Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:47

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 
Author Message
 Post subject: Question
PostPosted: 16 Dec 2007 19:03 

Joined: 14 Aug 2007 15:32
Posts: 6
How would you go about making a password recovery tool ?


Top
 Profile  
 
 
 Post subject:
PostPosted: 16 Dec 2007 19:34 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
First you must find is the password is only encoded/encrypted or is just an hash, in this second case you can't write the password recovery, it will be a brute forcer so something completely different, anyway it's not a problem since usually only the servers use hashes or salted hashes.

Then you need to find where is stored the password: registry (regmon) or file (filemon)
Usually in configuration file the passwords are stored in hex format, base64 or just in binary (they use an algorithm which avoids invalid chars like carriage return and line feed).

The third step is finding the decoding algorithm and in this case the matter is a bit longer and depends by how much you know how to use a debugger.
Usually you will find a function (CALL xxxxxxxx) which takes the input encoded string and returns a pointer to the decoded one or place it in the same of another buffer.

Last step is traducing the decoding algorithm in working code for your programming language and building the password recovery tool.


Top
 Profile  
 
 Post subject:
PostPosted: 30 Dec 2007 15:18 

Joined: 14 Aug 2007 15:32
Posts: 6
cool thanx for that i going to see if i cab get one working :P


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: