黑客技巧之用QQ皮肤来做后门入侵

peng4644

前几天lcx提示说又有QQ溢出漏洞了，于是突然的提醒我以前有几个QQ的vbs文件没认真的去看过。于是进到目录中找一下，这一找不要紧啊，差点晕死。原来我们对QQ的操作就是这样的。

那么就帅了，直接插段脚本进去，权限就继承下来想干什么就干什么了，嘿嘿。

QQ皮肤脚本：
Dim UserNum
Dim Path
Dim ShowStatus
Dim foldbottom
Dim bMsgInside
Dim CurrentWidth
Dim CurrentHeight

'注释

Sub Window_OnInit()
Window.GetScriptVersion "1.0"   
Path = "NewSkins\\QQ2005 Lite\\"
ShowStatus = 1
UserNum = "0"
If 1 = ShowStatus Then
  UserNum = UserNum
End If
NewPanels.visible = false
bMsginside = 0
End Sub

Sub Window_OnSize(cx,cy)
Window.LockPaint()
CurrentWidth = cx
CurrentHeight = cy

BackgroundT.width = cx - 78
BackgroundRT.left = cx - 14

BackgroundLB.top = cy - 110
BackgroundB.top = cy - 110
BackgroundB.width = cx - 24
BackgroundRB.left = cx - 12
BackgroundRB.top = cy - 110

BackgroundL.height = cy - 195
BackgroundC.width = cx - 19
BackgroundC.height = cy - 195
BackgroundR.left = cx - 8
BackgroundR.height = cy - 195

foldbottom = 65
ntopdistance = 0
If bMsgInside = 1 Then
  ntopdistance = 20
End If
NewPanels.top = 68 + ntopdistance
Bar1.top = 70 + ntopdistance
Bar1.width = cx - 10
Bar1.height = cy - 97

CloseButton.left = cx - 21
ColorButton.left = cx - 38
MinButton.left = cx - 55

MenuButton.top = cy - 23
PaymentButton.top = cy - 23
QQHomeButton.top = cy - 23
MsgManagerButton.top = cy - 23

QQNumber.width = cx - 45

Window.UnLockPaint()   
End Sub

'上面的三个按钮
Sub MinButton_onClick()
Window.ExeCommand 1,2
End Sub

Sub CloseButton_onClick()
Window.ExeCommand 1,3
End Sub

Sub ColorButton_onClick()
Window.ExeCommand 4,7
End Sub

Sub QQPushMsg_onClick()
QQPushMsg.Visible = false
bMsgInside = 0
window.RebuildRGN
Window.ExeCommand 10,0
End Sub

'六个Bar按钮
Sub Window_onClick(code, Name)
Window.LockPaint()
Window.DisableBar CStr(Name)
Window.ExeCommand code,CStr(Name)
Window.UnLockPaint()
End Sub

'顶部的按钮组
Sub StatusButton_onClick()
s = CStr(StatusButton.Left + StatusButton.width - 10)&"."&CStr(StatusButton.Top +
StatusButton.height - 8)
Window.ExeCommand 6,s
End Sub

sub StatusPic_onMouseMove(nX,nY)
s = CStr(StatusPic.Left) & "." & CStr(StatusPic.Top) & "." & CStr(StatusPic.width) & "."
& CStr(StatusPic.height)
Window.ExeCommand 20,s
end Sub

sub StatusPic_onMouseLeave()
s = CStr(StatusPic.Left) & "." & CStr(StatusPic.Top) & "." & CStr(StatusPic.width) & "."
& CStr(StatusPic.height)
Window.ExeCommand 21,s
end Sub

Sub StatusPic_onClick()
Window.ExeCommand 60,2
End Sub

Sub ContentsButton_onClick()
Window.ExeCommand 4,9
End Sub

Sub MobileMsgButton_onClick()
Window.ExeCommand 4,2
End Sub

Sub ChatRoomButton_onClick()
Window.ExeCommand 4,1
End Sub

Sub SearchButton_onClick()
Window.ExeCommand 4,3
End Sub

'下面的按钮组
Sub MenuButton_onClick()
s = CStr(MenuButton.Left)&"."&CStr(MenuButton.Top)
Window.ExeCommand 5,s
End Sub

sub PaymentButton_onClick()
Window.ExeCommand 4,8
end Sub

Sub QQHomeButton_onClick()
Window.ExeCommand 16,1
End Sub

Sub MsgManagerButton_onClick()
Window.ExeCommand 4,6
End Sub

'处理QQ程序发来的事件
Sub Window_OnNotify(code ,var)
If code = 1 Then
  '设置当前的Uin
  UserNum = var
  If 0 = ShowStatus Then
    QQNumber.value = UserNum
  Else
    QQNumber.value = UserNum
  End If     
ElseIf code = 2 Then
  '闪系统消息按钮 var 为1是开始闪。为2是停止
  If(var = 1) Then
    MsgManagerButton.StopFlash
    MsgManagerButton.Flash 30
  Else
    MsgManagerButton.StopFlash
  End If
ElseIf code = 3 then
  '闪状态按钮 var 为0,1,2,3是对应的ico。为4表示停止
  if var = 0 then
    StatusPic.ico = "Online.ico"   
  elseif var = 1 Then
    StatusPic.ico = "leave.ico"   
  elseif var = 2 Then
    StatusPic.ico = "invisible.ico"   
  elseif var = 3 Then
    StatusPic.ico = "Offline.ico"   
  elseif var = 4 then
    StatusPic.Ico = StatusIco
  end if
ElseIf code = 4 Then
  '设置那个Bar在最前
  Window_onClick 2,Var
ElseIf code = 5 Then
  '设置当前的状态。
  if var = 10 Then     
    StatusIco = "StatusPic.ico"
  elseif var = 20 Then     
    StatusIco = "StatusPic1.ico"
  elseif var = 30 Then   
    StatusIco = "StatusPic2.ico"
  elseif var = 40 Then     
    StatusIco = "StatusPic3.ico"     
  end If
  StatusPic.ico = StatusIco
  If 0 = ShowStatus Then
    QQNumber.value = UserNum
  Else
    QQNumber.value = UserNum
  End If
ElseIf code = 6 Then
  '设置Skin的起始路径
  Path = Var
ElseIf code = 10 then
  if(var = 1) then
    PaymentButton.SetLighting(true)
  else
    PaymentButton.SetLighting(false)
  end If
ElseIf code = 25 Then
  ' 皮肤推送
  if(var = 1) then
    ColorButton.SetLighting(true)
  else
    ColorButton.SetLighting(false)
  end If
ElseIf code = 200 then
  QQPushMsg.value = Var
  QQPushMsg.Visible = true
  bMsgInside = 1
  window.RebuildRGN
End If
End Sub

|▍寵児

懂的真多呀`

archangel071

深奥死了...

樶噯oo

不懂哈

小布丁

两袖清风

162102

我爱紫菀花

说仔细点啊不明白

wangshandi

...看不明白啊  哎``高手太多了