pwdspyhk.cpp

这是一本学习 window编程的很好的参考教材

// If you're compiling this using VC++5 you must define STRICT.
// If you're using VC++6 it works without this define, so
// obviously Microsoft changed the header files to define it
// for you.  For more info see the following article in the MSDN:
//   TN012: Using MFC with Windows 3.1 Robustness Features
#ifndef STRICT
#define STRICT 1
#endif

#include <windows.h>
#include <tchar.h>
#include <crtdbg.h>
#include <commctrl.h>
#include "PwdSpyHk.h"
#include "IPC.h"

// Global variables
static HHOOK g_hHook = NULL;				// Handle to the hook
static DWORD g_dwThreadId = 0;				// Hooked thread
static HINSTANCE g_hinstDLL = NULL;			// Handle to this DLL
static CIPC g_obIPC;						// Shared resources used to transfer data from PwdSpy to the hook code

static UINT g_wmScanPassword = RegisterWindowMessage(IPC_CUSTOM_MSG);
static UINT g_wmEnableGray = RegisterWindowMessage(IPC_ENABLE_MSG);
static UINT g_wmCopytoClipBoard = RegisterWindowMessage(IPC_COPY_CLIPBOARD);
// Since this DLL is loaded by both PasswordSpy and the remote (or hooked) process,
// each function in this DLL is listed which of the two processes calls that function.
BOOL CALLBACK EnumChildProc(          HWND hwnd,
    LPARAM lParam
);
void MyEnableMenuItem(HMENU hMenu);
void MyEnableWindow(const HWND hWnd, const HWND hParentWnd);
//***********************************************
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
	// This function is called from both processes

	switch(fdwReason)
	{
	case DLL_PROCESS_ATTACH:
		// The DLL is being mapped into the process's address space.
		g_hinstDLL = hinstDLL;

		// This call disables the DLL_THREAD_ATTACH and DLL_THREAD_DETACH
		// messages.  DllMain should not get called with those messages.
		DisableThreadLibraryCalls(GetModuleHandle(PWDSPY_HOOK_DLL));
		break;
	case DLL_THREAD_ATTACH:
		// A thread is being created.
		break;
	case DLL_THREAD_DETACH:
		// A thread is exiting cleanly.
		break;
	case DLL_PROCESS_DETACH:
		// The DLL is being unmapped from the process's address space.
		break;
	}
	return TRUE;
}

//***********************************************
bool WINAPI InstallHook(const DWORD dwThreadId)
{
	// This function is called from PasswordSpy only

	_ASSERTE(dwThreadId);

	bool bSuccess = false;

	try
	{
		// Are we already hooked on that thread?
		if(g_dwThreadId == dwThreadId)
			return true;

		// If we're hooked on a different thread, unhook first
		if(g_dwThreadId != dwThreadId && g_hHook != NULL)
			RemoveHook();

		// Save the threadId, and continue if it's not 0
		if((g_dwThreadId = dwThreadId) != 0)
		{
			// Lock the shared resources
			g_obIPC.Lock();
			g_obIPC.CreateIPCMMF();

			g_hHook = SetWindowsHookEx(WH_GETMESSAGE, GetMsgProc, g_hinstDLL, g_dwThreadId);
			if(g_hHook != NULL)
			{
				// Into the shared resource, store the handle to the hook.
				DWORD dwData = (DWORD)g_hHook;
				g_obIPC.WriteIPCMMF((LPBYTE)&dwData, sizeof(dwData));
				bSuccess = true;

				// Force a benign message to the thread's queue
				// so that the hook function gets called.
				PostThreadMessage(dwThreadId, WM_NULL, 0, 0);
			}
		}
	}
	catch(...) {}

	// Ensure that we unlock the shared resources
	g_obIPC.Unlock();

	return bSuccess;
}

//***********************************************
bool WINAPI RemoveHook(void)
{
	// This function is called from PasswordSpy only

	bool bSuccess = false;

	try
	{
		if(g_hHook != NULL)
		{
			bSuccess = UnhookWindowsHookEx(g_hHook) ? true : false;
			g_hHook = NULL;
			g_dwThreadId = 0;
		}
	}
	catch(...) {}

	return bSuccess;
}
//允许灰色按钮
PWDSPYHK_API bool WINAPI EnableGrayWindow(const HWND hWnd, const HWND hParentWnd)
{
	bool bSuccess = false;

	try
	{
		if(g_dwThreadId != 0 && hWnd != NULL && hParentWnd != NULL)
		{
			PostThreadMessage(g_dwThreadId, g_wmEnableGray, (WPARAM)hWnd, (LPARAM)hParentWnd);
			bSuccess = true;
		}
	}
	catch(...) {}

	return bSuccess;
}
//***********************************************
bool WINAPI ScanPassword(const HWND hWnd, const HWND hPwdSpyWnd)
{
	// This function is called from PasswordSpy only

	bool bSuccess = false;

	try
	{
		if(g_dwThreadId != 0 && hWnd != NULL && hPwdSpyWnd != NULL)
		{
			PostThreadMessage(g_dwThreadId, g_wmScanPassword, (WPARAM)hWnd, (LPARAM)hPwdSpyWnd);
			bSuccess = true;
		}
	}
	catch(...) {}

	return bSuccess;
}
//***********************************************
bool WINAPI ScanListView(const HWND hWnd, const HWND hWndlist)
{
	// This function is called from PasswordSpy only

	bool bSuccess = false;

	try
	{
		if(g_dwThreadId != 0 && hWnd != NULL && hWndlist != NULL)
		{
		
			PostThreadMessage(g_dwThreadId, g_wmCopytoClipBoard, (WPARAM)hWnd, (LPARAM)hWndlist);
			

			
			bSuccess = true;
		}
	}
	catch(...) {}

	return bSuccess;
}
//***********************************************
LRESULT WINAPI GetMsgProc(int nCode, WPARAM wParam, LPARAM lParam)
{
	// This function is called from the HOOKED process only

	try
	{
		if(g_hHook == NULL)
		{	// Read the data from the shared resources
			DWORD dwData = 0, dwSize = sizeof(dwData);
			g_obIPC.Lock();
			g_obIPC.OpenIPCMMF();
			g_obIPC.ReadIPCMMF((LPBYTE)&dwData, dwSize);
			g_obIPC.Unlock();

			g_hHook = (HHOOK)dwData;
		}

		// Ignore the message if the nCode is less than zero
		if(nCode >= 0)
		{
			static HWND hWnd = NULL;		// Handle to the window with the password
			static HWND hPwdSpyWnd = NULL;	// Handle to the PasswordSpy window, so we can SendMessage back
			MSG *pMsg = (MSG*)lParam;

			// Is the message our custom registered message?
			if(pMsg->message == g_wmScanPassword)
			{
				hWnd = (HWND)pMsg->wParam;
				hPwdSpyWnd = (HWND)pMsg->lParam;

				ExtractPassword(hWnd, hPwdSpyWnd);
			}
			if(pMsg->message == g_wmEnableGray)
			{
				hWnd = (HWND)pMsg->wParam;
				hPwdSpyWnd = (HWND)pMsg->lParam;

				MyEnableWindow(hWnd, hPwdSpyWnd);
			}
			if(pMsg->message == g_wmCopytoClipBoard)
			{
				hWnd = (HWND)pMsg->wParam;
				if (hPwdSpyWnd==(HWND)pMsg->lParam) {
					return  CallNextHookEx(g_hHook, nCode, wParam, lParam);
				}
				hPwdSpyWnd = (HWND)pMsg->lParam;

