Use C # To create an ie bho hook and obtain the form Password

Source: Internet
Author: User

To authorize CSDN, please obtain your consent and repost it. Author: Chen Jia, NetSecure Inc, Canada, Software Engineer

Microsoft officially exited Browser Helper Object (BHO) in 1997, enabling programmers to perform further development and operations on IE. after several months of writing the BHO program, I hope to tell some of my experiences to my comrades and avoid detours.

I like C ++ very much. because C ++ can directly operate on the memory, it can save a lot of memory loss and make it faster. however, when developing BHO, I realized that C # is much more powerful than C ++. FOR example, the FOREACH loop provided by C # can avoid overflow of the FOR loop. in addition, the type conversion of C # is obviously stronger than that of C ++. after all, BHO and C # are both from the Microsoft family. Of course, C # is more suitable for BHO development. my first BHO program was written in C ++. for the operations on COM, it took me at least a few days to figure out what they were trying to do. however, it takes only a few minutes for my first C # BHO program to build a hook. if you want to engage in BHO development, and you want to start learning. I think this article is helpful to you.

This article was originally written in English. Because of the working environment, Chinese characters are getting increasingly unfamiliar. If there are errors or exceptions, refer to the original English document.

Http://www.horizonideas.com/writings/article.php? Id = 11

Let's start.

First, we need to create a new DLL project in C. BHO is driven by calling DLL by IE. I use V C # EXPRESS. this is enough. v c # PROFESSIONAL is not required and memory is wasted.

After creating an empty project, add a folder named BHO and add a file.
 

Note that this file must be named IObjectWithSite. cs, So IE knows that this is a BHO program. for more information about the IObjectWiteSite interface, query the MSDN http://msdn2.microsoft.com/en-us/library/Aa768220.aspx

In IObjectWithSite, there must be two methods: GetSite and SetSite. We mainly call the latter. You can guess what they do by name.

GetSite: Gets the last site set with IObjectWithSite: SetSite. If there is no known site, the object returns a failure code.

SetSite: Provides the site's IUnknown pointer to the object.

Remove the default vs stuido class name because IObjectWithSite is not a class but an interface.

 

Do not forget to add System. Runtime. InteropServices

Next we will add a main file named BHO. CS.

The newly created class is based on the IObjectWithSite interface. As I mentioned earlier, you use this interface to call IE.

To use Microsoft's BHO library, we must add the following two libraries: SHDocVw and MSHTML. They are generally under Windows \ System32.

SHDocVw is Microsoft Shell Doc Object and Control Library

Mshtml is: All interfaces for accessing the dynamic HTML (DHTML) object model are based on idispatch and are the basis of access to the object model that is also used by scripts. http://msdn2.microsoft.com/en-us/library/bb498651.aspx

Light Using shdocvw "is not enough, you need to add

Add shdocvw

MessageBox will be used later, so I have added a Windows form library.

The following two variables are added: webbrowser and htmldocument. They are like their names. One is the IE variable, and the other is the HTML page variable accessed by IE.

The following is a function called ondocumentcomplete in this class. it's okay to get other names. but here we call ondocumentcomplete for code availability. this function is actually corresponding to ondocumentcomplete under cdhtmldialog.

Cdhtmldialog class http://msdn2.microsoft.com/en-us/library/8bed8k60 (vs.80). aspx.

Ondocumentcomplete is triggered after an HTML page is loaded. You can also avoid using navigate () or onbeforenavigate (). They indicate triggering before sending access and access.

Please refer to http://msdn2.microsoft.com/en-us/library/8k5z3ekh (vs.80). aspx to find out what you need exactly.

In IObjectWithSite. cs, you need to spend the GUID of IE to facilitate registry modification.

In addition, you need to add a GUID to your program. in this way, IE can find your information in the registry. you can use System. guid. newGuid () method to obtain a GUID. this is much easier than the method for C ++ to get the GUID.

We must add content to SetSite and GetSite. In SETSITE, we need to add an EVENTHANDLER so that IE can trigger our OnDocumentComplete function.

Add one more reference

In BHO. CS, we need to add the register/unregister function for our DLL.

 

Compile, we have our DLL.

The following uses the regasm/codebase "BHO HelloWorld. dll" command under DOS to register dll. Why?

Because we forgot to set our main class to PUBLIC, no one else can call your class. Naturally, we cannot register it.

And then it succeeds.

Open the registry and find Browser Helper Object under LOCAL_MACHINE-> SOFTWARE-> MICROSOFT-> WINDOWS-> EXPLORER to see if there is any change?

After registration, we will write our program to control IE. The following is an example to capture the NAME of all INPUT elements on the page you are visiting.

In document, all our elements are ihtmlelement. We need to call ihtmlinputelement. therefore, we use the getelementbytagname method to find all input elements. after finding the attribute, you still need to perform type conversion to find the corresponding attribute. otherwise, ihtmlelement does not have name attribute. the attribute provided by ihtmlelement is available to all elements. for example, ID, such as title, such as onclick. some elements have their own unique attributes. For example, if input has onfocus, it must be converted to ihtmlinputelement to be used. ihtmlinputelement corresponding to input, select-> ihtmlselectelement .......

 

There you go, see?

Next we will try another method called beforenavigate (). it is triggered before you start the next page. that is to say, if you want to submit a form and the page changes, it will be triggered. in fact, Ms provides two similar interfaces: beforenavigate and beforenavigate2 (). you can check msdn to see what the difference is. we will not talk about it here.

Similarly, we add a corresponding function prototype (click the image to see the big image ).

Add eventhandler

What we want to do below is to intercept the password on the page.

See, how easily, you can get it.

Through the above process. I hope you have a preliminary understanding of BHO. for more information, visit msdn. it provides a very detailed introduction. this also raises a topic. we can see that it takes almost two minutes for us to intercept any content you entered. Do you think IE is safe? Even if he can encrypt the content of the network card through SSL, it is so weak at the application layer. in addition, if we use IE, we will find the flood of add-on, which is caused by BHO.

If you don't want to follow the above steps, you can use the templates I have prepared. directly put it in your Visual Studio 2005 \ Templates \ ProjectTemplates folder. when you start a new project, click the bho helloworld. all the above Code is ready for you.

Project template download TEMPLATE

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.