Title: How does CRACK's experience in CRACK 3 - How to get an edit text content in the Delphi program (1 thousand words)
Sender: y97523 [
Short message]
Time: 2002-03-09 19:58:37
Reading: 284
details:
CRACK's intra-handwriting 3 - How to get an edit text content in the Delphi program
---------- CRACK's intra-handwriting 2 - my first registration machine ---
/ / -------------------------------------------------------------------------------------------- ----------------
Experimental Tools: Ida Pro, Delphi 6, Softice4.05
Experimental purpose: Discover how Delphi-compiled procedures obtain text box (edit) data (Text) without API functions
/ / -------------------------------------------------------------------------------------------- ----------------
1. Compose a simple test program with Delphi
A form contains an Edit, a Button, the code is as follows
Procedure TFORM1.BUTTON1CLICK (Sender: TOBJECT);
Begin
ShowMessage (edit1.text);
END;
------- ^ ~
Edit.Text seems to call the following similar function (can be seen from the negative assembly of the IDA, but called tcontrol :: getText)
// Explore the Source / Vcl / Controls.Pas directory from Delphi6
Function Tcontrol.getTextBuf (buffer: pchar; bufsize: integer): Integer;
Begin
Result: = Perform (wm_gettext, bufsize, longint (buffer);
// perform (msg: cardinal; wparam, lparam: longint): longint
// Responds as if the control receivated a specified windows message.
END;
From this we can see Delphi, send a WM_GETTEXT message directly to the EDIT through the Perform function!
Note that this WM_GETTEXT message is simulated. If you use BPX Msgfun, you can't be used, in fact, it is the way to call WndProc!
2. Exe in Ida disassembly 1 is also visible
Call @ tcontrol @ getText;
// --------------------------
@ Tcontrol @ gettext proc near
...
Call unknown_libname_169
...
// --------------------------
Unknown_libname_169 proc near
...
Call @ Controls @ Tcontrol @ Perform $ qqruiii; controls :: tcontrol :: Perform (uint, int, int, int)
...
3. Conclusion: Delphi gets the content of Text by sending WM_Gettext to Edit (directly calling WndProc, without using message functions) message!
GetText () {
Call WndProc (WM_Gettext);
}
|
WndProc (msg) {
DEFWNDPROC (MSG);
}
The self-value of Text is given by the DefWndProc system function!
Attachment: It seems that Borload's guys is indeed different from