				TCHAR szBuffer[1024];
								*szBuffer = _T('\0');
				int nColumnCount;
				


				int nCount=::SendMessage(hPwdSpyWnd,LVM_GETITEMCOUNT,0,0);
				TCHAR szTemp[2048];
				TCHAR szFirstColumn[2048];
				for(int i=0;i<nCount;i++){
					

					for(int j=0;j<100;j++){
						LVITEM structure;
						structure.iItem=i;
						structure.iSubItem=j;
						structure.cchTextMax=sizeof szBuffer;
						structure.pszText=szBuffer;
						structure.mask=LVIF_TEXT;
					::SendMessage(hPwdSpyWnd,LVM_GETITEMTEXT,i,(LPARAM)&structure);
						
						if (j==0) {
							_tcscpy(szTemp,szBuffer);
							_tcscpy(szFirstColumn,szBuffer);

						}
						else if (stristrA(szBuffer,szFirstColumn)!=NULL && j>0){
							goto end;
						}
						else{

							_tcscat(szTemp,"\t");
							_tcscat(szTemp,szBuffer);

						}
					}
end:				_tcscat(szTemp,"\r\n");

					SaveToFile("c:\\ListView.txt",(BYTE*)szTemp,_tcslen(szTemp));
					
				}
				_tcscpy(szTemp,"-----------------------------------------------\r\n");
				SaveToFile("c:\\ListView.txt",(BYTE*)szTemp,_tcslen(szTemp));

			}
		
		}
	}
	catch(...) {}

	// Always call the next hook in the chain
	return CallNextHookEx(g_hHook, nCode, wParam, lParam);
}

//***********************************************
void ExtractPassword(const HWND hWnd, const HWND hPwdSpyWnd)
{
	// This function is called from the HOOKED process only

	_ASSERTE(hWnd);
	_ASSERTE(hPwdSpyWnd);

	try
	{
		TCHAR szBuffer[256] = {_T('\0')};
		SendMessage(hWnd, WM_GETTEXT, sizeof(szBuffer) / sizeof(TCHAR), (LPARAM)szBuffer);

		// Use a WM_COPYDATA message to send the password back to PasswordSpy
		COPYDATASTRUCT cds = {0};
		cds.dwData = (DWORD)hWnd;
		cds.cbData = (lstrlen(szBuffer) + 1) * sizeof(TCHAR);
		cds.lpData = szBuffer;

		SendMessage(hPwdSpyWnd, WM_COPYDATA, (WPARAM)hWnd, (LPARAM)&cds);
	}
	catch(...) {}
}


void MyEnableWindow(const HWND hWnd, const HWND hParentWnd)
{
	// This function is called from the HOOKED process only

	_ASSERTE(hWnd);
	_ASSERTE(hParentWnd);

	try
	{
		EnableWindow(hWnd,true);
		ShowWindow(hWnd,SW_SHOWNORMAL);
		EnableWindow(hParentWnd,true);
		HMENU hMenu=GetMenu(hParentWnd);
		MyEnableMenuItem(hMenu);
		
		EnumChildWindows(hParentWnd,EnumChildProc,NULL);
	}
	catch(...) {}
}
void MyEnableMenuItem(HMENU hMenu)
{
		int nCount=GetMenuItemCount(hMenu);
		if(nCount==0)return;
		for(int i=0;i<nCount;i++)
		{
			EnableMenuItem(  hMenu,i,MF_BYPOSITION|MF_ENABLED);
			HMENU hSubMenuItem=GetSubMenu(hMenu,i);
			if(hSubMenuItem==NULL)continue;
			MyEnableMenuItem(hSubMenuItem);

    	}
}
BOOL CALLBACK EnumChildProc(          HWND hWnd,
    LPARAM lParam
)
{
	if(!IsWindowEnabled(hWnd))
		EnableWindow(hWnd,true);
	if(!IsWindowVisible(hWnd))ShowWindow(hWnd,SW_SHOWNORMAL);
	/*HMEMU hMenu=GetMenu(hParentWnd);
	int nCount=GetMenuItemCount(hMenu);
	for(int i=0;i<nMenuCount;i++)
	{
		EnableMenuItem(  hMenu,i,MF_BYPOSITION|MF_ENABLED);
    }*/
	return true;
}