Although Windows is a powerful operating system, some of its congenitality, leaving a lot of multi-multiply, and the famous BO program is to use Windows's vulnerabilities to harm the computer's security. The author recently discovered a very popular tool for acquiring the edit box password, and even its source code was published in a newspaper, which is undoubtedly a complete negation of the Password function of Edit. This article will first analyze the principles of PASSWORD first, and then give Visual C to implement the countermeasures that the Password in the Edit box is not illegally acquired.
(1) illegal access to PASSWORD
Edit is a standard control for Windows. When the Password property is set to True, the input content is shielded as an asterisk (*) to achieve the purpose of protection. The content in the Edit box can be obtained by sending WM_GETTEXT, EM_GETLINE message. The hacker program uses the EDIT's feature, first enumerate all the sub-windows of the current program. When the window is found to be an Edit and have an es_password property, send WM_GETTEXT or EM_GETLINE messages to this window via SendMessage, in which the EDIT box is The content is at a glance.
(2) Protection of Password
As can be seen from the above analysis, the EDIT's vulnerability is that there is no identity that sends a WM_GETTEXT or EM_GETLINE message, as long as the Edit window handle is found, any process can obtain its content. A simple method is given to verify that the identity of the sending message is legal.
1) Create a new CEDIT class
Inheriting a subclass CPasswordedIt from CEDIT, applying global variable g_bauthorIdentity indicates the identity of the message sender:
Bool g_bauthoriddle;
Then respond to the virtual function DEFWINDOWPROC of CWnd, authenticate in this callback function:
Lresult CPasswordedit :: DefWindowProc (uint message,
WPARAM WPARAM, LPARAM LPARAM)
{
/ / The content of the EDIT must be one of the following two messages
IF ((Message == WM_Gettext) ||
(Message == EM_GETLINE)))
{
/ / Check if it is legal
IF (! g_bauthorident)
{
// illegally acquired, display information
AfxMessageBox (_t ("My password, can't let you see!"));
//
Return 0;
}
// legal acquisition
g_bauthoridity = false;
}
Return Cedit :: DefWindowProc (Message, WPARAM, LPARAM);
}
2) Processing in the Data Enter dialog
In the dialog box, a class member m_edtpassword:
CPasswordEdit M_EDtpassword;
Then add the following code in OnInitDialog () of the dialog:
m_edtpassword.subclassdlgitem (idc_edit_password, this);
Its purpose is to associate control with new categories.
The identity is then set to legality in the data exchange of the dialog:
Void CDLGINPUT :: DODATAEXCHANGE (CDATAEXCHANGE * PDX)
{
// If you get data
// Note: No need for the CPROPERTYPAGE class
IF (PDX-> M_BsaveAndValidate)
IF (PDX-> M_BsaveAndValidate)
{
g_bauthoridity = true;
}
CDIALOG :: DODATAEXCHANGE (PDX);
// {{AFX_DATA_MAP (CDLGINPUT)
DDX_TEXT (PDX, IDC_EDit_password, m_spassword); //}} AFX_DATA_MAP
}
This way, the Password input box will be protected.
(3) Item Need to pay attention
The above method is only for the VC program. For VB procedures, you need to make a password's ActiveX control with VC, and the implementation method is similar. At the same time, the above programs are passed on Visual C 6.0, and the passenger PWBTOOL test is passed.
