4 + 2], ax


; Okay, with that out of the way, let's close the file.
; Note: INT 2F shouldn't have to deal with DOS busy because it's
; a passive TSR call.

                mov     ah, 3Eh         ;Close file command
                mov     bx, FileHandle
                int     21h

; Okay, one last thing before we quit- Let's give the memory allocated
; to this TSR back to DOS.

                mov     ds, PSP
                mov     es, ds:[2Ch]    ;Ptr to environment block.
                mov     ah, 49h         ;DOS release memory call.
                int     21h

                mov     ax, ds          ;Release program code space.
                mov     es, ax
                mov     ah, 49h
                int     21h

                popa
                pop     es
                pop     ds
                mov     ax, 0           ;Return Success.
                iret


; They called us with an illegal subfunction value. Try to do as little
; damage as possible.

IllegalOp:      mov     ax, 0           ;Who knows what they were thinking?
                iret
MyInt2F         endp
                assume  ds:nothing





; TstRmvable-           Checks to see if we can remove this TSR from memory.
;               Returns the zero flag set if we can remove it, clear
;               otherwise.

TstRmvable      proc    near
                cli
                push    ds
                mov     ax, 0
                mov     ds, ax

                cmp     word ptr ds:[9*4], offset MyInt9
                jne     TRDone
                cmp     word ptr ds:[9*4 + 2], seg MyInt9
                jne     TRDone

                cmp     word ptr ds:[13h*4], offset MyInt13
                jne     TRDone
                cmp     word ptr ds:[13h*4 + 2], seg MyInt13
                jne     TRDone

                cmp     word ptr ds:[16h*4], offset MyInt16
                jne     TRDone
                cmp     word ptr ds:[16h*4 + 2], seg MyInt16
                jne     TRDone

                cmp     word ptr ds:[1Ch*4], offset MyInt1C
                jne     TRDone
                cmp     word ptr ds:[1Ch*4 + 2], seg MyInt1C
                jne     TRDone

                cmp     word ptr ds:[28h*4], offset MyInt28
                jne     TRDone
                cmp     word ptr ds:[28h*4 + 2], seg MyInt28
                jne     TRDone

                cmp     word ptr ds:[2Fh*4], offset MyInt2F
                jne     TRDone
                cmp     word ptr ds:[2Fh*4 + 2], seg MyInt2F
TRDone:         pop     ds
                sti
                ret
TstRmvable      endp
ResidentSeg     ends



cseg            segment para public 'code'
                assume  cs:cseg, ds:ResidentSeg

; SeeIfPresent- Checks to see if our TSR is already present in memory.
;               Sets the zero flag if it is, clears the zero flag if
;               it is not.

SeeIfPresent    proc    near
                push    es
                push    ds
                push    di
                mov     cx, 0ffh        ;Start with ID 0FFh.
IDLoop:         mov     ah, cl
                push    cx
                mov     al, 0           ;Verify presence call.
                int     2Fh
                pop     cx
                cmp     al, 0           ;Present in memory?
                je      TryNext
                strcmpl
                byte    "Keypress Logger TSR",0
                je      Success

TryNext:        dec     cl              ;Test USER IDs of 80h..FFh
                js      IDLoop
                cmp     cx, 0           ;Clear zero flag.
Success:                pop     di
                pop     ds
                pop     es
                ret
SeeIfPresent    endp



; FindID-       Determines the first (well, last actually) TSR ID available
;               in the multiplex interrupt chain. Returns this value in
;               the CL register.
;
;               Returns the zero flag set if it locates an empty slot.
;               Returns the zero flag clear if failure.

FindID          proc    near
                push    es
                push    ds
                push    di

                mov     cx, 0ffh        ;Start with ID 0FFh.
IDLoop:         mov     ah, cl
                push    cx
                mov     al, 0           ;Verify presence call.
                int     2Fh
                pop     cx
                cmp     al, 0           ;Present in memory?
                je      Success
                dec     cl              ;Test USER IDs of 80h..FFh
                js      IDLoop
                xor     cx, cx
                cmp     cx, 1           ;Clear zero flag
Success:                pop     di
                pop     ds
                pop     es
                ret
FindID          endp



Main            proc
                meminit

                mov     ax, ResidentSeg
                mov     ds, ax

                mov     ah, 62h         ;Get this program's PSP
                int     21h             ; value.
                mov     PSP, bx

; Before we do anything else, we need to check the command line
; parameters. We must have either a valid filename or the
; command "remove". If remove appears on the command line, then remove
; the resident copy from memory using the multiplex (2Fh) interrupt.
; If remove is not on the command line, we'd better have a filename and
; there had better not be a copy already loaded into memory.

                argc
                cmp     cx, 1           ;Must have exactly 1 parm.
                je      GoodParmCnt
                print
                byte    "Usage:",cr,lf
                byte    " KeyEval filename",cr,lf
                byte    "or KeyEval REMOVE",cr,lf,0
                ExitPgm


; Check for the REMOVE command.

GoodParmCnt:    mov     ax, 1
                argv
                stricmpl
                byte    "REMOVE",0
                jne     TstPresent

                call    SeeIfPresent
                je      RemoveIt
                print
                byte    "TSR is not present in memory, cannot remove"
                byte    cr,lf,0
                ExitPgm

RemoveIt:       mov     MyTSRID, cl
                printf
                byte    "Removing TSR (ID #%d) from memory...",0
                dword   MyTSRID

                mov     ah, cl
                mov     al, 1           ;Remove cmd, ah contains ID
                int     2Fh
                cmp     al, 1           ;Succeed?
                je      RmvFailure
                print
                byte    "removed.",cr,lf,0
                ExitPgm

RmvFailure:             print
                byte    cr,lf
                byte    "Could not remove TSR from memory.",cr,lf
                byte    "Try removing other TSRs in the reverse order "
                byte    "you installed them.",cr,lf,0
                ExitPgm



; Okay, see if the TSR is already in memory. If so, abort the
; installation process.

TstPresent:     call    SeeIfPresent
                jne     GetTSRID
                print
                byte    "TSR is already present in memory.",cr,lf
                byte    "Aborting installation process",cr,lf,0
                ExitPgm


; Get an ID for our TSR and save it away.

GetTSRID:       call    FindID
                je      GetFileName
                print
                byte    "Too many resident TSRs, cannot install",cr,lf,0
                ExitPgm


; Things look cool so far, check the filename and open the file.

GetFileName:    mov     MyTSRID, cl
                printf
                byte    "Keypress logger TSR program",cr,lf
                byte    "TSR ID = %d",cr,lf
                byte    "Processing file:",0
                dword   MyTSRID

                puts
                putcr

                mov     ah, 3Ch         ;Create file command.
                mov     cx, 0           ;Normal file.
                push    ds
                push    es              ;Point ds:dx at name
                pop     ds
                mov     dx, di
                int     21h             ;Open the file
                jnc     GoodOpen
                print
                byte    "DOS error #",0
                puti
                print
                byte    " opening file.",cr,lf,0
                ExitPgm

GoodOpen:       pop     ds
                mov     FileHandle, ax  ;Save file handle.


InstallInts:            print
                byte    "Installing interrupts...",0


; Patch into the INT 9, 13h, 16h, 1Ch, 28h, and 2Fh interrupt vectors.
; Note that the statements above have made ResidentSeg the current data
; segment, so we can store the old values directly into
; the OldIntxx variables.

                cli                     ;Turn off interrupts!
                mov     ax, 0
                mov     es, ax
                mov     ax, es:[9*4]
                mov     word ptr OldInt9, ax
                mov     ax, es:[9*4 + 2]
                mov     word ptr OldInt9+2, ax
                mov     es:[9*4], offset MyInt9
                mov     es:[9*4+2], seg ResidentSeg

                mov     ax, es:[13h*4]
                mov     word ptr OldInt13, ax
                mov     ax, es:[13h*4 + 2]
                mov     word ptr OldInt13+2, ax
                mov     es:[13h*4], offset MyInt13
                mov     es:[13h*4+2], seg ResidentSeg

                mov     ax, es:[16h*4]
                mov     word ptr OldInt16, ax
                mov     ax, es:[16h*4 + 2]
                mov     word ptr OldInt16+2, ax
                mov     es:[16h*4], offset MyInt16
                mov     es:[16h*4+2], seg ResidentSeg

                mov     ax, es:[1Ch*4]
                mov     word ptr OldInt1C, ax
                mov     ax, es:[1Ch*4 + 2]
                mov     word ptr OldInt1C+2, ax
                mov     es:[1Ch*4], offset MyInt1C
                mov     es:[1Ch*4+2], seg ResidentSeg

                mov     ax, es:[28h*4]
                mov     word ptr OldInt28, ax
                mov     ax, es:[28h*4 + 2]
                mov     word ptr OldInt28+2, ax
                mov     es:[28h*4], offset MyInt28
                mov     es:[28h*4+2], seg ResidentSeg

                mov     ax, es:[2Fh*4]
                mov     word ptr OldInt2F, ax
                mov     ax, es:[2Fh*4 + 2]
                mov     word ptr OldInt2F+2, ax
                mov     es:[2Fh*4], offset MyInt2F
                mov     es:[2Fh*4+2], seg ResidentSeg
                sti                     Okay, ints back on.

