|
|
------------------------------------------ Begin ----------------------------------------
①、星号密码查看器介绍:
星号密码的杀手,能够很方便显示星号密码框的密码,有助于找回已经遗忘的密码!
===================================================
②、获取星号密码的原理:
上世纪90年代使用过 Windows3.x 的人可能很少有人了解这类操作系统中存在着密码保护的漏洞,如果选择密码控件中的“****”文本然后复制到剪贴板上,
那么看到的将不是“****”而是密码的原始文本。微软发现了Windows3.x 这个问题并在新的版本Windows95 中修改了这个漏洞。
但是 Windows95 存在着新的安全漏洞,可以设计出间谍程序从当前运行的程序中得到密码控件中的密码(方法见下文)。然而,微软在 Window2000 中又修补了这个问题,
是判断消息发送的来源进程是否与当前密码控件属于同一进程,如果不是则返回 ERROR_ACCESS_DENIED 错误!但是也是有方法的,那就是利用 DLL 进程注入,
向密码控件发送 WM_GETTEXT、EM_GETLINE 消息来进行密码的获取!
编辑框 Edit 控件 是Windows的一个标准控件,当把其 Password 属性设为 True 时,就会将输入的内容屏蔽并变为星号(*),从而达到保护的目的。
但是 Edit 框中的内容可通过编程的方式发送 WM_GETTEXT、EM_GETLINE 消息来进行获取。
黑客程序就是利用 Edit 控件的这个特性,通过 SendMessage 向此窗口发送 WM_GETTEXT 或 EM_GETLINE 消息,这样Edit框中的内容就一目了然了!
下面就给大家演示下这个技术,不过这里面只做技术讨论,希望大家不要用于非法用途!天若有情天亦老,人间正道是沧桑!
===================================================
③、对话框样式的修改及控件的添加、图标资源的添加;
===================================================
④、添加置顶选项功能,见上节;
===================================================
⑤、CStatic 派生类的添加:CDragStatic 以及控件类型变量的绑定;
===================================================
⑥、CDragStatic::OnLButtonDown 事件的添加:
- void CDragStatic::OnLButtonDown(UINT nFlags, CPoint point)
- {
- SetCapture(); //设定鼠标消息的发送窗口为当前窗口
- HCURSOR hc = LoadCursor(AfxGetApp()->m_hInstance, MAKEINTRESOURCE(IDC_CURSOR1));
- ::SetCursor(hc);
- HICON hIcon = LoadIcon(AfxGetApp()->m_hInstance, MAKEINTRESOURCE(IDI_ICON2));
- this->SetIcon(hIcon);
- SetTimer(1, 400, NULL);
- CStatic::OnLButtonDown(nFlags, point);
- }
===================================================
⑦、CDragStatic::OnLButtonUp 事件的添加:
- void CDragStatic::OnLButtonUp(UINT nFlags, CPoint point)
- {
- ReleaseCapture();
- HICON hIcon=LoadIcon(AfxGetApp()->m_hInstance,MAKEINTRESOURCE(IDI_ICON1));
- this->SetIcon(hIcon);
- KillTimer(1);
- CStatic::OnLButtonUp(nFlags, point);
- }
===================================================
⑧、添加 CDragStatic::OnTimer 定时器响应:
- void CDragStatic::OnTimer(UINT_PTR nIDEvent)
- {
- HWND deskWnd = ::GetDesktopWindow();
- HDC deskDC = ::GetWindowDC(deskWnd);
- int oldRop2 = SetROP2(deskDC, R2_NOTXORPEN);
- CPoint pt;
- GetCursorPos(&pt);
- HWND parentWnd = ::WindowFromPoint(pt);
- HWND hTargetWnd = ::GetWindow(parentWnd, GW_CHILD);
- CRect tempRc;
- while (hTargetWnd){
- ::GetWindowRect(hTargetWnd, &tempRc);
- if(::PtInRect(&tempRc, pt)){
- break;
- }else{
- hTargetWnd = ::GetWindow(hTargetWnd, GW_HWNDNEXT);
- }
- }
- if ( !hTargetWnd ) hTargetWnd = parentWnd;
- //窗口标题、编辑框文本的获取
-
- CRect mRect;
- ::GetWindowRect(hTargetWnd, &mRect);
- if( mRect.left < 0 ) mRect.left = 0;
- if (mRect.top < 0 ) mRect.top = 0;
- HPEN newPen = ::CreatePen(0, 3, RGB(125, 0, 125));
- HGDIOBJ oldPen = ::SelectObject(deskDC, newPen);
