Espacio equ 13,10
format pe console
include 'win32ax.inc'
entry start
.data
Logo db ' =====================================================',13,10
db ' = Humilde Visor de calves de el msn 0.1v by YST =',13,10
db ' =====================================================',13,10,0
lCount dd ?
lCred dd ?
struct DATA_BLOB
cbData dd ?
pbData dd ?
ends
tBlobOut DATA_BLOB
tBlobIn DATA_BLOB
lmem dd ?
.code
start:
invoke system,"color 03"
invoke printf,Logo
invoke printf,Espacio
invoke printf,Espacio
invoke CredEnumerate,"WindowsLive:name=*", 0, lCount,lCred
.if [lCount] <> 0
mov ebx, [lCred]
.bucle:
dec [lCount]
mov eax, dword[ebx]
mov edi,dword[eax+8]
mov edx,dword[eax+24]
mov esi,dword[eax+28]
mov [tBlobIn.cbData],edx
mov [tBlobIn.pbData] ,esi
invoke CryptUnprotectData,tBlobIn, $0, $0, $0, $0, $1, tBlobOut
.if [tBlobIn.cbData] = 0
invoke printf,"%s","Mail: "
mov eax, dword[ebx]
mov eax,dword[eax+48]
invoke printf,"%s",eax
invoke printf,Espacio
invoke printf,Espacio
.else
invoke LocalAlloc,GPTR,[tBlobIn.cbData]; Call CopyMemory(ByVal StrPtr(sPass), ByVal .pbData, .cbData)
mov [lmem],eax
stdcall UniToAscii ,[lmem], [tBlobIn.pbData]
invoke printf,"%s","Mail: "
mov eax, dword[ebx]
mov eax,dword[eax+48]
invoke printf,"%s",eax
invoke printf,Espacio
invoke printf,"Contraseña: %s",[lmem]
invoke printf,Espacio
invoke printf,Espacio
invoke LocalFree,[lmem]
.endif
.if [lCount] = 0
.else
add ebx,4
jmp .bucle
.endif
.else
jmp salir
.endif
salir:
invoke ExitProcess,0
proc UniToAscii, ascii, unicode
push esi
push edi
mov esi, [unicode]
mov edi, [ascii]
.count:
.if byte[esi] <> 0
movsb
jmp .count
.endif
inc esi
.if byte[esi] = 0
jmp .exit
.endif
jmp .count
.exit:
mov eax, edi
add eax, 2
pop edi
pop esi
ret
endp
section '.idata' import data readable writeable
library kernel32,'kernel32.dll',crypt32,"crypt32.dll",user32,'user32.dll',advapi32,'advapi32.dll',msvcrt,'msvcrt.dll'
include 'api/kernel32.inc'
import crypt32,CryptUnprotectData,"CryptUnprotectData"
import advapi32,\
CredEnumerate,'CredEnumerateA'
include 'api/user32.inc'
import msvcrt,printf,"printf",system,"system"
format pe console
include 'win32ax.inc'
entry start
.data
Logo db ' =====================================================',13,10
db ' = Humilde Visor de calves de el msn 0.1v by YST =',13,10
db ' =====================================================',13,10,0
lCount dd ?
lCred dd ?
struct DATA_BLOB
cbData dd ?
pbData dd ?
ends
tBlobOut DATA_BLOB
tBlobIn DATA_BLOB
lmem dd ?
.code
start:
invoke system,"color 03"
invoke printf,Logo
invoke printf,Espacio
invoke printf,Espacio
invoke CredEnumerate,"WindowsLive:name=*", 0, lCount,lCred
.if [lCount] <> 0
mov ebx, [lCred]
.bucle:
dec [lCount]
mov eax, dword[ebx]
mov edi,dword[eax+8]
mov edx,dword[eax+24]
mov esi,dword[eax+28]
mov [tBlobIn.cbData],edx
mov [tBlobIn.pbData] ,esi
invoke CryptUnprotectData,tBlobIn, $0, $0, $0, $0, $1, tBlobOut
.if [tBlobIn.cbData] = 0
invoke printf,"%s","Mail: "
mov eax, dword[ebx]
mov eax,dword[eax+48]
invoke printf,"%s",eax
invoke printf,Espacio
invoke printf,Espacio
.else
invoke LocalAlloc,GPTR,[tBlobIn.cbData]; Call CopyMemory(ByVal StrPtr(sPass), ByVal .pbData, .cbData)
mov [lmem],eax
stdcall UniToAscii ,[lmem], [tBlobIn.pbData]
invoke printf,"%s","Mail: "
mov eax, dword[ebx]
mov eax,dword[eax+48]
invoke printf,"%s",eax
invoke printf,Espacio
invoke printf,"Contraseña: %s",[lmem]
invoke printf,Espacio
invoke printf,Espacio
invoke LocalFree,[lmem]
.endif
.if [lCount] = 0
.else
add ebx,4
jmp .bucle
.endif
.else
jmp salir
.endif
salir:
invoke ExitProcess,0
proc UniToAscii, ascii, unicode
push esi
push edi
mov esi, [unicode]
mov edi, [ascii]
.count:
.if byte[esi] <> 0
movsb
jmp .count
.endif
inc esi
.if byte[esi] = 0
jmp .exit
.endif
jmp .count
.exit:
mov eax, edi
add eax, 2
pop edi
pop esi
ret
endp
section '.idata' import data readable writeable
library kernel32,'kernel32.dll',crypt32,"crypt32.dll",user32,'user32.dll',advapi32,'advapi32.dll',msvcrt,'msvcrt.dll'
include 'api/kernel32.inc'
import crypt32,CryptUnprotectData,"CryptUnprotectData"
import advapi32,\
CredEnumerate,'CredEnumerateA'
include 'api/user32.inc'
import msvcrt,printf,"printf",system,"system"
Comments (0)
Publicar un comentario