My question is: Is all I need to edit is the new and current DWORD value?
It's been so long since i have worked with this stuff.. can anyone point me in the right direction of the correct dword, i will be googling for it in the mean-time...
The original post with links to the download is here:
[Only registered and activated users can see links. Click Here To Register...]
Here is Menasculio's current sourcecode:
unsigned char dane[1024];
DWORD LEN = 1024;
HCRYPTPROV hProvider = NULL;
HCRYPTHASH hHash = NULL;
HCRYPTKEY hKey = NULL;
BOOL bRes;
DWORD ddLen = LEN;
bRes = CryptAcquireContext( &hProvider, NULL, MS_DEF_PROV, 1, 0xF0000000 );
bRes = CryptCreateHash( hProvider, CALG_MD5, NULL, NULL, &hHash );
bRes = CryptHashData( hHash, (BYTE *) "1111", 4, NULL );
bRes = CryptDeriveKey( hProvider, CALG_RC4, hHash, CRYPT_CREATE_SALT, &hKey);
bRes = CryptDestroyHash( hHash );
bRes = CryptDecrypt( hKey, NULL, FALSE, NULL, dane, &LEN );
bRes = CryptDestroyKey( hKey );
and what is ptr to unicode?
CPU Disasm
Address Hex dump Command Comments
77E7F86C FFB6 98F8E777 PUSH DWORD PTR DS:[ESI+77E7F898] ; PTR to UNICODE "ncacn_np"
CPU Dump
Address Hex dump Command Comments
0043202F 696F 6E 4040000 IMUL EBP,DWORD PTR DS:[EDI+6E],4040
^am i in the right direction? ^
It's been so long since i have worked with this stuff.. can anyone point me in the right direction of the correct dword, i will be googling for it in the mean-time...
The original post with links to the download is here:
[Only registered and activated users can see links. Click Here To Register...]
Here is Menasculio's current sourcecode:
unsigned char dane[1024];
DWORD LEN = 1024;
HCRYPTPROV hProvider = NULL;
HCRYPTHASH hHash = NULL;
HCRYPTKEY hKey = NULL;
BOOL bRes;
DWORD ddLen = LEN;
bRes = CryptAcquireContext( &hProvider, NULL, MS_DEF_PROV, 1, 0xF0000000 );
bRes = CryptCreateHash( hProvider, CALG_MD5, NULL, NULL, &hHash );
bRes = CryptHashData( hHash, (BYTE *) "1111", 4, NULL );
bRes = CryptDeriveKey( hProvider, CALG_RC4, hHash, CRYPT_CREATE_SALT, &hKey);
bRes = CryptDestroyHash( hHash );
bRes = CryptDecrypt( hKey, NULL, FALSE, NULL, dane, &LEN );
bRes = CryptDestroyKey( hKey );
and what is ptr to unicode?
CPU Disasm
Address Hex dump Command Comments
77E7F86C FFB6 98F8E777 PUSH DWORD PTR DS:[ESI+77E7F898] ; PTR to UNICODE "ncacn_np"
CPU Dump
Address Hex dump Command Comments
0043202F 696F 6E 4040000 IMUL EBP,DWORD PTR DS:[EDI+6E],4040
^am i in the right direction? ^
