| Sn!per X |
01-11-2016 20:25 |
[C/C++/Delphi] Custom MessageBox
2 Attachment(s)
http://i.imgur.com/OaCRhu2.gif
MessageBox from Carberp source code leak
c++ code token by naquadria from the leaked code:
Code:
#include <windows.h>
#include <richedit.h>
HHOOK hMsgBoxHook;
HCURSOR hArrow,hIbeam;
INT_PTR CALLBACK EditDlgProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
WNDPROC lpWndProc = (WNDPROC)GetWindowLongPtr(hWnd, GWLP_USERDATA);
switch (uMsg) {
case WM_SETFOCUS: {
return 1;
}
case WM_MOUSEWHEEL: {
return NULL;
}
}
if (GetCursor() == hIbeam)
SetCursor(hArrow);
return CallWindowProc(lpWndProc, hWnd, uMsg, wParam, lParam);
}
INT_PTR CALLBACK StaticDlgProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
bool bCursor = false;
WNDPROC lpWndProc = (WNDPROC)GetWindowLongPtr(hWnd, GWLP_USERDATA);
switch (uMsg) {
case WM_NOTIFY: {
switch (((LPNMHDR)lParam)->code) {
case EN_LINK: {
ENLINK *lpLink = (ENLINK*)lParam;
if (lpLink->msg == WM_LBUTTONUP) {
SendMessage(lpLink->nmhdr.hwndFrom,
EM_EXSETSEL,
0,
(LPARAM)&lpLink->chrg);
TCHAR szBuf[260];
SendMessage(lpLink->nmhdr.hwndFrom,
EM_GETSELTEXT,
0,
(LPARAM)szBuf);
ShellExecute(NULL,
TEXT("open"),
szBuf,
NULL,
NULL,
SW_SHOWNORMAL);
}
bCursor = true;
break;
}
}
break;
}
}
return CallWindowProc(lpWndProc, hWnd, uMsg, wParam, lParam);
}
LRESULT CALLBACK MsgProc(int nCode, WPARAM wParam, LPARAM lParam) {
if (nCode == HC_ACTION) {
CWPSTRUCT *lpMsg = (CWPSTRUCT*)lParam;
switch (LOWORD(lpMsg->message)) {
case WM_INITDIALOG: {
HWND hStatic = GetDlgItem(lpMsg->hwnd,0xFFFF);
RECT rcStatic;
GetClientRect(hStatic, &rcStatic);
TCHAR szBuf[260];
GetWindowText(hStatic, szBuf, 260);
HGDIOBJ hFont = (HGDIOBJ)SendMessage(hStatic,
WM_GETFONT,
NULL,
NULL);
HWND hRich = CreateWindowEx(WS_EX_NOPARENTNOTIFY,
RICHEDIT_CLASS,
NULL,
WS_CHILD + ES_READONLY + WS_VISIBLE + ES_MULTILINE,
0,
0,
rcStatic.right - rcStatic.left + 2,
rcStatic.bottom - rcStatic.top,
hStatic,
NULL,
NULL,
NULL);
SendMessage(hRich,WM_SETFONT,(WPARAM)hFont, 0);
SendMessage(hRich,EM_SETBKGNDCOLOR, 0, 0x00FFFFFF);
SendMessage(hRich,EM_SETEVENTMASK, 0, ENM_LINK);
SendMessage(hRich,EM_AUTOURLDETECT, TRUE, 0);
SetWindowText(hRich,szBuf);
POINT pt = {rcStatic.left,rcStatic.top};
ScreenToClient(lpMsg->hwnd, &pt);
SetWindowLongPtr(hStatic,
GWLP_USERDATA,
SetWindowLongPtr(hStatic,
GWLP_WNDPROC,
(LONG_PTR)StaticDlgProc)
);
SetWindowLongPtr(hRich,
GWLP_USERDATA,
SetWindowLongPtr(hRich,
GWLP_WNDPROC,
(LONG_PTR)EditDlgProc)
);
break;
}
}
}
return CallNextHookEx(hMsgBoxHook, nCode, wParam, lParam);
}
int WINAPI ShowHypeMessageBox(HWND hWnd, LPCTSTR lpText, LPCTSTR lpCaption, UINT uType) {
int dwResult = 0;
hMsgBoxHook = SetWindowsHookEx(WH_CALLWNDPROC,
MsgProc,
NULL,
GetCurrentThreadId()
);
dwResult = MessageBox(hWnd, lpText, lpCaption, uType);
UnhookWindowsHookEx(hMsgBoxHook);
return dwResult;
}
int iWinMain() {
hIbeam = LoadCursor(0, IDC_IBEAM);
hArrow = LoadCursor(0, IDC_ARROW);
LoadLibrary(TEXT("riched20"));
ShowHypeMessageBox(0,
TEXT("website: http://www.at4re.com/f\nemail: mailto:[email protected]\nftp: ftp://at4re.com\n\nCode snippet from carberp leak package."),
TEXT("carberp leak"),
MB_ICONASTERISK);
return 0;
}
----------------------------------------------------------------------
Same code ported to delphi by Agmcz (ex ghost-dz):
Code:
unit uCustomMessageBox;
interface
uses
Windows, Messages, RichEdit, ShellAPI;
function ShowHypeMessageBox(hWnd: HWND; lpText: PChar; lpCaption: PChar; uType: UINT ): Integer;
var
hMsgBoxHook: HHOOK;
hArrow, hIbeam: HCURSOR;
implementation
var
lpWndProc: Pointer;
function EditDlgProc(hWnd: HWND; uMsg: UINT; wParam: WPARAM; lParam: LPARAM):
Integer; stdcall;
begin
Result := 0;
lpWndProc := Pointer(GetWindowLong(hWnd, GWL_USERDATA));
case uMsg of
WM_SETFOCUS: Result := 1;
WM_MOUSEWHEEL: Result := 0;
end;
if GetCursor = hIbeam then
SetCursor(hArrow);
Result := CallWindowProc(lpWndProc, hWnd, uMsg, wParam, lParam);
end;
function StaticDlgProc(hWnd: HWND; uMsg: UINT; wParam: WPARAM; lParam: LPARAM):
Integer; stdcall;
type
PENLINK = ^ENLINK;
var
bCursor: Boolean;
lpLink: PENLINK;
szBuf: array[0..260-1] of Char;
begin
Result := 0;
bCursor := False;
lpWndProc := Pointer(GetWindowLong(hWnd, GWL_USERDATA));
case uMsg of
WM_NOTIFY:
begin
case PNMHdr(lParam)^.code of
EN_LINK:
begin
lpLink := PENLINK(lParam);
if (lpLink^.msg = WM_LBUTTONUP) then
begin
SendMessage(lpLink^.nmhdr.hwndFrom,
EM_EXSETSEL,
0,
Integer(@lpLink^.chrg));
SendMessage(lpLink^.nmhdr.hwndFrom,
EM_GETSELTEXT,
0,
Integer(@szBuf));
ShellExecute(0,
'open',
szBuf,
nil,
nil,
SW_SHOWNORMAL);
end;
bCursor := true;
Exit;
end;
end;
end;
end;
Result := CallWindowProc(lpWndProc, hWnd, uMsg, wParam, lParam);
end;
function MsgProc(nCode: Integer; wParam: WPARAM; lParam: LPARAM): LRESULT;
stdcall;
var
lpMsg: PCWPStruct;
hStatic: HWND;
rcStatic: TRect;
hFont: HGDIOBJ;
hRich: HWND;
szBuf: array[0..260-1] of Char;
pt: TPoint;
begin
Result := 0;
if (nCode = HC_ACTION) then
lpMsg := PCWPStruct(lParam);
case LOWORD(lpMsg^.message) of
WM_INITDIALOG:
begin
hStatic := GetDlgItem(lpMsg^.hwnd, $FFFF);
GetClientRect(hStatic, rcStatic);
GetWindowText(hStatic, szBuf, 260);
hFont := SendMessage(hStatic,
WM_GETFONT,
0,
0);
hRich := CreateWindowEx(WS_EX_NOPARENTNOTIFY,
RICHEDIT_CLASS,
nil,
WS_CHILD + ES_READONLY + WS_VISIBLE + ES_MULTILINE,
0,
0,
rcStatic.right - rcStatic.left + 2,
rcStatic.bottom - rcStatic.top,
hStatic,
0,
0,
nil);
SendMessage(hRich, WM_SETFONT, hFont, 0);
SendMessage(hRich, EM_SETBKGNDCOLOR, 0, $00FFFFFF);
SendMessage(hRich, EM_SETEVENTMASK, 0, ENM_LINK);
SendMessage(hRich, EM_AUTOURLDETECT, 1, 0);
SetWindowText(hRich, szBuf);
ScreenToClient(lpMsg^.hwnd, pt);
SetWindowLong(hStatic,
GWL_USERDATA,
SetWindowLong(hStatic,
GWL_WNDPROC,
LONG_PTR(@StaticDlgProc))
);
SetWindowLong(hRich,
GWL_USERDATA,
SetWindowLong(hRich,
GWL_WNDPROC,
LONG_PTR(@EditDlgProc))
);
Exit;
end;
end;
Result := CallNextHookEx(hMsgBoxHook, nCode, wParam, lParam);
end;
function ShowHypeMessageBox(hWnd: HWND; lpText: PChar; lpCaption: PChar; uType: UINT ): Integer;
var
dwResult: Integer;
begin
dwResult := 0;
hMsgBoxHook := SetWindowsHookEx(WH_CALLWNDPROC,
MsgProc,
0,
GetCurrentThreadId()
);
dwResult := MessageBox(hWnd, lpText, lpCaption, uType);
UnhookWindowsHookEx(hMsgBoxHook);
Result := dwResult;
end;
end.
Example Test:
Code:
program msgbox;
uses
Windows,
uCustomMessageBox;
begin
hIbeam := LoadCursor(0, IDC_IBEAM);
hArrow := LoadCursor(0, IDC_ARROW);
LoadLibrary('riched32.dll');
ShowHypeMessageBox(0,
'website: http://www.at4re.com/f' + #13#10 +
'email: mailto:[email protected]' + #13#10 +
'ftp: ftp://at4re.com' + #13#10 + #13#10 +
'Code snippet from carberp leak package.',
'carberp leak',
MB_ICONASTERISK);
end.
Refferences:
Code:
http://www.at4re.com/f/showthread.php?11697-Custom-MessageBox
http://www.at4re.com/f/showthread.php?11746-Custom-MessageBox
|
