Need to break into a program

[KMDcomp]

I have a very old patient management system and one of the reporting tools requires a password. Unfortunately, no one remembers it. I need a brute force method to crack it.

The password isn't any longer than 8 characters, doesn't contain any symbols, and is not case sensitive (nice security for a medical program, but like I said, it's old )

If I bring up the password box, it will happily let me enter password after password until the end of time. It's like this program was made to be brute force attacked.

I need to be able to:
enter a word programmatically into the dialog box

press enter or click the OK box

close the failed password message box

rinse and repeat until the failed message box fails to appear




Any suggestions?

[dbasnett]

Think about what you are really asking on an anonymous message board? You should contact the company that created the software.

[MaximilianMayrhofer]

Is the very old system written in .Net? If it is, you could always decompile it, as the password is clearly hardcoded. Otherwise, you would need to get the handle of the password dialog window, and use the send message API to feed it passwords and programmatically click the button, then check each time if the window is still there.

Passwords under 9 characters make brute-forcing feasible, so it will simply become a matter of churning out passwords and passing them to the window.

[KMDcomp]

The company doesn't exist anymore dbasnett, there is no one to call. If someone thinks I'm trying to do something illicit and decides not to help me, then so be it. I certainly wouldn’t want anyone to do something they were uncomfortable with.

MaximilianMayrhofer, it's not .NET, the program is more than 20 years old at this point.

I've figured out how to use

Code:

ProcID = Shell("q:\bin\prorun.exe", AppWinStyle.NormalFocus)

and sendkeys to send passwords, press the enter button 2 twice to try the password and to close the failed password box, then it sends a series of backspace commands to delete the failed password.

This would probably work well enough to get me in over the weekend, but if possible, I'd like to actually ID the password incase I need this function again. We are moving to a new system, and this will probably be the last reporting period were I need access to this function, but you never know.

How can I get the handle of the dialog window and how can I test if it came back after entering a password?

[weirddemon]

I have a very old patient management system and one of the reporting tools requires a password. Unfortunately, no one remembers it. I need a brute force method to crack it.

The password isn't any longer than 8 characters, doesn't contain any symbols, and is not case sensitive (nice security for a medical program, but like I said, it's old )

If I bring up the password box, it will happily let me enter password after password until the end of time. It's like this program was made to be brute force attacked.

I need to be able to:
enter a word programmatically into the dialog box

press enter or click the OK box

close the failed password message box

rinse and repeat until the failed message box fails to appear




Any suggestions?

As far as I'm aware, we cannot discuss such a topic. Even though this is for a seemingly legitimate purpose, the knowledge could be used maliciously.

[MaximilianMayrhofer]

Weirddemon is right, but if you take what you already know, and combine that with the GetWindowText() API, you should be able to finish it.