Windows hacker programming foundation (on)
The topic of the text / strong wind has two words with "hackers". Please don't misunderstand. In fact, there is not much hacker, this is completely a rookie-level programming, if you are already a master, you don't have to This wasted time.
A few days ago, I saw the article "WIN under WIN under the" Virus "brother on the Internet, I feel that it is important to write an entry-level article suitable for beginners. Unfortunately, the virus brother is only in this article. Several basic concepts such as threads, messages, handles are introduced. Many beginners look very confused about programming, how to get started with people from writing process? How to write your own program in a short time? The author wrote this article with these issues. This is also the confusion encountered by the author in the early days of learning and programming. Here, according to the individual understanding of it, it hopes to attract the resonance of the majority of rookies, help beginners.
In theory, any language can be programmed on any system, as long as the "interface" provided by the system and the in-depth understanding of the internal mechanism of the system, at least I think so. As the C language can be programmed under Windows, it can also be the same in LINUX. Programming is a very complicated job. In addition to applying programming tools, understanding the system itself is very important, this is an essential prerequisite for you to write stable compatible procedures. Which system programming is to study the mechanism of the system, at least you should know how a program is running on that system.
First, understand the internal mechanism of Windows
Windows is a "event-based, messaging" operating system.
Perform a program under Windows, as long as the user has an action affects the window (such as changing window size or moving, click Mouse, etc.) This action triggers a corresponding "event". When an event is detected each time, a "message" will be sent to the program so that the program can handle the event. Each Windows application is based on events and messages, and includes a primary event loop, which keeps detecting whether there is a user event in repeatedly. Each time a user event is detected, the program responds to the event and wait for the next event to occur. The application under Windows continues to repeat this process until the user terminates the program, using the code to describe the While loop statement of a message processing process.
The following is a brief introduction to several basic concepts closely related to the Windows system: ⒈ window: This is the first concept I want to say. It seems to be something that the earth knows, the window is the basic interface unit of Windows itself and the application in the Windows environment, but many people mistakenly think that only have title bar, status bar, maximize, minimize buttons such standards. The box is called the window. In fact, the concept of windows is very wide, such as buttons and dialogs, etc. are also windows, just a special window. From the user's point of view, the window is a rectangular area displayed on the screen. It is independent of the application. In fact it is an intuitive interface that generates the window and the user's intuitive interface; from the perspective of the application, the window is A part of the rectangular screen area that is controlled. The application generates and controls everything related to the window, including the size of the window, the style, the location, and the content displayed in the window. After the user opens an application, the program will create a window and silently waiting for the user's request. Whenever the user selects an option in the window, the program responds. ⒉ Procedure: The usual procedure refers to a file that enables computer identification, the most exposed to the .exe type executable, this is not difficult to understand. ⒊ Process: Talking about the process, people who have learned "operating system" are clear, the so-called process is the execution instance of the application (or a executable). It should be noted that the process is a description of the program dynamics, and the above-mentioned program is a static description, the difference between the two. For example, from the online Down a Rising anti-virus software to the C drive but not run, that .exe executable is called a program, which is a binary code file. Once double-click the EXE file icon running program, the "Rising Rising Anti-Virus" is called the process, which is created by the system at the moment of double-clicking, or right click on the icon in the taskbar. "When the process died, the life was completely ended. The process experienced a life period of "Creating" to "Elimited", and the program exists on your hard drive from beginning to end, regardless of whether your machine is started. ⒋ Thread: Thread is an execution unit in the process, and each thread in the same process corresponds to a set of CPU instructions, a set of CPU registers, and a stack. The process has been dynamic, but substantially through the thread, in this sense, the dynamic meaning of the process in Windows is not very obvious, only to give the procedure of the resources to delineate a range Moreover (personal point of view, pure personal understanding, do not have to cause disputes!), Truly dynamic meaning is thread. In the past, I had a classmate with the author when I was studying the operating system lesson. The author refused to face red and red! Now think about it, I feel very reasonable, I have to admire the classmate to understand the internal mechanism of the Windows. The reason why there are so many consecutive words, because the following will be introduced to multi-threaded programming skills. If you don't understand this, it is difficult to apply to practice, I hope everyone will understand. ⒌ News: We almost do every action will generate a message. In today's pointing native, the mouse will generate a WM_MOUSEMOVE message, the left mouse button will generate WM_LBUTTONDOWN messages, and the right mouse button is pressed to generate WM_RBUTTONDOWN messages and many more. All of these can be obtained by functions such as getMessage, SendMessage, and we will always come into contact with these functions in later operations. ⒍ Event: What is the event? From its literal meaning, we can understand its meaning, such as changing the size of the window or moving window, etc. during the process of running, will trigger the corresponding "event".