; We're hooked up, the only thing that remains is to terminate and
; stay resident.

                print
                byte    "Installed.",cr,lf,0


                mov     dx, EndResident ;Compute size of program.
                sub     dx, PSP
                mov     ax, 3100h       ;DOS TSR command.
                int     21h
Main            endp
cseg            ends

sseg            segment para stack 'stack'
stk             db      1024 dup ("stack ")
sseg            ends

zzzzzzseg       segment para public 'zzzzzz'
LastBytes       db      16 dup (?)
zzzzzzseg       ends
                end     Main


The following is a short little application that reads the data file produced by the above program and produces a simple report of the date, time, and keystrokes:





; This program reads the file created by the KEYEVAL.EXE TSR program.
; It displays the log containing dates, times, and number of keystrokes.

                .xlist
                .286
                include         stdlib.a
                includelib      stdlib.lib
                .list

dseg            segment para public 'data'

FileHandle      word    ?

month           byte    0
day             byte    0
year            word    0
hour            byte    0
minute          byte    0
second          byte    0
KeyStrokes      word    0
RecSize         =       $-month

dseg            ends




cseg            segment para public 'code'
                assume  cs:cseg, ds:dseg

; SeeIfPresent- Checks to see if our TSR is present in memory.
;               Sets the zero flag if it is, clears the zero flag if
;               it is not.

SeeIfPresent    proc    near
                push    es
                push    ds
                pusha
                mov     cx, 0ffh                ;Start with ID 0FFh.
IDLoop:         mov     ah, cl
                push    cx
                mov     al, 0           ;Verify presence call.
                int     2Fh
                pop     cx
                cmp     al, 0           ;Present in memory?
                je      TryNext
                strcmpl
                byte    "Keypress Logger TSR",0
                je      Success

TryNext:        dec     cl              ;Test USER IDs of 80h..FFh
                js      IDLoop
                cmp     cx, 0           ;Clear zero flag.
Success:                popa
                pop     ds
                pop     es
                ret
SeeIfPresent    endp



Main            proc
                meminit

                mov     ax, dseg
                mov     ds, ax



                argc
                cmp     cx, 1           ;Must have exactly 1 parm.
                je      GoodParmCnt
                print
                byte    "Usage:",cr,lf
                byte    " KEYRPT filename",cr,lf,0
                ExitPgm



GoodParmCnt:    mov     ax, 1
                argv

                print
                byte    "Keypress logger report program",cr,lf
                byte    "Processing file:",0
                puts
                putcr

                mov     ah, 3Dh                 ;Open file command.
                mov     al, 0                   ;Open for reading.
                push    ds
                push    es                      ;Point ds:dx at name
                pop     ds
                mov     dx, di
                int     21h                     ;Open the file
                jnc     GoodOpen
                print
                byte    "DOS error #",0
                puti
                print
                byte    " opening file.",cr,lf,0
                ExitPgm

GoodOpen:       pop     ds
                mov     FileHandle, ax          ;Save file handle.


; Okay, read the data and display it:

ReadLoop:       mov     ah, 3Fh                 ;Read file command
                mov     bx, FileHandle
                mov     cx, RecSize             ;Number of bytes.
                mov     dx, offset month        ;Place to put data.
                int     21h
                jc      ReadError
                test    ax, ax                  ;EOF?
                je      Quit

                mov     cx, year
                mov     dl, day
                mov     dh, month
                dtoam
                puts
                free
                print
                byte    ", ",0

                mov     ch, hour
                mov     cl, minute
                mov     dh, second
                mov     dl, 0
                ttoam
                puts
                free
                printf
                byte    ", keystrokes = %d\n",0
                dword   KeyStrokes
                jmp     ReadLoop

ReadError:      print
                byte    "Error reading file",cr,lf,0

Quit:           mov     bx, FileHandle
                mov     ah, 3Eh         ;Close file
                int     21h
                ExitPgm

Main            endp
cseg            ends

sseg            segment para stack 'stack'
stk             db      1024 dup ("stack ")
sseg            ends

zzzzzzseg       segment para public 'zzzzzz'
LastBytes       db      16 dup (?)
zzzzzzseg       ends
                end     Main
18.8 - A Keyboard Monitor TSR


Art of Assembly: Chapter Eighteen - 29 SEP 1996

[Chapter Eighteen][Previous] [Next] [Art of Assembly][Randall Hyde]



Number of Web Site Hits since Jan 1, 2000: