生成rdp檔案中的密碼字串
阿新 • • 發佈:2019-01-28
// CryptProtectData.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include <stdio.h> #include <windows.h> #include <Wincrypt.h> #include <fstream> #include <string> #include <algorithm> #include <list> #pragma comment(lib,"bufferoverflowU.lib") #pragma comment(lib,"crypt32.lib ") using namespace std; void main() { ///////////////////////////////////加密////////////////////////////////////////// DATA_BLOB DataIn1; DATA_BLOB DataOut1; // mstsc.exe中使用的是unicode,所以必須做寬字元轉換 BYTE *pbDataInput1 =(BYTE *)L"freedom"; DWORD cbDataInput1 = wcslen(L"freedom")*sizeof(wchar_t); DataIn1.pbData = pbDataInput1; DataIn1.cbData = cbDataInput1; FILE *fp; if(CryptProtectData( &DataIn1, L"psw", // A description string // to be included with the // encrypted data. NULL, // Optional entropy not used. NULL, // Reserved. NULL, // Pass NULL for the // prompt structure. 0, &DataOut1)) { printf("The encryption phase worked.\n\n"); fp = fopen("E:\\CryptProtectData\\Release\\password.txt","w"); int count=0; while ( count <= (int)DataOut1.cbData ){ // 因為一個unsigned int 佔32位 // 轉換成成16進位制要佔兩位 // 所以這裡需要用%02 fprintf(fp,"%02X",DataOut1.pbData[count]); count++; } fclose(fp); } else { printf("Encryption error using CryptProtectData.\n\n"); exit(1); } /* ///////////////////////////////////解密////////////////////////////////////////// //應用程式正在請求訪問受保護的專案,導致無法解密 void HandleError(char *s) { fprintf(stderr, "An error occurred in running the program. /n"); fprintf(stderr, "%s/n",s); fprintf(stderr, "Error number %d./n", GetLastError()); fprintf(stderr, "Program terminating. /n"); //exit(1); return; } ifstream in("E:\\CryptProtectData\\Release\\password.txt"); list<string> lst; char buf[1024]; while(in) { in.getline(buf,1024); lst.push_back(buf); } list<string>::iterator iter, iterBegin; string strPwd; iterBegin = lst.begin(); strPwd = *iterBegin; iterBegin++; for(iter = iterBegin; iter != lst.end(); iter++) { strPwd += *iter; } DATA_BLOB DataOut; DATA_BLOB DataVerify; LPWSTR pDescrOut = NULL; BYTE *pbDataOutput; DWORD cbDataOutput; int data; // Put encrypted password string here //char *szEncodedPwd = new char[strlen(strPwd.c_str()) + 1]; //strcpy(szEncodedPwd, strPwd.c_str()); char szEncodedPwd[] = "51:b:01000000D08C9DDF0115D1118C7A00C04FC297EB010000005A95766D6AED2744AA27C4F51CCF71C70000000008000000700073007700000003660000A800000010000000738B7545A4E609D5E627D2340668C2230000000004800000A000000010000000980CFB0F5DF7B89D57AE2DA3708DE0C6080200001F933C9215C8548A2C591A0D3C659D53FE45BCB4AE770E4B0369D4EC6D9804B6C094FB7181632C3E41E35350E742FEA14308FD87D9BAA190B0253DA92CEFC2439DCEAEAEBA108E7030DBC0ACF973E28C058FB180086A21DD809CF37F463AF7BE2B0088880F706FCB6D1722368959A4F8A885257A06DBD153B735376FB0267218F1771668A660EA81188EDDDB650A314091233B99EC2FF6361BEDEC532603A86882AEBBC597836DADF40E882A2C8EC16FAB2018E73E40187BF913C307EEF9CA4A6664BD39AAD163348D67A75EB12460A1EA8840E416BAA80D5724C4F17A6CB71621F3841B1AF1B2AC40C9E4725847B7487B22A7E42542E321B84F0561FF73A1DD6B199E1DBAFB12881ABB5332B33B956AE431F4E20A61DA94175A7F1597FDF1C205E7975C8FD8CEAB78B18528EB57CB93D518880E62797E3B2226673B43B36D2BA118235F4D265344E07D195AC0B07398DB5776E524D7FEC121DFCAEBABA578D9ABA1F5A3E6DEC3DF72FC64D4516F2B2BEFEDCAFD4E21C5C53BD79F908D11E4BAC4608E2E1A3F7A0100AE324DE31EC4CC6E7B69CD768483A93C6B31F84CCFD4B2507991FCF0EC3CB45F68DBE179038574664F0FE5FE2CA9C3E790C3EFA32984DEDC2D563F23EEF4B03F2C1A34B01BDAE05FFB854821B6EFEEA0CF1EAF9AAA769D24862EFC5E3D24DD475736FDC6B70E0F9ABB21AF8B80C36D8D3F473D4AEC52B71E08F9F980014F3C14000000D2542DC2A708785AF43A4DB07FD5DB36628176D60"; // String conversion cbDataOutput = ( (strlen(szEncodedPwd)) / 2 ); pbDataOutput = (BYTE *)malloc( cbDataOutput + 1 ); if (pbDataOutput == NULL) HandleError("Not enough memory."); for (unsigned int i=0; i<(cbDataOutput); i++) { sscanf(&(szEncodedPwd[i+i]), "%02x", &data); pbDataOutput[i] = data; } DataOut.pbData = pbDataOutput; DataOut.cbData = cbDataOutput; // Decryption if (CryptUnprotectData( &DataOut, // [in] Input data &pDescrOut, // (Optional) [out] Description string NULL, // (Optional) [in] Entropy (not used by MS) NULL, // Reserved NULL, // (Optional) PromptStruct 0, // Flags &DataVerify)) // [out] Output data { wprintf(L"The decrypted data is: %s\n\n", (WCHAR *)DataVerify.pbData); printf("The description of the data was: %S\n\n", pDescrOut); } else { HandleError("解密錯誤!"); } LocalFree(pDescrOut); free(DataOut.pbData); LocalFree(DataVerify.pbData); */ //delete [] szEncodedPwd; system("pause"); } /*RDP檔案格式 screen mode id:i:1 desktopwidth:i:1280 desktopheight:i:750 session bpp:i:24 winposstr:s:2,3,188,8,1062,721 full address:s:MyServer compression:i:1 keyboardhook:i:2 audiomode:i:0 redirectdrives:i:0 redirectprinters:i:0 redirectcomports:i:0 redirectsmartcards:i:0 displayconnectionbar:i:1 autoreconnection enabled:i:1 username:s:MyUserName domain:s:MyDomain alternate shell:s: shell working directory:s: password 51:b:01000000D08C9DDF0115D1118C7A00C04FC297EB01000000A925BC8BF405AE47B6A93F9FCD7F5A360400000008000000700073007700000003660000A800000010000000C6D37A7460CFA72B01B292A434E7B05B0000000004800000A0000000100000001BD47A8C85A97DE20B65AE8C515E8EF110000000164E84E384B887573DF97586B4246AD914000000884A9FACDB5B1862C5B27339F805AD6E392E1DE0 disable wallpaper:i:1 disable full window drag:i:1 disable menu anims:i:1 disable themes:i:0 disable cursor setting:i:0 bitmapcachepersistenable:i:1 */