Áú¹®¶õ¿¡ °ü·Ã Áú¹®ÀÌ ¿Ã¶ó¿Í¼ °£´ÜÇÏ°Ô Àû¾î¿ä ^^
µ¨ÆÄÀÌ·Î ¸¸µé¾îÁø ÇÁ·Î±×·¥ÀÌ Àִµ¥ ±× ÇÁ·Î±×·¥ÀÇ Æ¯Á¤ ¹öÆ° °°Àº VCL ¹öÆ°ÀÌ ´·¯ Á³À» ¶§
´Ù¸¥ Åø·Î ¸¸µé¾îÁø ÇÁ·Î±×·¥¿¡¼ VCL ¹öÆ°ÀÇ ÄÜÆ®·Ñ ³×ÀÓÀ» ¾Ë¼ö ÀÖ´Ù¸é À¯¿ëÇÏ°Ô ¾µ ¼ö ÀÖ°ÚÁÒ
»ç½Ç»ó VCL ÄÜÆ®·ÑÀÇ ³×ÀÓ »Ó¸¸ ¾Æ´Ï¶ó, ´Ù¸¥ ÇÁ·Î±×·¥¿¡¼ µ¨ÆÄÀÌ·Î ¸¸µé¾îÁø ÇÁ·Î±×·¥ÀÇ À̺¥Æ® Çڵ鷯 ³×ÀÓÀ̳ª ÁÖ¼Ò, Æз±Æ® Ŭ·¡½º, ¹öÃß¾ó ÇÔ¼ö ÁÖ¼Ò µîµî
¼Ò½ºÄڵ尡 ¾ø´õ¶óµµ µ¨ÆÄÀÌ·Î ¸¸µé¾îÁø ÇÁ·Î±×·¥ÀÇ ¸ðµç °ÍÀ» ÇØÅ·ÇÒ ¼ö ÀÖ¾î¿ä
ÆÁÀÇ ¸ñÀûÀÌ ÇØÅ·ÀÌ ¾Æ´Ï¹Ç·Î ´Ù¸¥ ÇÁ·Î±×·¥¿¡¼ µ¨ÆÄÀÌ·Î ¸¸µé¾îÁø ÇÁ·Î±×·¥ÀÇ VCL ÄÜÆ®·Ñ ³×ÀÓ ¾Ë¾Æ³»´Â ³»¿ë¸¸ ¿Ã¸³´Ï´Ù. ¤»¤»
hack.exe ´Â VC++ ·Î ¸¸µç Äָܼðµå ÇÁ·Î±×·¥ÀÌ°í¿ä. µµ½º¹Ú½º¿¡¼ ½ÇÇàÇؼ
VCL ÄÜÆ®·ÑÀÇ À©µµ¿ì ÇÚµéÀ» ³Ñ°ÜÁÖ¸é ÄÜÆ®·Ñ ³×ÀÓÀ» Ãâ·ÂÇÒ °Ì´Ï´Ù. ¤»¤»
#include <windows.h> #include <string> #include <iostream> #include <sstream> #include <regex>
using namespace std;
int main() { cout << "input window handle (hex): ";
string inputStr; cin >> inputStr;
regex rx("(?:0[xX])?[0-9a-fA-F]+"); if (!regex_match(inputStr, rx)) { cout << "invalid hex value.." << endl; return -1; }
DWORD inHex; istringstream(inputStr) >> hex >> inHex;
DWORD pid = 0; GetWindowThreadProcessId((HWND)inHex, &pid);
if (!pid) { cout << "invalid window handle..." << endl; return -1; }
wchar_t buf[1024]; swprintf_s(buf, L"Delphi%08X", pid);
LPVOID p = GetPropW((HWND)inHex, (LPCWSTR)GlobalFindAtomW(buf)); if (!p) { cout << "it's not a delphi or c++ builder application..." << endl; return -1; }
HANDLE hProcess = OpenProcess(PROCESS_VM_READ, TRUE, pid); if (!hProcess) { cout << "invalid process..." << endl; return -1; }
ReadProcessMemory(hProcess, (PBYTE(p) + 8), buf, 4, &pid); ReadProcessMemory(hProcess, LPCVOID(*PDWORD(buf)), buf, sizeof(buf), &pid); CloseHandle(hProcess);
wcout << L" hacked vcl control name: " << buf << endl;
return 0; }
|