C# 开发BHO插件
BHO(Browser Helper Object)是插件,它寄存在IE浏览器中运行。在咱们的日常生活中无时无刻都在使用BHO,比如:迅雷检测用户是否单击了下载链接的BHO。用BHO也能做出些非常有意思的程序:窃取用户在网页上输入的密码信息等。
接下来,咱们也来制作一个恶搞的BHO吧,该BHO的功能如下:
1.注册成功后,每当用户浏览一个新的网页时,会自动在该网页中注入一个按钮
2.点击该按钮能获取用户在该网页中输入的敏感信息
操作步骤
图1
图2
图3
图4
图5
图6
图7
程序代码
IObjectWithSite.cs
1 using System; 2 using System.Collections.Generic; 3 4 using System.Text; 5 6 using System.Runtime.InteropServices; 7 8 namespace HelloBHO 9 { 10 11 [ 12 ComVisible(true), 13 InterfaceType(ComInterfaceType.InterfaceIsIUnknown), 14 Guid("FC4801A3-2BA9-11CF-A229-00AA003D7352") 15 ] 16 17 public interface IObjectWithSite 18 { 19 [PreserveSig] 20 int SetSite([MarshalAs(UnmanagedType.IUnknown)]object site); 21 [PreserveSig] 22 int GetSite(ref Guid guid, out IntPtr ppvSite); 23 } 24 }
BHO.cs:
1 using System; 2 using System.Collections.Generic; 3 using System.Text; 4 5 using System.Runtime.InteropServices; 6 using SHDocVw; 7 using mshtml; 8 using Microsoft.Win32; 9 10 namespace HelloBHO 11 { 12 13 [ 14 ComVisible(true), 15 Guid("8a194578-81ea-4850-9911-13ba2d71efbd"), 16 ClassInterface(ClassInterfaceType.None) 17 ] 18 public class BHO:IObjectWithSite 19 { 20 WebBrowser webBrowser; 21 HTMLDocument document; 22 23 public void OnDocumentComplete(object pDisp,ref object URL) 24 { 25 document = (HTMLDocument)webBrowser.Document; 26 IHTMLElement head = (IHTMLElement)((IHTMLElementCollection)document.all.tags("head")).item(null, 0); 27 var body = (HTMLBody)document.body; 28 29 //添加Javascript脚本 30 IHTMLScriptElement scriptElement = (IHTMLScriptElement)document.createElement("script"); 31 scriptElement.type = "text/javascript"; 32 scriptElement.text = "function FindPassword(){var tmp=document.getElementsByTagName('input');var pwdList='';for(var i=0;i<tmp.length;i++){if(tmp[i].type.toLowerCase()=='password'){pwdList+=tmp[i].value}} alert(pwdList);}";//document.getElementById('PWDHACK').value=pwdList; 33 ((HTMLHeadElement)head).appendChild((IHTMLDOMNode)scriptElement); 34 35 //创建些可以使用CSS的节点 36 string styleText = @".tb{position:absolute;top:100px;}";//left:100px;border:1px red solid;width:50px;height:50px; 37 IHTMLStyleElement tmpStyle = (IHTMLStyleElement)document.createElement("style"); 38 39 tmpStyle.type = "text/css"; 40 tmpStyle.styleSheet.cssText = styleText; 41 42 string btnString = @"<input type='button' value='hack' onclick='FindPassword()' />"; 43 body.insertAdjacentHTML("afterBegin", btnString); 44 45 46 47 } 48 49 public int SetSite(object site) 50 { 51 if (site != null) 52 { 53 webBrowser = (WebBrowser)site; 54 55 webBrowser.DocumentComplete += new DWebBrowserEvents2_DocumentCompleteEventHandler(this.OnDocumentComplete); 56 } 57 else 58 { 59 webBrowser.DocumentComplete -= new DWebBrowserEvents2_DocumentCompleteEventHandler(this.OnDocumentComplete); 60 webBrowser = null; 61 } 62 return 0; 63 } 64 65 public void OnBeforeNavigate2(object pDisp, ref object URL, ref object Flags, ref object TargetFrameName, ref object PostData, ref object Headers, ref bool Cancel) 66 { 67 document = (HTMLDocument)webBrowser.Document; 68 foreach (IHTMLInputElement element in document.getElementsByTagName("INPUT")) 69 { 70 if (element.type.ToLower() == "password") 71 { 72 System.Windows.Forms.MessageBox.Show(element.value); 73 } 74 } 75 } 76 77 78 79 public int GetSite(ref Guid guid, out IntPtr ppvSite) 80 { 81 IntPtr punk = Marshal.GetIUnknownForObject(webBrowser); 82 int hr = Marshal.QueryInterface(punk, ref guid, out ppvSite); 83 Marshal.Release(punk); 84 return hr; 85 } 86 87 88 public static string BHOKEYNAME = "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects"; 89 90 91 [ComRegisterFunction] 92 public static void RegisterBHO(Type type) 93 { 94 RegistryKey registryKey = Registry.LocalMachine.OpenSubKey(BHOKEYNAME, true); 95 96 if (registryKey == null) 97 registryKey = Registry.LocalMachine.CreateSubKey(BHOKEYNAME); 98 99 string guid = type.GUID.ToString("B"); 100 RegistryKey ourKey = registryKey.OpenSubKey(guid); 101 102 if (ourKey == null) 103 ourKey = registryKey.CreateSubKey(guid); 104 105 registryKey.Close(); 106 ourKey.Close(); 107 } 108 109 [ComUnregisterFunction] 110 public static void UnregisterBHO(Type type) 111 { 112 RegistryKey registryKey = Registry.LocalMachine.OpenSubKey(BHOKEYNAME, true); 113 string guid = type.GUID.ToString("B"); 114 115 if (registryKey != null) 116 registryKey.DeleteSubKey(guid, false); 117 } 118 } 119 }
以上引自:http://blog.csdn.net/ghostbear/article/details/7354214
//****************************相关Dos命令************************************//
由其他盘符回到E盘:e: 然后回车,如图:
进入到E盘某个文件夹:
cd xxx\xxx\xxx\xxx 然后回车,如图:
回到上一级菜单:cd .. 然后回车,如图:
返回根目录:cd / 然后回车,如图:
项目部署的机器中不可能安装有vs2010等调试环境,而在dos命令窗口直接输入regasm 注册时会报不是内部命令的错误,那怎么将已完成的BHO部署到目的机器上呢?
首先找到C:\Windows\Microsoft.NET\Framework\v2.0.50727 (我的是win7系统) 目录下会发现有regasm文件。那么就可以这样做了:
卸载BHO:regasm (/codebase) "xxx/xxx.dll" /u 然后回车,提示注销成功即成功卸载。
