The main idea of Windows network user password guessing algorithm is to use Windows provided window enumeration function EnumWindows () to find the network login window. Use the child Window enumeration function enumchildwindows () or Getnext-dlgtabitem () and GetWindowLong () to locate the controls on the Network login window. Use SendDlgItemMessage () or Setdlgitemtext () to enter the username and password. Use SendMessage () to send a "OK" message. This completes the entire network logon process using the program. In this process, the enumeration username and password are used to complete the enumeration guessing of the username and password of the network.
First, guess the process flow:
To illustrate the problem, only the main process is written below. For the key process for the use of VC to achieve the source code. The code between Mutex.lock and Mutex.unlock in the following process only allows single thread access. "Password enumeration" means that the user-specified character set has been enumerated, the program enumerates a new user name, and then enumerates the character sets again. For specific uses of the functions in the source code, see MSDN. For multithreading usage, refer to the visualc++ Technical Insider.
The source code for the key process is given below (see Figure 1-1 for the program flow):
1. Global variables:
struct _Thread
{
CWinThread *pThread;
};
_Thread WindowThread[iProc],PassTread[1],UserTread[1]; )//iProc:窗口枚举线程数
CEvent gEventNextPass;//取下一个密码,为实现同步引进
CEvent gEventPassOk;//已取得密码,为实现同步引进
CEvent gEventNextUser;//取下一个用户名,为实现同步引进
CEvent gEventUserOk;// 已取得用户名,为实现同步引进
CMutex gMutex;//互斥量,只允许单线程访问
char cCurrentPass[MAX_PASSWORD_LENGTH]; file://当前使用的密码。
char cCurrentUser[MAX_USER_LENGTH];//当前使用的用户名
2. Thread Start: