BOOL SamReadEntry(WINPR_SAM *sam, WINPR_SAM_ENTRY *entry)
{
char* p[7];
int LmHashLength;
int NtHashLength;
p[0] = sam->line;
p[1] = strchr(p[0], ':') + 1;
p[2] = strchr(p[1], ':') + 1;
p[3] = strchr(p[2], ':') + 1;
p[4] = strchr(p[3], ':') + 1;
p[5] = strchr(p[4], ':') + 1;
p[6] = p[0] + strlen(p[0]);
entry->UserLength = (UINT32)(p[1] - p[0] - 1);
entry->User = (LPSTR) malloc(entry->UserLength + 1);
if (!entry->User)
return FALSE;
entry->User[entry->UserLength] = '\0';
entry->DomainLength = (UINT32)(p[2] - p[1] - 1);
LmHashLength = (int)(p[3] - p[2] - 1);
NtHashLength = (int)(p[4] - p[3] - 1);
memcpy(entry->User, p[0], entry->UserLength);
if (entry->DomainLength > 0)
{
entry->Domain = (LPSTR) malloc(entry->DomainLength + 1);
if (!entry->Domain)
{
free(entry->User);
entry->User = NULL;
return FALSE;
}
memcpy(entry->Domain, p[1], entry->DomainLength);
entry->Domain[entry->DomainLength] = '\0';
}
else
{
entry->Domain = NULL;
}
if (LmHashLength == 32)
{
HexStrToBin(p[2], (BYTE*) entry->LmHash, 16);
}
if (NtHashLength == 32)
{
HexStrToBin(p[3], (BYTE*) entry->NtHash, 16);
}
return TRUE;
}
WINPR_SAM_ENTRY* SamReadEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry)
{
char* p[5];
int LmHashLength;
int NtHashLength;
p[0] = sam->line;
p[1] = strchr(p[0], ':') + 1;
p[2] = strchr(p[1], ':') + 1;
p[3] = strchr(p[2], ':') + 1;
p[4] = p[0] + strlen(p[0]);
entry->UserLength = p[1] - p[0] - 1;
entry->DomainLength = p[2] - p[1] - 1;
LmHashLength = p[3] - p[2] - 1;
NtHashLength = p[4] - p[3];
entry->User = (LPSTR) malloc(entry->UserLength + 1);
memcpy(entry->User, p[0], entry->UserLength);
entry->User[entry->UserLength] = '\0';
if (entry->DomainLength > 0)
{
entry->Domain = (LPSTR) malloc(entry->DomainLength + 1);
memcpy(entry->Domain, p[1], entry->DomainLength);
entry->Domain[entry->DomainLength] = '\0';
}
if (LmHashLength == 32)
{
HexStrToBin(p[2], (BYTE*) entry->LmHash, 16);
}
if (NtHashLength == 32)
{
HexStrToBin(p[3], (BYTE*) entry->NtHash, 16);
}
return entry;
}
void __fastcall TMDIChild::actFindExecute(TObject *Sender)
{
String result = SearchFrm->GetSearchResult();
if(result == "")
return;
char *startPointer = m_HexEditor->GetFastPointer(0, m_HexEditor->DataSize) + m_HexEditor->SelStart;
int searchSize = m_HexEditor->DataSize - m_HexEditor->SelStart;
LPVOID curData = m_SearchEngine.NormalSearch(startPointer, searchSize+1, AnsiString(result).c_str());
if(curData == NULL)
{
ShowMessage("没有结果");
return;
}
String buffer;
buffer.SetLength(result.Length());
int len = HexStrToBin(AnsiString(buffer).c_str(), result);
m_HexEditor->SelStart += (char *)curData - startPointer;
m_HexEditor->SelCount = len;
}