In the evening, I watched news.baidu.com and suddenly found that the MSN password was cracked. Code It looks so scary. So Google quickly found a bunch of code. However, a few of them are written by one person, and eventually all are accused of being copied from another forum. I found the code and suddenly remembered the flier boss I saw on the Green League a few days ago. Article Again, the code is basically the same. But what I found later seems better than flier, because the 74 entropydata is actually a very simple string. Although flier mentioned, the entropydata in his code saves the internal use of a fixed encryption key obtained directly from the token in the MSN Messenger code through windbg, and may change according to different versions in the future.
Check the bytes section:
Static unsigned char entropydata [] = {
0xe0, 0x00, 0xc8, 0x00, 0x08, 0x01, 0x10, 0x01,
0xc0, 0x00, 0x14, 0x01, 0xd8, 0x00, 0xdc, 0x00,
0xb4, 0x00, 0xe4, 0x00, 0x18, 0x01, 0x14, 0x01,
0x04, 0x01, 0xb4, 0x00, 0xd0, 0x00, 0xdc, 0x00,
0xd0, 0x00, 0xe0, 0x00, 0xb4, 0x00, 0xe0, 0x00,
0xd8, 0x00, 0xdc, 0x00, 0xc8, 0x00, 0xb4, 0x00,
0x10, 0x01, 0xd4, 0x00, 0x14, 0x01, 0x18, 0x01,
0x14, 0x01, 0xd4, 0x00, 0x08, 0x01, 0xdc, 0x00,
0xdc, 0x00, 0xe4, 0x00, 0x08, 0x01, 0xc0, 0x00, 0x00, 0x00 };
In fact, this thing is changed:
Char szentropystringseed [37] = "82bd0e67-9fea-4748-8672-d5efe5b779b0"; // credui. dll
The specific code will not be pasted. You can immediately obtain all MSN passwords on the local machine.
Although the flier boss says there is no value, it can still be used to attract others. For example, you can use xp_mongoshell to connect to a remote machineProgramInput (whether this crendential exists, I don't know,: $); or I want to implement this function in ocx, and others will use it on the webpage; or put it in my program ......
Ah, the world is evil!
