msn messenger:一个软件和一段代码
根据统计,msn messenger是国内使用率仅次于qq的即时通信软件。不过msn messenger的登录方式显得有些怪异,而且它的本地密码存放机制也与qq有所不同,它采用的是dpapi加密方式(data protection api,一种数据保护接口,拥有两个函数用于提供系统级的数据保护服务),密码数据存储在注册表小?/p>
要想找回msn messenger的密码,就得从注册表中提取出经过加密的数据。网上已经有开发高手写出来源程序:
#include <windows.h>
#pragma comment(lib, "advapi32.lib")
#define fchk(a) if (!(a)) {printf(#a " failed\n"); return 0;}
typedef struct _cryptoapi_blob {
dword cbdata;
byte* pbdata;
} data_blob;
typedef struct _cryptprotect_promptstruct {
dword cbsize;
dword dwpromptflags;
hwnd hwndapp;
lpcwstr szprompt;
} cryptprotect_promptstruct, *pcryptprotect_promptstruct;
typedef bool (winapi *pcryptunprotectdata)(
data_blob* pdatain,
lpwstr* ppszdatadescr,
data_blob* poptionalentropy,
pvoid pvreserved,
cryptprotect_promptstruct* ppromptstruct,
dword dwflags,
data_blob* pdataout
);
pcryptunprotectdata cryptunprotectdata = null;
int main(void)
{
int ret;
hmodule hntdll;
hkey hkey;
dword dwtype;
char data[0x100] = {0};
dword dwsize;
data_blob datain;
data_blob dataout;
ret = regopenkeyex
(
hkey_current_user,
"software\\microsoft\\msnmessenger",
0,
key_read,
&hkey
);
if( ret != error_success ) return 1;
ret = regqueryvalueex
(
hkey,
"password.net messenger service",
null,
&dwtype,
data,
&dwsize
);
if( ret != error_success ) return 1;
fchk ((hntdll = loadlibrary ("crypt32.dll")) != null);
fchk ((cryptunprotectdata = (pcryptunprotectdata)
getprocaddress (hntdll, "cryptunprotectdata")) != null);
datain.pbdata = data + 2;
datain.cbdata = dwsize-2;
cryptunprotectdata
(
&datain,
null,
null,
null,
null,
1,
&dataout
);
base64_decode (dataout.pbdata, data, strlen(dataout.pbdata));
printf ( "msn password: %s\n", data);
return 0;
}
//copied from gnu libc - libc/resolv/base64.c
int base64_decode (char const *src, char *target, size_t targsize)
{
static const char base64[] =
"abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789+/";
static const char pad64 = ‘=‘;
int tarindex, state, ch;
char *pos;
state = 0;
tarindex = 0;
while ((ch = *src++) != ‘\0‘)
{
if (isspace (ch)) /* skip whitespace anywhere. */
continue;
if (ch == pad64)
break;
pos = strchr (base64, ch);
if (pos == 0) /* a non-base64 character. */
return (-1);
switch (state)
{
case 0:
if (target)
{
if ((size_t) tarindex >= targsize)
return (-1);
target[tarindex] = (pos - base64) << 2;
}
state = 1;
break;
case 1:
if (target)
{
if ((size_t) tarindex + 1 >= targsize)
return (-1);
target[tarindex] |= (pos - base64) >> 4;
target[tarindex + 1] = ((pos - base64) & 0x0f) << 4;
}
tarindex++;
state = 2;
break;
case 2:
if (target)
{
if ((size_t) tarindex + 1 >= targsize)
return (-1);
target[tarindex] |= (pos - base64) >> 2;
target[tarindex + 1] = ((pos - base64) & 0x03) << 6;
}
tarindex++;
state = 3;
break;
case 3:
if (target)
{
if ((size_t) tarindex >= targsize)
return (-1);
target[tarindex] |= (pos - base64);
}
tarindex++;
state = 0;
break;
default:
abort ();
}
}
if (ch == pad64)
{ /* we got a pad char. */
ch = *src++; /* skip it, get next. */
switch (state)
{
case 0: /* invalid = in first position */
case 1: /* invalid = in second position */
return (-1);
case 2: /* valid, means one byte of info */
/* skip any number of spaces. */
for ((void) null; ch != ‘\0‘; ch = *src++)
if (!isspace (ch))
break;
/* make sure there is another trailing = sign. */
if (ch != pad64)
return (-1);
ch = *src++; /* skip the = */
/* fall through to "single trailing =" case. */
/* fallthrough */
case 3: /* valid, means two bytes of info */
/*
* we know this char is an =. is there anything but
* whitespace after it?
*/
for ((void) null; ch != ‘\0‘; ch = *src++)
if (!isspace (ch))
return (-1);
if (target && target[tarindex] != 0)
return (-1);
}
}
else
{
if (state != 0)
return (-1);
}
return (tarindex);
}
(该源程序版权归其原作者所有)
如果你懂一些编译和visual studio知识,可以将它的执行文件写出来。
点击下载最新版本msn messenger>>>
对于多数人来说,还是习惯于使用各种软件来达到目的。这里就推荐一款名为messenpass的软件,它可以读取纪录在本地的msn messenger、windows messenger、yahoo messenger、icq lite、aol、trillian、miranda、gaim密码,下载地址:http://www.softpedia.com/public/scripts/downloadhero/10-4-1-117/,下载后只需运行即可显示账户和密码信息.
