获得外部应用程序文本输入框中的内容(100分)

怎么通过一个应用程序中的文本输入框的句柄获得里面已经存在的内容呢？<br>（例如捕获到某个运行中的delphi编制的程序中的edit1.text。但<br>该程序不一定是delphi编制的，注意一般性。）<br>

你想做什么？请给我妹儿。<br>Rain_Alinn@163.net<br>

getwindowtext()

var<br>&nbsp; len: Integer;<br>&nbsp; value: String;<br>begin<br>&nbsp; len := SendMessage(edtHandle, WM_GETTEXTLENGTH, 0, 0);<br>&nbsp; setLength(value, len);<br>&nbsp; SendMessage(edtHandle, WM_GETTEXT, len+1, LongInt(value));<br>end;<br>//edtHandle是文本输入框的句柄<br>//value中的内容就是

写错了，getwindowtext() 是获取窗口的，<br>还是看 独帅 的吧 ，不过这种方法2000下去不到密码框的东西。<br>

//=================================================================<br>//程序：截取信息<br>//制作：春意 delphi制作 Email:yanchunyi@163.com<br>//注：(请保留以上内容)<br>//=================================================================<br>//所用控件：Button1、Button2、Timer1、Edit1<br>unit Unit1;<br><br>interface<br><br>uses<br>&nbsp; Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,<br>&nbsp; Dialogs, StdCtrls, ExtCtrls;<br><br>type<br>&nbsp; TForm1 = class(TForm)<br>&nbsp; &nbsp; Edit1: TEdit;<br>&nbsp; &nbsp; Button1: TButton;<br>&nbsp; &nbsp; Button2: TButton;<br>&nbsp; &nbsp; Timer1: TTimer;<br>&nbsp; &nbsp; procedure FormCreate(Sender: TObject);<br>&nbsp; &nbsp; procedure Timer1Timer(Sender: TObject);<br>&nbsp; &nbsp; procedure Button1Click(Sender: TObject);<br>&nbsp; &nbsp; procedure Button2Click(Sender: TObject);<br>&nbsp; private<br>&nbsp; &nbsp; { Private declarations }<br>&nbsp; public<br>&nbsp; &nbsp; { Public declarations }<br>&nbsp; end;<br><br>var<br>&nbsp; Form1: TForm1;<br><br>implementation<br><br>{$R *.dfm}<br><br>procedure TForm1.FormCreate(Sender: TObject);<br>begin<br>&nbsp; &nbsp; Button1.Caption := '开始';<br>&nbsp; &nbsp; Button2.Caption := '停止';<br>&nbsp; &nbsp; Timer1.Interval := 100;<br>&nbsp; &nbsp; Timer1.Enabled := false;<br>end;<br><br>procedure TForm1.Timer1Timer(Sender: TObject);<br>var<br>&nbsp; &nbsp; hwndfore,hwndfocus:hwnd; //窗口、控件句柄<br>&nbsp; &nbsp; dwThreadidWORD;//线程、风格<br>&nbsp; &nbsp; content:array[0..255]of char;<br>begin<br>&nbsp; &nbsp; hwndfore := getforegroundwindow();<br>&nbsp; &nbsp; dwThreadid := getwindowthreadprocessid(hwndfore,nil);<br>&nbsp; &nbsp; attachThreadinput(Getcurrentthreadid(),dwThreadid,true);<br>&nbsp; &nbsp; hwndfocus := getfocus();<br>&nbsp; &nbsp; sendmessage(hwndfocus,WM_GETTEXT,100,LongInt(@content));<br>&nbsp; &nbsp; //判断，密码框除外<br>&nbsp; &nbsp; Edit1.Text :=content;<br>end;<br><br>procedure TForm1.Button1Click(Sender: TObject);<br>begin<br>&nbsp; &nbsp; Timer1.Enabled := true;<br>end;<br><br>procedure TForm1.Button2Click(Sender: TObject);<br>begin<br>&nbsp; &nbsp; Timer1.Enabled := false;<br>end;<br><br>end.

可以实现在2000看到密码框内的内容吗？

问： 可以实现在2000看到密码框内的内容吗？ <br>答： 可以

问： 可以实现在2000看到密码框内的内容吗？ <br>答： 可以<br><br>上面两段代码都不能看到win2000的密码，我在delphi6.0 @ win2000下调试过。

你问的是 <br>“可以实现在2000看到密码框内的内容吗？”<br>我答的是 “可以”<br><br>从头到尾我没说过用那段代码呀，呵呵，

人在昆明很无聊。

引用这个单元，看看他公布的 函数，就知道啦，可以取2000 的*<br>采用了线程注入。<br>unit ReadWndText;<br><br>interface<br><br>uses<br>&nbsp; Classes, Windows, Messages;<br><br>const<br>&nbsp; MAX_THREAD_SIZE = $FF * $4;<br>&nbsp; // type define,here<br>type<br>&nbsp; TSendMessageProc = function(hWnd: THandle;<br>&nbsp; &nbsp; uMsg: UINT;<br>&nbsp; &nbsp; wParam: LongInt;<br>&nbsp; &nbsp; lParam: LongInt): LRESULT; stdcall;<br>&nbsp; TThreadData = record<br>&nbsp; &nbsp; hWnd: THandle;<br>&nbsp; &nbsp; AddrOfSendMSG: TSendMessageProc;<br>&nbsp; &nbsp; Text: Pointer;<br>&nbsp; &nbsp; TextLen: Integer;<br>&nbsp; end;<br>&nbsp; PThreadData = ^TThreadData;<br>&nbsp; // export function define,here<br>function ReadWindowText(hWnd: THandle; buf: PChar; var len: Integer): Boolean;<br><br>implementation<br><br>function threadFunc(P: Pointer): DWORD; stdcall;<br>var<br>&nbsp; PData: PThreadData;<br>begin<br>&nbsp; if (P = nil) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := 0;<br>&nbsp; &nbsp; Exit;<br>&nbsp; end;<br>&nbsp; PData := PThreadData(P);<br>&nbsp; PData^.AddrOfSendMSG(PData^.hWnd,<br>&nbsp; &nbsp; WM_GETTEXT,<br>&nbsp; &nbsp; PData^.TextLen,<br>&nbsp; &nbsp; LongInt(@PData^.Text));<br>&nbsp; Result := PData^.TextLen;<br>end;<br><br>function ReadWindowText(hWnd: THandle; buf: PChar; var len: Integer): Boolean;<br>var<br>&nbsp; threadID: DWORD;<br>&nbsp; ProcID: DWORD;<br>&nbsp; hProc: THandle;<br>&nbsp; pThreadAddr: Pointer;<br>&nbsp; pParamAddr: Pointer;<br>&nbsp; pTextBuf: Pointer;<br>&nbsp; dwThreadID, dwBufWrite, dwBufRead: DWORD;<br>&nbsp; hThread: THandle;<br>&nbsp; bWrite: BOOL;<br>&nbsp; pParam: PThreadData;<br>&nbsp; hMod: THandle;<br>label<br>&nbsp; Cleanup;<br>begin<br>&nbsp; GetWindowThreadProcessId(hWnd, ProcID);<br>&nbsp; if (ProcID = 0) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; Exit;<br>&nbsp; end;<br>&nbsp; hProc := OpenProcess(PROCESS_ALL_ACCESS, False, ProcID);<br>&nbsp; if (hProc = 0) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; Exit;<br>&nbsp; end;<br>&nbsp; // alloc a space in object process virtual memory<br>&nbsp; pThreadAddr := VirtualAllocEx(hProc,<br>&nbsp; &nbsp; nil,<br>&nbsp; &nbsp; MAX_THREAD_SIZE,<br>&nbsp; &nbsp; MEM_COMMIT or MEM_RESERVE,<br>&nbsp; &nbsp; PAGE_EXECUTE_READWRITE);<br>&nbsp; if (pThreadAddr = nil) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; goto Cleanup;<br>&nbsp; end;<br>&nbsp; // write address of threadFunc in virtual memory<br>&nbsp; bWrite := WriteProcessMemory(hProc,<br>&nbsp; &nbsp; pThreadAddr,<br>&nbsp; &nbsp; @threadFunc,<br>&nbsp; &nbsp; MAX_THREAD_SIZE,<br>&nbsp; &nbsp; dwBufWrite);<br>&nbsp; if not bWrite then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; goto Cleanup;<br>&nbsp; end;<br>&nbsp; //<br>&nbsp; hMod := LoadLibrary('User32.dll');<br>&nbsp; //<br>&nbsp; pTextBuf := VirtualAllocEx(hProc,<br>&nbsp; &nbsp; nil,<br>&nbsp; &nbsp; len,<br>&nbsp; &nbsp; MEM_COMMIT,<br>&nbsp; &nbsp; PAGE_EXECUTE_READWRITE);<br>&nbsp; pParamAddr := VirtualAllocEx(hProc,<br>&nbsp; &nbsp; nil,<br>&nbsp; &nbsp; sizeof(TThreadData),<br>&nbsp; &nbsp; MEM_COMMIT,<br>&nbsp; &nbsp; PAGE_EXECUTE_READWRITE);<br>&nbsp; GetMem(pParam, sizeof(TThreadData));<br>&nbsp; pParam^.hWnd := hWnd;<br>&nbsp; pParam^.Text := pTextBuf;<br>&nbsp; pParam^.AddrOfSendMSG := GetProcAddress(hMod, 'SendMessageA');<br>&nbsp; pParam^.TextLen := len;<br><br>&nbsp; if (pParamAddr = nil) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; goto Cleanup;<br>&nbsp; end;<br>&nbsp; bWrite := WriteProcessMemory(hProc,<br>&nbsp; &nbsp; pParamAddr,<br>&nbsp; &nbsp; pParam,<br>&nbsp; &nbsp; sizeof(TThreadData),<br>&nbsp; &nbsp; dwBufWrite);<br>&nbsp; if not bWrite then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; goto Cleanup;<br>&nbsp; end;<br>&nbsp; //<br>&nbsp; hThread := CreateRemoteThread(hProc, nil, 0, pThreadAddr, pParamAddr, 0,<br>&nbsp; &nbsp; dwThreadID);<br>&nbsp; if (hThread = 0) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; goto Cleanup;<br>&nbsp; end;<br>&nbsp; WaitForSingleObject(hThread, INFINITE);<br>&nbsp; ReadProcessMemory(hProc, pParamAddr, pParam, sizeof(TThreadData), dwBufRead);<br>&nbsp; if (dwBufRead &lt;= 0) then<br>&nbsp; begin<br>&nbsp; &nbsp; Result := False;<br>&nbsp; &nbsp; Exit;<br>&nbsp; end;<br>&nbsp; CopyMemory(buf, @pParam^.Text, Len);<br>&nbsp; Result := True;<br>&nbsp; Cleanup:<br>&nbsp; if (pTextBuf &lt;&gt; nil) then<br>&nbsp; &nbsp; VirtualFreeEx(hProc, pTextBuf, MAX_THREAD_SIZE, MEM_RELEASE);<br>&nbsp; if (pParamAddr &lt;&gt; nil) then<br>&nbsp; &nbsp; VirtualFreeEx(hProc, pParamAddr, sizeof(TThreadData), MEM_RELEASE);<br>&nbsp; if (pThreadAddr &lt;&gt; nil) then<br>&nbsp; &nbsp; VirtualFreeEx(hProc, pThreadAddr, MAX_THREAD_SIZE, MEM_RELEASE);<br>&nbsp; if (hProc &lt;&gt; 0) then<br>&nbsp; &nbsp; CloseHandle(hProc);<br>&nbsp; if (hMod &lt;&gt; 0) then<br>&nbsp; &nbsp; FreeLibrary(hMod);<br>end;<br><br>end.<br><br>

&nbsp; 先获得编辑框（edit）的句柄，再用<br>sendmessage（hwnd，wm_setfocus,0,0); &nbsp;// 使之聚焦<br>sendmessage（hwnd，em_setsel,0,20); //选择编辑框中的第1到第21字符<br>&nbsp;sendmessage（hwnd，wm_copy,0,0); &nbsp;//将选择的字符复知道剪贴板<br>if clipboard.hasformat(cf_text) then<br>edit1.text:=clipboard.astext ; &nbsp; &nbsp; &nbsp; &nbsp;//将剪贴板上的数据赋值给你自己程序的编辑框。<br>&nbsp; &nbsp; &nbsp; &nbsp;别忘了在uses 中对clipbrd单元的引用。<br>&nbsp; 如果edit是密码框，可以在使之聚焦前用<br>sendmessage（hwnd，wm_setpasswordchar,0,0); //使框中的字符直接显示<br>&nbsp; 通常的密码探测就是利用这一句，2000中可不可以我没试过。我得老机已伴我5年了<br>不能用2000。<br>&nbsp; &nbsp; 我做了2个密码探测器（一个vb做的，一个用戴妃(delphi)做的），很长时间了，<br>就是利用上述技术 <br>&nbsp; &nbsp;谁想研究我可以give you free! then &nbsp;your Email is .......?<br><br>