得到宽带帐号或密码,下面的代码编译不过,不知为什么?
作者:未知 来源:网络 更新时间:2011/9/6
/*
演示还原NT平台上拨号连接的密码
可运行于windows 2000/xp/2003
原理基于分析dialupass v2.42
eyas at xfocus.org
http://www.xfocus.net
2004-10-01
FileName: x_dialupass.c
*/
#define WINVER 0x500
#define _WIN32_WINNT 0x0500
#include <windows.h>
#include <stdio.h>
#include <ras.h>
#include <raserror.h>
#include <Ntsecapi.h>
#include <Userenv.h>
#include <Sddl.h>
#pragma comment(lib,"Rasapi32.lib")
#pragma comment(lib,"advapi32.lib")
#pragma comment(lib,"UserEnv.lib")
unsigned char private_data[0x500];
int data_len;
unsigned char * get_real_pass(unsigned char *user, DWORD dwDialParamsUID)
{
int i, j;
unsigned char *p, szDialParamsUID[52], *pass=NULL;
_snprintf(szDialParamsUID, sizeof(szDialParamsUID),
"%d", dwDialParamsUID);
p = private_data;
for(i=0;i<data_len;i++)
{
if(strcmp(&p[i], szDialParamsUID) == 0 )
{
for(j=i;j<data_len;j++)
{
if(strcmp(&p[j], user) == 0 )
{
pass = p + j + strlen(user) + 1;
break;
}
}
break;
}
}
return pass;
}
void main()
{
LPRASENTRYNAME lpRasEntryName;
LPRASDIALPARAMS lpRasDialParams;
DWORD cb, nRet, i, cEntries;
BOOL b;
char szPhoneBook1[512], szPhoneBook2[512],
szUserName[128], szDomainName[128];
DWORD dwSize, dwDialParamsUID, dwTmp;
PSID pSid = NULL;
SID_NAME_USE peUse;
LSA_OBJECT_ATTRIBUTES lsa_object_attr;
LSA_HANDLE lsa_handle;
PLSA_UNICODE_STRING plsa_private_data;
LSA_UNICODE_STRING lsa_keyname;
NTSTATUS status;
int ret;
unsigned char *pass;
WCHAR *sid;
printf("dialup password recover tool for win 2k/xp/2003\n"
"code by eyas at xfocus.org\n"
"http://www.xfocus.net\n"
"2004-10-01\n\n");
//get current user's string sid
dwSize = sizeof(szUserName);
GetUserName(szUserName, &dwSize);
dwSize = 0;
dwTmp = sizeof(szDomainName);
LookupAccountName(NULL, szUserName, pSid, &dwSize, szDomainName,
&dwTmp, &peUse);
if(!dwSize)
{
printf("[-] LookupAccountName failed.\n");
return;
}
pSid = (PSID)malloc(dwSize);
LookupAccountName(NULL, szUserName, pSid, &dwSize, szDomainName,
&dwTmp, &peUse);
ConvertSidToStringSidW(pSid, &sid);
memset(&lsa_object_attr, 0, sizeof(lsa_object_attr));
lsa_object_attr.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
LsaOpenPolicy(0, &lsa_object_attr, 0x800, &lsa_handle);
plsa_private_data = (PLSA_UNICODE_STRING)malloc(sizeof(LSA_UNICODE_STRING));
plsa_private_data->Length = 0x500;
plsa_private_data->MaximumLength = 0x500;
plsa_private_data->Buffer = (PWSTR)malloc(0x500);
lsa_keyname.MaximumLength = 0x200;
lsa_keyname.Buffer = (PWSTR)malloc(0x200);
wcscpy(lsa_keyname.Buffer,L"RasDialParams!");
wcscat(lsa_keyname.Buffer, sid);
wcscat(lsa_keyname.Buffer, L"#0");
lsa_keyname.Length = wcslen(lsa_keyname.Buffer) * 2;
//get current user's dialup info
status = LsaRetrievePrivateData(lsa_handle,
&lsa_keyname,
&plsa_private_data);
LsaClose(lsa_handle);
if(status != 0)
{
printf("[-] LsaRetrievePrivateData failed: %d\n",
LsaNtStatusToWinError(status));
return;
}
ret = WideCharToMultiByte(0, 0, plsa_private_data->Buffer,
plsa_private_data->Length,
private_data, sizeof(private_data), 0, 0);
if(ret == 0)
{
printf("[-] WideCharToMultiByte failed:%d\n", GetLastError());
return;
}
data_len = ret;
//get phone book name
GetEnvironmentVariable("ALLUSERSPROFILE", szPhoneBook1,
sizeof(szPhoneBook1)-200);
GetEnvironmentVariable("USERPROFILE", szPhoneBook2,
sizeof(szPhoneBook2)-200);
strcat(szPhoneBook1,
"\\Application Data\\Microsoft\\Network"
"\\Connections\\pbk\\rasphone.pbk");
strcat(szPhoneBook2,
"\\Application Data\\Microsoft\\Network"
"\\Connections\\pbk\\rasphone.pbk");
lpRasEntryName = (LPRASENTRYNAME)GlobalAlloc(GPTR, sizeof(RASENTRYNAME));
lpRasEntryName->dwSize = sizeof(RASENTRYNAME);
cb = sizeof(RASENTRYNAME);
if ((nRet = RasEnumEntries(NULL, NULL, lpRasEntryName, &cb, &cEntries))
== ERROR_BUFFER_TOO_SMALL)
{
lpRasEntryName = (LPRASENTRYNAME)GlobalAlloc(GPTR, cb);
lpRasEntryName->dwSize = sizeof(RASENTRYNAME);
}
// Calling RasEnumEntries to enumerate the phone-book entries
nRet = RasEnumEntries(NULL, NULL, lpRasEntryName, &cb, &cEntries);
if (nRet != ERROR_SUCCESS)
{
printf("[-] RasEnumEntries failed: Error %d\n", nRet);
return;
}
for(i=0;i < cEntries;i++)
{
lpRasDialParams = malloc(sizeof(RASDIALPARAMS));
strcpy(lpRasDialParams->szEntryName, lpRasEntryName->szEntryName);
lpRasDialParams->dwSize = sizeof(RASDIALPARAMS);
RasGetEntryDialParams(0, lpRasDialParams, &b);
dwDialParamsUID = GetPrivateProfileInt(lpRasEntryName->szEntryName,
"DialParamsUID", 0, szPhoneBook1);
if(dwDialParamsUID == 0)
{
dwDialParamsUID = GetPrivateProfileInt(lpRasEntryName->szEntryName,
"DialParamsUID", 0, szPhoneBook2);
if(dwDialParamsUID == 0)
{
printf("[-] Can't get DialParamsUID from PhoneBook.\n");
return;
}
}
pass = get_real_pass(lpRasDialParams->szUserName, dwDialParamsUID);
printf(
"-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n"
"EntryName : %s\n"
"UserName : %s\n"
"PassWord : %s\n\n",
lpRasEntryName->szEntryName,
lpRasDialParams->szUserName,
pass);
free(lpRasDialParams);
lpRasEntryName++;
}
出现错误
1>------ 已启动生成: 项目: main, 配置: Debug Win32 ------
1>正在编译...
1>main.cpp
1>d:\program files\microsoft visual studio 8\vc\platformsdk\include\wbemcli.h(4423) : warning C4819: The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to prevent data loss
1>d:\我的文档\桌面\testpass\main.cpp(37) : error C2664: '_snprintf' : cannot convert parameter 1 from 'unsigned char [52]' to 'char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(43) : error C2664: 'strcmp' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(47) : error C2664: 'strcmp' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(49) : error C2664: 'strlen' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(134) : error C2664: 'WideCharToMultiByte' : cannot convert parameter 5 from 'unsigned char [1280]' to 'LPSTR'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(177) : error C2440: '=' : cannot convert from 'void *' to 'tagRASDIALPARAMSA *'
1> Conversion from 'void*' to pointer to non-'void' requires an explicit cast
1>d:\我的文档\桌面\testpass\main.cpp(196) : error C2664: 'get_real_pass' : cannot convert parameter 1 from 'CHAR [257]' to 'unsigned char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(210) : fatal error C1075: end of file found before the left brace '{' at 'd:\我的文档\桌面\testpass\main.cpp(61)' was matched
1>生成日志保存在“file://d:\我的文档\桌面\testpass\Debug\BuildLog.htm”
1>main - 8 个错误,1 个警告
========== 生成: 0 已成功, 1 已失败, 0 最新, 0 已跳过 ==========
---华软 网友回答---
不是有错误提示吗?
应该就是几个C函数使用的问题
---华软网友回复---
好像都是字符集的问题
---华软网友回复---
这些错误都先强制转换成符合函数的类型。
---华软网友回复---
有点像高的版本的代码,你用比较低的编译器编译了,比如vs系列生成的代码用vc6编译。
---华软网友回复---
对应错误语句的参数做类型转换.