- ::Rectangle(deskDC, mRect.left, mRect.top, mRect.right, mRect.bottom);
- Sleep(200);
- ::Rectangle(deskDC, mRect.left, mRect.top, mRect.right, mRect.bottom);
- ::SetROP2(deskDC, oldRop2);
- ::SelectObject( deskDC, oldPen);
- ::DeleteObject(newPen);
- ::ReleaseDC(deskWnd, deskDC);
- deskDC = NULL;
- CStatic::OnTimer(nIDEvent);
- }
===================================================
⑨、窗口标题、编辑框文本的获取:
- LRESULT nLen = ::SendMessage(hTargetWnd, WM_GETTEXTLENGTH, 0, 0);
- if (nLen > 0){
- nLen += 1;
- TCHAR *pszBuf = new TCHAR[nLen];
- ZeroMemory(pszBuf, nLen);
- ::SendMessage(hTargetWnd, WM_GETTEXT, nLen, (LPARAM)pszBuf);
- GetParent()->SetDlgItemText(IDC_STATIC_SHOW, pszBuf);
- delete [] pszBuf;
- }
===================================================
- /************************************************************************
- // SmallestWindowFromPoint
- // Notice: from PasswordSpy by Brian Friesen
- //
- // Find the smallest window still containing the point
- //
- // WindowFromPoint returns the first window in the Z-order ->
- // if the password control is sorounded by a Group Box or some other control,
- // WindowFromPoint returns the handle to the sorounding control instead
- // to the password control.
- ************************************************************************/
- HWND SmallestWindowFromPoint(POINT point)
- {
- RECT rect, rcTemp;
- HWND hParent, hWnd, hTemp;
- hWnd = ::WindowFromPoint(point);
- if( hWnd != NULL ) {
- ::GetWindowRect(hWnd, &rect);
- hParent = ::GetParent(hWnd);
- // Has window a parent ?
- if(hParent != NULL) {
- // Search down the Z-Order
- hTemp = hWnd;
- do {
- hTemp = ::GetWindow(hTemp, GW_HWNDNEXT);
- // Search window contains the point, hase the same parent, and is visible?
- ::GetWindowRect(hTemp, &rcTemp);
- if(::PtInRect(&rcTemp, point) && ::GetParent(hTemp) == hParent && ::IsWindowVisible(hTemp)){
- // Is it smaller?
- if(((rcTemp.right - rcTemp.left) * (rcTemp.bottom - rcTemp.top)) < ((rect.right - rect.left) * (rect.bottom - rect.top))) {
- // Found new smaller window!
- hWnd = hTemp;
- ::GetWindowRect(hWnd, &rect);
- }
- }
- } while(hTemp != NULL);
- }
- }
- return hWnd;
- }
- /////////////////////////////////////////////////////////////////////////////////////
- HWND hTargetWnd = SmallestWindowFromPoint(pt);
- if (GetWindowThreadProcessId(GetSafeHwnd(), NULL) == GetWindowThreadProcessId(hTargetWnd, NULL)) {
- GetParent()->SetDlgItemText(IDC_STATIC_SHOW, _T(""));
- return;
- }
------------------------------------- End -------------------------------------------
相关课程演示细节还请观看视频教程!
本套教程由VC驿站原创,提供视频教程+售后答疑服务!
教程介绍及详情请见:https://www.cctry.com/static/vip/index.html
VC驿站Vip会员详情请见:https://www.cctry.com/static/vip/index.html
|
上一篇: VC++高级班之窗口篇-[6]打造自己的“按钮激活专家”下一篇: VC++高级班之窗口篇-[8]模拟鼠标、键盘操作
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
