Description.
This code when run gets the password from a password
window of any application. To try it out use the
following procedure to get the password.
Procedure:
- Run the code . A small
window will open.
- Now open an application,
which inputs password. Try opening a MSN messenger
window or Yahoo messenger window or any other window
of your choice.
- Now you will see two
windows. Put the password in the password box of the
window.
- Click in the password box
of the application window.
- Then click the button "Get
Password" of the VB form.
- Again click on the
password box of the application window.
- Wait for 5 seconds . The
password will be seen in alphabets not as *****.
- Thus the password is
exposed.
Source Code:
API Description :
- GetCursorPos :
' GetCursorPos: API
used to get the current mouse pointer location.
'Parameters
'lpPoint
'[out] Long pointer to a POINT structure
that receives the screen coordinates of the cursor.
'Return Values.
'Nonzero indicates success. Zero indicates failure.
To get extended error information, call GetLastError.
'Remarks
'The cursor position is always given in
screen coordinates and is not affected by the
mapping mode of the window that contains the cursor.
Public
Shared
Function <DllImport("user32")>
_
GetCursorPos(ByRef
lpPoint As
POINTAPI) As
Integer
End
Function
- WindowFromPoint:
'WindowFromPoint: API
is used to get the window handle by giving the
' location
' Parameters
'Point
'Specifies a POINT structure that defines
the point to be checked.
'Return Values.
'A handle to the window that contains the point
indicates success. NULL indicates that no window
exists at the specified point. A handle to the
window under the 'static' text control indicates
that the point is over a static text control.
Public
Shared
Function <DllImport("user32")>
_
WindowFromPoint(ByVal
xPoint As
Integer, _
ByVal yPoint
As
Integer)
As
Integer
End
Function
- GetClassName:
' GetClassName: By
passing window handle this will return the class
name of
' window object.
' Parameters
'hWnd
'Handle to the window and, indirectly, the
class to which the window belongs.
'lpClassName
'Long pointer to the buffer that is to
receive the class name string.
'nMaxCount
'Specifies the length, in characters, of
the buffer pointed to by the lpClassName parameter.
The class
name string is truncated if it is longer than the
buffer.
'Return Values
' 'The number of characters copied to the specified
buffer indicates success. ' Zero indicates failure.
To
get extended error information, call GetLastError.
Public
Shared
Function <DllImport("user32")>
_
GetClassName(ByRef
hwnd As
Integer,
ByVal _
lpClassName As
String,
ByRef
nMaxCount As
Integer)
As
Integer
End
Function
- SendMessage:
'SendMessage: API
used to send a message to another window.
' Parameters.
'hWnd.
'[in] Handle to the window whose window procedure
will receive the message. If this parameter is
HWND_BROADCAST, the message is sent to all top-level
windows in 'the' system, including disabled or
invisible unowned windows, overlapped windows, 'and
pop'-up windows; but the message is not sent to
child windows.
'Msg.
'[in] Specifies the message to be sent.
'wParam.
'[in] Specifies additional message-specific
information.
'lParam.
'[in] Specifies additional message-specific
information.
'Return Values.
'The return value specifies the result of the
message processing and depends 'on the message sent.
Public
Shared
Function <DllImport("user32")>
_
SendMessage(ByVal
hwnd As
Integer,
ByVal wMsg
As
Integer, _
ByVal wParam
As
Integer,
ByVal lParam
As
Integer)
As
Integer
End
Function
End Class
General Description:
Waooooo getting password was
never so easy. Lets dissect the code.
The "GetCursorPos" api gets the current mouse position
on the screen in a structure i.e. the x and y
coordinates on the screen.
The "WindowFromPoint" api gets
the window handle from the x and y coordinates.
The "GetClassName" api gets the
classname of the control on which mouse is placed might
be a "text" or an "edit" control (Password).
The "SendMessage" api sends the
window (of which we are having the handle) , the
control(text or edit) a message where in the password
character is changed from * to nothing (0) . Meaning
that no password char is applicable to the edit box.
Thus the password is exposed.