两分钟用C#搭建IE BHO勾子, 窃取密码

中文翻译请查看:

http://blog.csdn.net/jackiechen01/archive/2007/08/11/1738010.aspx


Microsoft provided Browser Helper Object (BHO) to let developers "drive" Internet Explorer. The first BHO was introduced in 1997 with IE 4.0. I have been writing programs on BHO for months. It could be quite depressing at the very first beginning to learn all those things. Hereby, I am writing this article to help beginners like me get familiar with BHO as soon as possible.

My personal interest is actually C++. C++ programs can be a lot less memory-consuming than C# program. But C# does provide better service on BHO comparing to C++. My first BHO program was written in C++.  It took me quite a while to figure out what was going on. But C# only takes me few minutes. Besides, C# has lots of pleasant designs such as foreach . It is very easy to handle especially when users want to convert one data type into another, while C++ may take longer.

To set up a BHO Hello World Project, Lets first start a C# Class Library, as BHO is written in .dll attached to IE. You dont need a Visual Studio 2005, C# express is totally enough.


 

After we have this empty project, let's add one folder named BHO and a .cs file into the folder.

The first file has to been named IObjectWithSite to notify that this is a BHO project. To know more about this interface, please refer to http://msdn2.microsoft.com/en-us/library/Aa768220.aspx

We also need to add two functions

GetSite:  Gets the last site set with IObjectWithSite::SetSite. If there is no known site, the object returns a failure code.

SetSite:  Provides the site's IUnknown pointer to the object.

 

Don't forget System.Runtime.InteropServices

Add another .cs file where the main functions located

Add a class called BHO in the newly added file. The class contains the interface IObjectWithSite

 

To use BHO we need to have two references, SHDocVw and MSHTML.You can find them at Windows"System32 folder

SHDocVw is  Microsoft Shell Doc Object and Control Library

MSHTML is:   All interfaces for accessing the Dynamic HTML (DHTML) Object Model are based on IDispatch and are the basis of access to the object model that is also used by scripts. http://msdn2.microsoft.com/en-us/library/bb498651.aspx

have "using SHDocVw" is not enough, you need to add references to the project.

Add SHDocVw 

As later we are going to use MessageBox, we also need to add Windows Form reference

 

Now we add two variables into the class, WebBrowser and HTMLDocument. Just like their name, you could easily figure out what do they do.

Besides, the two methods we defined in the IObjectWithSite interface, we also need to add OnDocumentComplete. You don't need it if you don't use it. OnDocumentComplete is a function of CDHtmlDialog Class http://msdn2.microsoft.com/en-us/library/8bed8k60(VS.80).aspx . It will be triggered if the HTMLDocument downloading is complete, in other words, when your page is loaded. You can also use Navigate() or OnBeforeNavigate(). Please refer to http://msdn2.microsoft.com/en-us/library/8k5z3ekh(VS.80).aspx to find out what you need exactly.

Under the IObjectWithSite.cs you need to point out the GUID of IE for thei program, so it can attach to IE.

Also, you need to assian a GUID for your own program. You can use System.Guid.NewGuid() method to get one, which is really neat comparing to C++.

 

You cannot just leave SetSite and GetSite blank. fill them in. This step is to tell IE that the DocumentCompletent Event is attached to OnDocumentComplete in our program.

Add one more reference

Under BHO.cs we need to write two functions for register/unregister of this DLL.

Now compile, under your release folder, you will find the .dll of your own project.

Then, use regasm /codebase "BHO HelloWorld.dll" to register our dll. We got a problem here. The REGASM told me it's not registerd. WHY?

Because we didn't set the BHO class as public. That's why.

 

now, do it again. It's successful.

open your registry. Find out Browser Helper Object under LOCAL_MACHINE->SOFTWARE->MICROSOFT->WINDOWS->EXPLORER

 

So, now program has been officially attached to your BHO. We need to fillin the OnDocumentComplete function. It's really neat to use C#'s foreach loop rather than for loop in C++. So you won't need to care about the indexer overflow. Besides, as we can see the type conversion is quite easy. This is an example on we want to find out the NAME attributes of an IHTMLInputElement.

An IHTMLInputElement is an Input element on HTML Page.

If the IHTMLInputElement does not have name attributes, we will fetch the ID attribute. Then pop up the content.

There you go, see?

Now, let's try to use BeforeNavigate() rather than OnDocumentComplete().

As we can see, there are BeforeNavigate and BeforeNavigate2(). We go for the latter one. If you are interested, you can use the first one.

 

Add the function prototype.  

Set up the hook.

Now, we want to steal the password on an Input password element

See, how easily, you can get it.

 

In conclusion, its really easy to handle BHO with C#. Thats why many IE add-ons are not safe at all. I hope these are useful. To waive your trouble, you can use the project template I made. Download it and put it under your Visual Studio 2005"Templates"ProjectTemplates folder (its usually under My Document).

 

posted @ 2008-09-16 13:51  xjy  阅读(1198)  评论(0编辑  收藏  举报