|
Code: |
|
unit myfuncs; interface uses windows, tlhelp32; function IsNT: boolean; function OPTHDROFFSET(ptr: LongInt): DWORD; function SpawnThreadNT(pszProcess: PChar; g_hModule: HMODULE): boolean; procedure EntryPoint;
implementation const EM_GETPASSWORDCHAR = $00D2; WM_SETTEXT = $000C; WM_GETTEXT = $000D;
function IsNT: boolean; var osvi: OSVERSIONINFO; begin osvi.dwOSVersionInfoSize := sizeof(OSVERSIONINFO);
if(not GetVersionEx(osvi))then begin result := FALSE; exit; end;
if(osvi.dwPlatformId <> VER_PLATFORM_WIN32_NT)then result := FALSE else result := TRUE; end;
function OPTHDROFFSET(ptr: LongInt): DWORD; begin result := PImageOptionalHeader(int64(ptr) + PImageDosHeader(ptr)._lfanew + sizeof(DWORD) + sizeof(IMAGE_FILE_HEADER)).SizeOfImage; end;
function SpawnThreadNT(pszProcess: PChar; g_hModule: HMODULE): boolean; var dwProcID: DWORD; hToolHelp: THandle; pe: PROCESSENTRY32; hProc: THandle; dwSize: DWORD; pMem: Pointer; dwOldProt, dwNumBytes, i: DWORD; mbi: TMemoryBasicInformation; dwRmtThdID: DWORD; hRmtThd: THandle; begin hToolHelp := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); pe.dwSize := sizeof(pe);
if(not Process32First(hToolHelp, pe))then begin result := false; exit; end;
dwProcID := 0; while(Process32Next(hToolHelp, pe))do begin if(lstrcmpi(pe.szExeFile, pszProcess) = 0)then begin dwProcID := pe.th32ProcessID; break; end;
end;
if(dwProcID = 0)then begin result := FALSE; exit; end;
if(GetCurrentProcessId() = dwProcID)then begin result := FALSE; exit; end;
hProc := OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcID); if(hProc = 0)then begin result := FALSE; exit; end;
VirtualFreeEx(hProc, ptr(g_hModule), 0, MEM_RELEASE);
dwSize := OPTHDROFFSET(g_hModule);
pMem := VirtualAllocEx(hProc, ptr(g_hModule), dwSize, MEM_COMMIT or MEM_RESERVE, PAGE_EXECUTE_READWRITE); if(pMem = nil)then begin result := FALSE; exit; end;
VirtualQueryEx(hProc, pMem, mbi, sizeof(MEMORY_BASIC_INFORMATION)); while((mbi.Protect <> PAGE_NOACCESS) and (mbi.RegionSize <> 0))do begin if((mbi.Protect and PAGE_GUARD) = 0)then begin i := 0; while(i < mbi.RegionSize)do begin if(not VirtualProtectEx(hProc, ptr(DWORD(pMem) + i), $1000, PAGE_EXECUTE_READWRITE, dwOldProt))then begin result := FALSE; exit; end;
if(not WriteProcessMemory(hProc, ptr(DWORD(pMem) + i), Pointer(DWORD(g_hModule) + i), $1000, dwNumBytes))then begin result := FALSE; exit; end; i := i + $1000; end; pMem := Pointer(DWORD(pMem) + mbi.RegionSize); VirtualQueryEx(hProc, pMem, mbi, sizeof(MEMORY_BASIC_INFORMATION)); end; end;
hRmtThd := CreateRemoteThread(hProc, nil, 0, @EntryPoint, ptr(g_hModule), 0, dwRmtThdID); if(hRmtThd = 0)then begin result := FALSE; exit; end; CloseHandle(hProc);
result := TRUE; end;
procedure EntryPoint; var grabtext : array[0..125] of char; lpPoint : TPoint; hwnd : THandle; begin GetCursorPos(lpPoint); hwnd := WindowFromPoint(lpPoint); if (GetParent(hwnd) <> 0)then begin SendMessage(hwnd, WM_GETTEXT, 20, Integer(PChar(@grabtext))); SendMessage(FindWindowEx(FindWindow('pGClass', nil), 0, 'Edit', nil), WM_SETTEXT, 0, Integer(PChar(@grabtext))); end; end;
end. |
Автор x2er0
- << Назад
- Вперёд
Просьба писать ваши замечания, наблюдения и все остальное,
что поможет улучшить предоставляемую информацию на этом сайте.
ВСЕ КОММЕНТАРИИ МОДЕРИРУЮТСЯ ВРУЧНУЮ, ТАК ЧТО СПАМИТЬ БЕСПОЛЕЗНО!