 |
Luigi Auriemmaaluigi.org (ARCHIVE-ONLY FORUM!) |
|
It is currently 19 Jul 2012 18:16
|
View unanswered posts | View active topics
|
Page 1 of 1
|
[ 3 posts ] |
|
| Author |
Message |
|
TOTALSLAG
|
Post subject: Question  Posted: 16 Dec 2007 19:03 |
|
Joined: 14 Aug 2007 15:32
Posts: 6
|
|
How would you go about making a password recovery tool ?
|
|
| Top |
|
 |
|
|
|
|
|
|
|
|
aluigi
|
Post subject: Posted: 16 Dec 2007 19:34 |
|
Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
|
|
First you must find is the password is only encoded/encrypted or is just an hash, in this second case you can't write the password recovery, it will be a brute forcer so something completely different, anyway it's not a problem since usually only the servers use hashes or salted hashes.
Then you need to find where is stored the password: registry (regmon) or file (filemon)
Usually in configuration file the passwords are stored in hex format, base64 or just in binary (they use an algorithm which avoids invalid chars like carriage return and line feed).
The third step is finding the decoding algorithm and in this case the matter is a bit longer and depends by how much you know how to use a debugger.
Usually you will find a function (CALL xxxxxxxx) which takes the input encoded string and returns a pointer to the decoded one or place it in the same of another buffer.
Last step is traducing the decoding algorithm in working code for your programming language and building the password recovery tool.
|
|
| Top |
|
|
|
TOTALSLAG
|
Post subject: Posted: 30 Dec 2007 15:18 |
|
Joined: 14 Aug 2007 15:32
Posts: 6
|
|
cool thanx for that i going to see if i cab get one working :P
|
|
| Top |
|
|
|
|
Page 1 of 1
|
[ 3 posts ] |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
|
|
