📄 set.cpp
字号:
ZeroMemory(&BrowseInfo,sizeof(BROWSEINFO));
BrowseInfo.hwndOwner = GetSafeHwnd();
BrowseInfo.pidlRoot = NULL;
BrowseInfo.pszDisplayName = szDisplayName;
BrowseInfo.lpfn = NULL;
BrowseInfo.lParam = 0;
LPITEMIDLIST lpItemIDList;
if ( ( lpItemIDList = ::SHBrowseForFolder( &BrowseInfo ) ) != NULL )
{
if ( ::SHGetPathFromIDList( lpItemIDList, szBuffer ) )
{
if ( szBuffer[0] == '\0' )
{
AfxMessageBox( "无效路径,重新选择!");
return CString();
}
m_path = szBuffer;
}
else
{
AfxMessageBox( "无效路径,请重新选择!");
return CString();
}
}
lpMalloc->Free( lpItemIDList );
lpMalloc->Release();
if(m_path.GetLength()<1)
return CString();
if(m_path.GetAt(m_path.GetLength()-1)!='\\')
m_path+="\\";
return m_path;
}
void CSet::OnBnClickedLookwindowtext()
{
m_countnumber.SetCheck(0);
m_number.SetCurSel(-1);
m_number.EnableWindow(0);
m_secand.SetCurSel(-1);
m_secand.EnableWindow(0);
m_autosecand.SetCheck(0);
}
void CSet::OnBnClickedCountnumber()
{
m_lookwindowtext.SetCheck(0);
m_secand.SetCurSel(-1);
m_secand.EnableWindow(0);
m_autosecand.SetCheck(0);
m_number.EnableWindow(1);
m_number.SetCurSel(m_number.FindString(0,ReadRegeditPath("info8")));
if(m_countnumber.GetCheck()==0)
{
m_number.SetCurSel(-1);
m_number.EnableWindow(0);
}
}
void CSet::OnBnClickedAutosecand()
{
m_countnumber.SetCheck(0);
m_number.SetCurSel(-1);
m_number.EnableWindow(0);
m_lookwindowtext.SetCheck(0);
m_secand.EnableWindow(1);
m_secand.SetCurSel(m_secand.FindString(0,ReadRegeditPath("info10")));
if(m_autosecand.GetCheck()==0)
{
m_secand.SetCurSel(-1);
m_secand.EnableWindow(0);
}
}
void CSet::OnBnClickedDatabasebrowse()
{
CString filename=_T("数据库文件 (*.mdb)|*.mdb||");
CFileDialog dlg(TRUE,NULL,"subexamlib.mdb",OFN_HIDEREADONLY|OFN_OVERWRITEPROMPT,filename);
if(dlg.DoModal()==IDOK)
{
char exeFullPath[MAX_PATH];
GetModuleFileName(NULL,exeFullPath,MAX_PATH);
CString str(exeFullPath);
if(dlg.GetPathName().MakeUpper()==str.MakeUpper())
{
MessageBox("当前正执行文件拒绝任何操作!","警告",MB_ICONEXCLAMATION);
return;
}
else
{
CString str=dlg.GetPathName();
CFileFind find;
BOOL bFound = find.FindFile(str);
find.Close();
if(bFound)
SetDlgItemText(IDC_MDBPATH,str.Right(str.GetLength()-str.ReverseFind('\\')-1));
else
{
SetDlgItemText(IDC_MDBPATH,"");
SetDlgItemText(IDC_MDBVER,"");
SetDlgItemText(IDC_MDBPASSWORD,"");
MessageBox("未找到文件 "+str,"警告",MB_ICONEXCLAMATION);
return;
}
}
}
else
{
MessageBox("未选择数据库文件!","警告",MB_ICONEXCLAMATION);
return;
}
CString message=AccKey(dlg.GetPathName());
SetDlgItemText(IDC_MDBVER,message.Left(message.Find('*',0)));
SetDlgItemText(IDC_MDBPASSWORD,message.Right(message.GetLength()-message.Find('*',0)-1));
}
CString CSet::AccKey(CString filename)
{
CString PassWord;
BYTE accVer[3] = {0};
BYTE accID = 0x00;
BYTE accFile[40] = {0};
BYTE accDataKey[128] = {0};
char accFlagString[16] = {0};
//以只读方式打开
CFile myFile(filename,CFile::modeRead | CFile::shareDenyNone);
DWORD len = myFile.GetLength();
if(len > 320)
{
myFile.Seek(66,CFile::begin);
myFile.Read(&accFile,sizeof(accFile));
myFile.Seek(156,CFile::begin);
myFile.Read(&accVer,sizeof(accVer));
myFile.Seek(20,CFile::begin);
myFile.Read(&accID,sizeof(accID));
myFile.Seek(24,CFile::begin);
myFile.Read(&accDataKey,sizeof(accDataKey));
myFile.Seek(4,CFile::begin);
myFile.Read(&accFlagString,sizeof(accFlagString));
}
myFile.Close();
if(strcmp(accFlagString,"Standard Jet DB"))
{
AfxMessageBox("不是Access数据库!");
return CString();
}
char *sKey2K = "3074EC37EBCB9CFA70D128E6A5398A60E21B7B3643FDDFB1C17B13437920B13382EE795B243A7C2A";
char *sKey97 = "86FBEC375D449CFAC65E28E613";
CString Version;
//判断版本虽然没用,先留着
if(accVer[0] == '0')
{
Version = "3.51";
}
else
{
Version = (CString)accVer;
}
Version = (accID == 0 ? "Access 97":"Access 2000");
//SetDlgItemText(IDC_VER,Version);
//取密码
if(accID == 1)
{
PassWord = CrackPassDirect(accDataKey);
//if ( PassWord.GetLength() == 0)
//{
// PassWord = "没有密码";
//}
}
else
{
if(accID == 0)
{
PassWord = CrackPass97(accFile);
//if(PassWord.GetLength() ==0)
//{
// PassWord = "没有密码";
//}
}
//else
//{
// PassWord = "不是Access数据库";
//}
}
return Version+"*"+PassWord;
}
CString CSet::CrackPassDirect(BYTE (&f_bytes)[128])
{
CString ret;
long l;
BYTE EncryptKey[4]; //初始密钥
BYTE EncryptRet[258] = {0};
EncryptKey[0] = 0xC7;
EncryptKey[1] = 0xDA;
EncryptKey[2] = 0x39;
EncryptKey[3] = 0x6b;
//得到解密Key
for(l=0;l<=255;l++)
{
EncryptRet[l] = l;
}
long temp1,temp2,temp3,temp4,temp5,temp6,temp7,temp8;
temp1 = temp2 = temp3 = temp4 = temp5 = temp6 = temp7 = temp8 = 0;
for(l=0;l<=255;l++)
{
temp1 = temp2;
temp1 = EncryptKey[temp1];
temp4 = EncryptRet[l];
temp1 = temp1 + temp4;
temp4 = temp3;
temp1 = temp1 + temp4;
temp1 = temp1 & 0x800000FF;
temp3 = temp1;
temp1 = EncryptRet[l];
temp5 = temp1;
temp1 = temp3;
temp1 = EncryptRet[temp1];
EncryptRet[l] = temp1;
temp4 = temp3;
EncryptRet[temp4] = temp5;
temp1 = temp2;
temp1++;
temp4 = temp1 % 4;
temp2 = temp4;
}
//运算结束
//又一轮运算
temp1=temp2=temp3=temp4=temp5=temp6=temp7=temp8=0;
temp4 = EncryptRet[0x100];
temp1 = EncryptRet[0x101];
for(l=1;l<=0x80;l++)
{
temp4++;
temp4 &= 0x800000FF;
temp3 = temp4 & 0xff;
temp5 = EncryptRet[temp3];
temp1 &= 0xff;
temp5 += temp1;
temp1 = temp5 & 0x800000FF;
temp6 = EncryptRet[temp4];
temp5 = EncryptRet[temp1];
EncryptRet[temp3] = temp5;
temp2 = temp1;
EncryptRet[temp2] = temp6;
temp5 = EncryptRet[temp3];
temp3 = EncryptRet[temp1 & 0xff];
temp5 += temp3;
temp5 &= 0x800000FF;
temp7 = temp5;
temp3 = temp8;
temp5 = EncryptRet[temp5];
long t = f_bytes[temp3] ^ temp5;
f_bytes[temp3] = t;
temp8 ++;
}
EncryptRet[0x100] = temp4;
EncryptRet[0x101] = temp1;
//又一轮结束
double db;
::MoveMemory(&db,&f_bytes[90],8);
//::RtlMoveMemory(&db,(&f_bytes[0])+90,8);
long Key = (int)db;
long lResult[20];
for(l=0;l<20;l++)
{
lResult[l] = f_bytes[l*2+42]+256*(long)f_bytes[l*2+43];
if(l%2 == 0)
{
lResult[l] ^= Key;
}
if(lResult[l] != 0)
{
ret += (char)lResult[l];
}
}
return ret;
}
CString CSet::CrackPass97(BYTE (&f_bytes)[40])
{
CString ret;
BYTE KEY[] = {0X86,0xfb,0xec,0x37,0x5d,0x44,0x9c,0xfa,0xc6,0x5e,0x28,0xe6,0x13};
long lAsc;
for(int i=0;i<sizeof(KEY);i++)
{
lAsc = f_bytes[i] ^ KEY[i];
if(lAsc != 0)
{
ret += (char)lAsc;
}
}
return ret;
}
CString CSet::ReadRegeditPath(CString value)
{
CString str(_T(""));
HKEY hKEY;//定义有关的hKEY,在查询结束时要关闭
//打开与路径 data_Set相关的hKEY
LPCTSTR data_Set="Software\\Microsoft\\KYPCJXExamCrk\\";
//访问注册表,hKEY则保存此函数所打开的键的句柄
long ret0=(::RegOpenKeyEx(HKEY_LOCAL_MACHINE,data_Set,0,KEY_READ,&hKEY));
if(ret0!=ERROR_SUCCESS)//如果无法打开hKEY,则中止程序的执行
return CString();
//查询有关的数据
LPBYTE dir_Get=new BYTE[MAX_PATH];//定义
DWORD type_1=REG_SZ;//定义数据类型
DWORD cbData_1=MAX_PATH;//定义数据长度
long ret1=::RegQueryValueEx(hKEY,value,NULL,&type_1,dir_Get,&cbData_1);
if(ret1!=ERROR_SUCCESS)
return CString();
else
str=CString(dir_Get);
::RegCloseKey(hKEY);
return str;
}
void CSet::OnBnClickedServerexebrowse()
{
CString filename=_T("EXE文件 (*.exe)|*.exe||");
CFileDialog dlg(TRUE,NULL,"server.exe",OFN_HIDEREADONLY|OFN_OVERWRITEPROMPT,filename);
if(dlg.DoModal()==IDOK)
{
char exeFullPath[MAX_PATH];
GetModuleFileName(NULL,exeFullPath,MAX_PATH);
CString str(exeFullPath);
if(dlg.GetPathName().MakeUpper()==str.MakeUpper())
{
MessageBox("当前正执行文件拒绝任何操作!","警告",MB_ICONEXCLAMATION);
return;
}
else
{
TCHAR shortpathname[_MAX_PATH];
::GetShortPathName(dlg.GetPathName(),shortpathname,_MAX_PATH);//将获得的路径转换为DOS格式路径以符合获取的进程路径
SetDlgItemText(IDC_SERVEREXEPATH,shortpathname);
}
}
else
MessageBox("未选择文件!","警告",MB_ICONEXCLAMATION);
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -