Password Hacking in VB.NET


This code when run gets the password from a password window of any application. To try it out use the following procedure to get the password.


  • Run the code . A small window will open.
  • Now open an application, which inputs password. Try opening a MSN messenger window or Yahoo messenger window or any other window of your choice.
  • Now you will see two windows. Put the password in the password box of the window.
  • Click in the password box of the application window.
  • Then click the button "Get Password" of the VB form.
  • Again click on the password box of the application window.
  • Wait for 5 seconds . The password will be seen in alphabets not as *****.
  • Thus the password is exposed.

Source Code:

API Description :

  1. GetCursorPos :

    ' GetCursorPos: API used to get the current mouse pointer location.

    '[out] Long pointer to a POINT structure that receives the screen coordinates of the cursor.
    'Return Values.
    'Nonzero indicates success. Zero indicates failure. To get extended error information, call GetLastError.

    'The cursor position is always given in screen coordinates and is not affected by the mapping mode of the window that contains the cursor.
    Public Shared Function <DllImport("user32")> _
    GetCursorPos(ByRef lpPoint As POINTAPI) As Integer
    End Function
  2. WindowFromPoint:

    'WindowFromPoint: API is used to get the window handle by giving the
    ' location
    ' Parameters

    'Specifies a POINT structure that defines the point to be checked.
    'Return Values.
    'A handle to the window that contains the point indicates success. NULL indicates that no window exists at the specified point. A handle to the window under the 'static' text control indicates that the point is over a static text control.

    Public Shared Function <DllImport("user32")> _
    WindowFromPoint(ByVal xPoint As Integer, _
    ByVal yPoint As Integer) As Integer
    End Function
  3. GetClassName:

    ' GetClassName: By passing window handle this will return the class name of
    ' window object.

    ' Parameters


    'Handle to the window and, indirectly, the class to which the window belongs.


    'Long pointer to the buffer that is to receive the class name string.


    'Specifies the length, in characters, of the buffer pointed to by the lpClassName parameter. The class
    name string is truncated if it is longer than the buffer.

    'Return Values

    ' 'The number of characters copied to the specified buffer indicates success. ' Zero indicates failure. To
    get extended error information, call GetLastError.

    Public Shared Function <DllImport("user32")> _
    GetClassName(ByRef hwnd As Integer, ByVal _
    lpClassName As String, ByRef nMaxCount As Integer) As Integer
    End Function

  4. SendMessage:

    'SendMessage: API used to send a message to another window.

    ' Parameters.


    '[in] Handle to the window whose window procedure will receive the message. If this parameter is HWND_BROADCAST, the message is sent to all top-level windows in 'the' system, including disabled or invisible unowned windows, overlapped windows, 'and pop'-up windows; but the message is not sent to child windows.


    '[in] Specifies the message to be sent.


    '[in] Specifies additional message-specific information.


    '[in] Specifies additional message-specific information.

    'Return Values.

    'The return value specifies the result of the message processing and depends 'on the message sent.

    Public Shared Function <DllImport("user32")> _
    SendMessage(ByVal hwnd As Integer, ByVal wMsg As Integer, _
    ByVal wParam As Integer, ByVal lParam As Integer) As Integer
    End Function

General Description:

Waooooo getting password was never so easy. Lets dissect the code.
The "GetCursorPos" api gets the current mouse position on the screen in a structure i.e. the x and y coordinates on the screen.

The "WindowFromPoint" api gets the window handle from the x and y coordinates.

The "GetClassName" api gets the classname of the control on which mouse is placed might be a "text" or an "edit" control (Password).

The "SendMessage" api sends the window (of which we are having the handle) , the control(text or edit) a message where in the password character is changed from * to nothing (0) . Meaning that no password char is applicable to the edit box.

Thus the password is exposed.