Password Detector under Win2000/XP/2003

Under Win98, for the password box of other programs, we can use the SendMessage function to get the contents of this password box for the next WM_GETTEXT command in this password box. But since 2000, Microsoft's security awareness seems to be a little stronger. Use this command for normal windows, but it doesn't work for the password box.

There are quite a few similar programs that are obtained by creating a dynamic link library, but it is too much trouble. In fact, we have a simpler approach. That is to give it the next command, remove the properties of its password box, then get its contents, and finally restore the properties of its password box.

{
Item: Win2000 /XP /2003 under asterisk password detector
Author: Huang Tao [email protected]
Date: January 18, 2004
}
unit uPassword;

interface

uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, ExtCtrls; Br>

type
TfrmPassword = class(TForm)
edPassword: TEdit; //Display the password text box
Timer1: TTimer; //Timer
procedure Timer1Timer(Sender: TObject) ;
private
{ Private declarations }
public
{ Public declarations }
end;

var
frmPassword: TfrmPassword;

implementation< Br>

{$R *.dfm}

procedure TfrmPassword.Timer1Timer(Sender: TObject);
var s:pchar;
i,n:integer;
p: Tpoint;h:integer;
c:integer;
begin
getcursorpos(p); //get the position of the current cursor
h:=windowfrompoint(p); //When the cursor to the window handle
n:= getwindowlong (h, GWL_STYLE); //take the window's properties
if (n and $20) <>0 then begin //determine whether it is a password Box
c:=sendMessage(h, EM_GETPASSWORDCHAR,0, 0);
//Get the current character of the password box such as ''*'', etc.
PostMessage(h,EM_SETPASSWORDCHAR,0,0);
//Set the password box character is empty, that is, remove the password attribute of the password box,

//This must use PostMessage, but can not use SendMessage, the latter is invalid
i: = sendmessage(h,WM_GETTEXTLENGTH,0,0);inc(i);
//Get the length of the password string
getmem(s,i); //allocate memory
sendmessage(h,WM_GETTEXT, i, longint (s)); //get the password string
edPassword.Text := s; //put the password into the text box
postMessage (h, EM_SETPASSWORDCHAR, c, 0); //restore The original password attribute
freemem(s); //release memory
end;
end;

end.

This program is in Window Server 2003, Delphi 7.0 Compiled under Enterprise. However, this program is only valid for programs that are not protected, such as QQ ganme, etc., but there is still no way for some programs that prevent it. For example, the password box of QQ2004 Beta is useless. It can be seen that the security of the Win2000/XP/2003 password box is also relative. If you want to be safe, you must find your own way.