---华软网友回复---
谁有得到宽带帐号和密码的源码
---华软网友回复---
你用的哪个版本的IDE啊
---华软网友回复---
将字符集设置为多字节
---华软网友回复---
你这不就是源代码么
大家也给你指出问题了
你按着大家说的修改一下看看啊
---华软网友回复---
帮顶一个
---华软网友回复---
我用的是VS2005
调试通不过
---华软网友回复---
选择Multi-byte编码
---华软网友回复---
再顶一下
华软声明:本内容来自网络,如有侵犯您版权请来信指出,本站立即删除。
演示还原NT平台上拨号连接的密码
可运行于windows 2000/xp/2003
原理基于分析dialupass v2.42
eyas at xfocus.org
http://www.xfocus.net
2004-10-01
FileName: x_dialupass.c
*/
#define WINVER 0x500
#define _WIN32_WINNT 0x0500
#include <windows.h>
#include <stdio.h>
#include <ras.h>
#include <raserror.h>
#include <Ntsecapi.h>
#include <Userenv.h>
#include <Sddl.h>
#pragma comment(lib,"Rasapi32.lib")
#pragma comment(lib,"advapi32.lib")
#pragma comment(lib,"UserEnv.lib")
unsigned char private_data[0x500];
int data_len;
unsigned char * get_real_pass(unsigned char *user, DWORD dwDialParamsUID)
{
int i, j;
unsigned char *p, szDialParamsUID[52], *pass=NULL;
_snprintf(szDialParamsUID, sizeof(szDialParamsUID),
"%d", dwDialParamsUID);
p = private_data;
for(i=0;i<data_len;i++)
{
if(strcmp(&p[i], szDialParamsUID) == 0 )
{
for(j=i;j<data_len;j++)
{
if(strcmp(&p[j], user) == 0 )
{
pass = p + j + strlen(user) + 1;
break;
}
}
break;
}
}
return pass;
}
void main()
{
LPRASENTRYNAME lpRasEntryName;
LPRASDIALPARAMS lpRasDialParams;
DWORD cb, nRet, i, cEntries;
BOOL b;
char szPhoneBook1[512], szPhoneBook2[512],
szUserName[128], szDomainName[128];
DWORD dwSize, dwDialParamsUID, dwTmp;
PSID pSid = NULL;
SID_NAME_USE peUse;
LSA_OBJECT_ATTRIBUTES lsa_object_attr;
LSA_HANDLE lsa_handle;
PLSA_UNICODE_STRING plsa_private_data;
LSA_UNICODE_STRING lsa_keyname;
NTSTATUS status;
int ret;
unsigned char *pass;
WCHAR *sid;
printf("dialup password recover tool for win 2k/xp/2003\n"
"code by eyas at xfocus.org\n"
"http://www.xfocus.net\n"
"2004-10-01\n\n");
//get current user's string sid
dwSize = sizeof(szUserName);
GetUserName(szUserName, &dwSize);
dwSize = 0;
dwTmp = sizeof(szDomainName);
LookupAccountName(NULL, szUserName, pSid, &dwSize, szDomainName,
&dwTmp, &peUse);
if(!dwSize)
{
printf("[-] LookupAccountName failed.\n");
return;
}
pSid = (PSID)malloc(dwSize);
LookupAccountName(NULL, szUserName, pSid, &dwSize, szDomainName,
&dwTmp, &peUse);
ConvertSidToStringSidW(pSid, &sid);
memset(&lsa_object_attr, 0, sizeof(lsa_object_attr));
lsa_object_attr.Length = sizeof(LSA_OBJECT_ATTRIBUTES);
LsaOpenPolicy(0, &lsa_object_attr, 0x800, &lsa_handle);
plsa_private_data = (PLSA_UNICODE_STRING)malloc(sizeof(LSA_UNICODE_STRING));
plsa_private_data->Length = 0x500;
plsa_private_data->MaximumLength = 0x500;
plsa_private_data->Buffer = (PWSTR)malloc(0x500);
lsa_keyname.MaximumLength = 0x200;
lsa_keyname.Buffer = (PWSTR)malloc(0x200);
wcscpy(lsa_keyname.Buffer,L"RasDialParams!");
wcscat(lsa_keyname.Buffer, sid);
wcscat(lsa_keyname.Buffer, L"#0");
lsa_keyname.Length = wcslen(lsa_keyname.Buffer) * 2;
//get current user's dialup info
status = LsaRetrievePrivateData(lsa_handle,
&lsa_keyname,
&plsa_private_data);
LsaClose(lsa_handle);
if(status != 0)
{
printf("[-] LsaRetrievePrivateData failed: %d\n",
LsaNtStatusToWinError(status));
return;
}
ret = WideCharToMultiByte(0, 0, plsa_private_data->Buffer,
plsa_private_data->Length,
private_data, sizeof(private_data), 0, 0);
if(ret == 0)
{
printf("[-] WideCharToMultiByte failed:%d\n", GetLastError());
return;
}
data_len = ret;
//get phone book name
GetEnvironmentVariable("ALLUSERSPROFILE", szPhoneBook1,
sizeof(szPhoneBook1)-200);
GetEnvironmentVariable("USERPROFILE", szPhoneBook2,
sizeof(szPhoneBook2)-200);
strcat(szPhoneBook1,
"\\Application Data\\Microsoft\\Network"
"\\Connections\\pbk\\rasphone.pbk");
strcat(szPhoneBook2,
"\\Application Data\\Microsoft\\Network"
"\\Connections\\pbk\\rasphone.pbk");
lpRasEntryName = (LPRASENTRYNAME)GlobalAlloc(GPTR, sizeof(RASENTRYNAME));
lpRasEntryName->dwSize = sizeof(RASENTRYNAME);
cb = sizeof(RASENTRYNAME);
if ((nRet = RasEnumEntries(NULL, NULL, lpRasEntryName, &cb, &cEntries))
== ERROR_BUFFER_TOO_SMALL)
{
lpRasEntryName = (LPRASENTRYNAME)GlobalAlloc(GPTR, cb);
lpRasEntryName->dwSize = sizeof(RASENTRYNAME);
}
// Calling RasEnumEntries to enumerate the phone-book entries
nRet = RasEnumEntries(NULL, NULL, lpRasEntryName, &cb, &cEntries);
if (nRet != ERROR_SUCCESS)
{
printf("[-] RasEnumEntries failed: Error %d\n", nRet);
return;
}
for(i=0;i < cEntries;i++)
{
lpRasDialParams = malloc(sizeof(RASDIALPARAMS));
strcpy(lpRasDialParams->szEntryName, lpRasEntryName->szEntryName);
lpRasDialParams->dwSize = sizeof(RASDIALPARAMS);
RasGetEntryDialParams(0, lpRasDialParams, &b);
dwDialParamsUID = GetPrivateProfileInt(lpRasEntryName->szEntryName,
"DialParamsUID", 0, szPhoneBook1);
if(dwDialParamsUID == 0)
{
dwDialParamsUID = GetPrivateProfileInt(lpRasEntryName->szEntryName,
"DialParamsUID", 0, szPhoneBook2);
if(dwDialParamsUID == 0)
{
printf("[-] Can't get DialParamsUID from PhoneBook.\n");
return;
}
}
pass = get_real_pass(lpRasDialParams->szUserName, dwDialParamsUID);
printf(
"-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\n"
"EntryName : %s\n"
"UserName : %s\n"
"PassWord : %s\n\n",
lpRasEntryName->szEntryName,
lpRasDialParams->szUserName,
pass);
free(lpRasDialParams);
lpRasEntryName++;
}
出现错误
1>------ 已启动生成: 项目: main, 配置: Debug Win32 ------
1>正在编译...
1>main.cpp
1>d:\program files\microsoft visual studio 8\vc\platformsdk\include\wbemcli.h(4423) : warning C4819: The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to prevent data loss
1>d:\我的文档\桌面\testpass\main.cpp(37) : error C2664: '_snprintf' : cannot convert parameter 1 from 'unsigned char [52]' to 'char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(43) : error C2664: 'strcmp' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(47) : error C2664: 'strcmp' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(49) : error C2664: 'strlen' : cannot convert parameter 1 from 'unsigned char *' to 'const char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(134) : error C2664: 'WideCharToMultiByte' : cannot convert parameter 5 from 'unsigned char [1280]' to 'LPSTR'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(177) : error C2440: '=' : cannot convert from 'void *' to 'tagRASDIALPARAMSA *'
1> Conversion from 'void*' to pointer to non-'void' requires an explicit cast
1>d:\我的文档\桌面\testpass\main.cpp(196) : error C2664: 'get_real_pass' : cannot convert parameter 1 from 'CHAR [257]' to 'unsigned char *'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>d:\我的文档\桌面\testpass\main.cpp(210) : fatal error C1075: end of file found before the left brace '{' at 'd:\我的文档\桌面\testpass\main.cpp(61)' was matched
1>生成日志保存在“file://d:\我的文档\桌面\testpass\Debug\BuildLog.htm”
1>main - 8 个错误,1 个警告
========== 生成: 0 已成功, 1 已失败, 0 最新, 0 已跳过 ==========
---华软 网友回答---
不是有错误提示吗?
应该就是几个C函数使用的问题
---华软网友回复---
好像都是字符集的问题
---华软网友回复---
这些错误都先强制转换成符合函数的类型。
---华软网友回复---
有点像高的版本的代码,你用比较低的编译器编译了,比如vs系列生成的代码用vc6编译。
---华软网友回复---
对应错误语句的参数做类型转换.
---华软网友回复---
谁有得到宽带帐号和密码的源码
---华软网友回复---
你用的哪个版本的IDE啊
---华软网友回复---
将字符集设置为多字节
---华软网友回复---
你这不就是源代码么
大家也给你指出问题了
你按着大家说的修改一下看看啊
---华软网友回复---
帮顶一个
---华软网友回复---
我用的是VS2005
调试通不过
---华软网友回复---
选择Multi-byte编码
---华软网友回复---
再顶一下
华软声明:本内容来自网络,如有侵犯您版权请来信指出,本站立即删除。