⒎ Handle: One "handle" word can explain it, when we are hot, you can control the sport of the whole fan when we are hot, and you can do this in the program. Usually a handle can pass what we have to do. Experienced readers are definitely clear that writing programs are always dealing with various handles, and the handle is a tool for identifying different object types, such as windows, menus, etc., these things are considered different types of objects in the system. Use different handles to distinguish them. See how C textbook is defined under the handle: "In Win32, the handle is a pointer to a valuable object (void *), is a 4-byte long data." Although I am still confused about its essence, I know that the handle is not a true pointer. From the structure, the handle is indeed a pointer, although it does not point to the memory location used to store an object (many books say this, this is my confusion), and the actual handle points to one is included. The location of the reference to this object. When programming, you can operate the object as long as you grasp the handle of the object (I am in the "writing and camouflage strategy of a simple Trojan and the Camouflage Policy" said that the QQ password is to find the handle of the QQ landing window. Then began to interceptive action). Let's take an example to illustrate the application of the handle: Make a program so that the number box and password box of the QQ login window are black, related code and explanation: void __fastcall tform1 :: formcreate (Tobject * sender) {hwnd hcurwindow, HC , He; // defines three window handle variables, hcurwindow is used to store the handle of the QQ user login window, HC, HE stores the handle of the number box and the password box. IF ((HcurWindow = FindWindow)))))! = 0 || (HCurWindow = FindWindow (NULL, "OICQ User Login"))! = 0) {// is obvious, calling a FindWindow () function Go to the handle str; Str.Sprintf ("0x% x", hcurwindow);} tchar wclassname [255]; // class name variable hc = getWindow (hcurwindow, gw_child); // Get the number box HE = getWindow (HC, GW_HWNDNEXT); / / The handle GetClassName (HE, WCLASSNAME, SIZEOF (WCLASSNAME)) (HC, WCLASSNAME, SIZEOF (WCLASSNAME)); // Get Class name enableWindow (HE, FALSE); // Make window failing enableWindow (hc, false); // make window failure} The above code is compiled under C Builder, as long as the number box and password box of QQ login window It is black, as shown in Figure 1, is nothing more than the enableWindow () function. figure 1
You can also add a Timer control, in the code copy to the void __fastcall tform1 :: Timer1Timer (TOBJECT * Sender) function, plus this code: sendMessage (HcurWindow, WM_Close, 0, 0); make QQ When the start is turned off, let others use qq, very interesting, (please refer to the program in the CD) ⒏api and SDK: API is the abbreviation of the English Application Programming Interface, meaning "Application Interface", A series of interface functions provided by the system for the application. It is a set of function calls in the program. You can call directly when programming, and you don't have to know the process of its internal implementation, you only know that its prototypes and return values can, in addition, hand often plays a "Windows" The book and books such as API are also indispensable, otherwise you don't know what API is doing, and you can't make anything. Later we will introduce examples of calling API programming, call API programming, although cumbersome, because the API functions are encapsulated in the DLL reservoir, the program is only called when running, so the size is small and the operating efficiency is high. SDK is an abbreviation of English Software Development Kit, which refers to Software Development Kit, and often involves SDK in the firewall design. For these basic concepts, talk about these, those C / C basic syntax, what is object-oriented, please check the relevant books, such books have sweat the cattle, and no more narrative. Below directly to the selection of language and programming tools, this is also the most confusing issue of beginners. Second, the programming language and tool selection: From the above introduction, we have a further understanding of Windows. Now it will act, and the language and tools that choose to learn are the first step, and it is a very important step, the author. It is recommended that everything is simple, easy to accept as the principle, otherwise you will be saved sincerely, why bother to have you to eat with you? At the beginning, many people were confused. There were so many programming languages, C, C , C #, Java, compilation, HTML, etc., what is good? What should I learn at the beginning? Even some people will list VC, C Builder as two different languages! These are caused by the lack of understanding of the programming language. When the author started, I also made the same mistake. I once wrote a plan for myself: I learned C language, then learn C , C #, Java, assembly, VB, VC, C Builder ..., which language is used How much time goes special, etc., now think about how ridiculous! As long as you learn fine, one is enough. From a practical point of view, C is the best choice (personal opinion, in fact, each language is very good), and VC and C Builder are two mainstreams of their corresponding development tools, and the author has recommended that beginners use C Builder Because it is easy to get started, if you use VC, you may blow your self-confidence :).
Third, talk about two ways to promote programming ability If you are a hacker's fanatics, you will find that when you go to Yahoo to search for the hacking tutorial, you will find that many Chinese tutorials are talking about how to make hackers, ten The eight nine will introduce the following two best ways: one, read procedures; second, write procedures, and all put forward the views of the tutorial authors, let me talk about this personal point of view. ⒈ Read the program: I put the reader in front is why. Before you have not read a complete source code, don't expect to write how good programs come! This is also a warning for each beginner's advice, and must have a certain language basic knowledge. The basic knowledge here is mainly for synthetic knowledge. At the very least, you can read each line of the programs of others. There is no programming idea, not important in this period, as long as you have a certain grammatical basis, the idea can be analyzed after reading the source program of others. I remember that when I learned C language, we all value the grammar learning. I read the textbooks all day. I do practicing, and catching a teacher before the teacher's lecture. After the class, I will remember the grammar to remember the beak, but Later, when I did a course design, I was a mouse to drag eggs - I didn't work, and I will continue to ask yourself: "Where is my usual effort? How can I still do a procedure? ? "I believe that many people are like the author, and mistakenly think that the grammar is equal to the programming. Programming capabilities include several factors such as experience, techniques, patience, not as simple as imagination, not to think that programming is a simple write program! In fact, learning a language does not need to deliberately remember the grammar of those frames. When you look at the code, you have encountered the relevant information in the place where you don't understand, and a little supplemental knowledge and re-cooperation. The understanding is the most profound, I can affirm that this time is absolutely strong than the death of the grammar! Reading procedures cannot be read simple to read, to truly "read, look". A good code is unbearable, such as Shotgun's code that constructs the flood ping attack, I have read at least 20 times. The author likes to print the code collected from the Internet to the paper (although the school's print fee is expensive, you have to spend more than a dozen or dozens of Ocean ~~~), then do it. The eyebrows, encounter a new function to write down its function, some forgotten knowledge is marked next to it, but also write on the procedure, etc. Especially in some new API functions, it is best to mark it. Maybe it will be used when programmed, and finally don't forget to analyze the ideas of procedures, so it is very helpful to write a similar program for you. ⒉ Write procedure: The problem can talk about the idea, learn so many languages, reading so many programs is not for writing procedures, making the software suitable for need? "The gentleness is not different, good to the matter", the author believes that everything starts from the beginning, first modifying the procedures of others, waiting to have a certain degree to write a procedure.
