read from registry, and write to registry

Jan 18, 2012 at 2:25pm
jacob73 (11)
hi
can anyone help me to translate this code to vb6?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
#include <stdio.h>
#include <stdlib.h>
#include <windows.h>
#include <wincrypt.h>

#define SEED_CONSTANT 0xba0da71d

unsigned char secretKey[16]={ 0xa3,0x1e,0xf3,0x69,
                              0x07,0x62,0xd9,0x1f,
                              0x1e,0xe9,0x35,0x7d,
                              0x4f,0xd2,0x7d,0x48 };

int Decode(char output[], char passEntry[], DWORD entryLen)
{
    int ret = -1;
    HANDLE hToken;
    char sid[512], name[512],domain[512];
    DWORD SidSize = 0, i, j;
    DWORD cchName,cchDomain;
    SID_NAME_USE peUse;
    TOKEN_USER *SidUser = (TOKEN_USER*)&sid;

    unsigned char staticKey[16];
    unsigned int seed;
    unsigned char *a,*b;

    memcpy(staticKey,secretKey,sizeof(staticKey));

    if((OpenProcessToken(GetCurrentProcess(),TOKEN_QUERY,&hToken)))
    {
        if((GetTokenInformation(hToken,TokenUser,SidUser,sizeof(sid),&SidSize)))
        {
            cchName = cchDomain = sizeof(name);

            if((LookupAccountSid(NULL,SidUser->User.Sid,
                    name,&cchName,domain,&cchDomain,&peUse)))
            {
                seed = SEED_CONSTANT;

                // mix username with key

                for(i = 0;i < cchName;i++)
                {
                    ((unsigned int*)staticKey)[ i % 4 ] ^= name[i] * seed;
                    seed *= 48271;
                }

                // mix domain name with key

                for(j = 0;j < cchDomain;i++,j++)
                {
                    ((unsigned int*)staticKey)[ i % 4 ] ^= domain[j] * seed;
                    seed *= 48271;
                }

                // decode  string

                seed = (((unsigned int*)staticKey)[0] | 1);
                a = (unsigned char*)&passEntry[4];
                b = (unsigned char*)&passEntry[5];

                for(i = 0;i < entryLen;i += 2)
                {
                    passEntry[ i / 2 ] = (((a[i]-1)*16) | (b[i]-33)) - (seed & 0xff);
                    seed *= 69621;
                }

                // use protected storage to decrypt data

                DATA_BLOB   DataIn, DataEntropy, DataOut;

                DataEntropy.cbData = sizeof(staticKey);
                DataEntropy.pbData = (BYTE*)&staticKey;

                DataIn.cbData = (i/2);
                DataIn.pbData = (BYTE*)passEntry;

                //passEntry[(i/2)+4]=0;

                if(CryptUnprotectData(&DataIn,
                                   NULL,
                                   &DataEntropy,
                                   NULL,
                                   NULL,
                                   1,
                                   &DataOut)) {
                    memcpy(output,DataOut.pbData,DataOut.cbData);
                    output[DataOut.cbData] = 0;
                    LocalFree(DataOut.pbData);
                    ret = 0;
                }
            }
        }
        CloseHandle(hToken);
    }
    return(ret);
}

int main(void) {
    char    pwd[1024],
            out[1024],
            *p;

    printf(
        "paste your encrypted password here\n"
        "(\"pw\" from HKEY_CURRENT_USER\\Software\\Google\\Google Talk\\Accounts):\n");
    fgets(pwd, sizeof(pwd), stdin);
    for(p = pwd; *p && (*p != '\n') && (*p != '\r'); p++);
    *p = 0;

    if(!Decode(out, pwd, strlen(pwd))) {
        printf("\nPASSWORD: %s\n", out);
    } else {
        printf("\nthe password cannot be decrypted on this account/machine\n");
    }
    printf("\npress return to quit\n");
    fgetc(stdin);
    return(0);
}
Edit & run on cpp.sh
Last edited on Jan 18, 2012 at 5:00pm
Jan 18, 2012 at 2:42pm
webJose (2948)
1. VB6 is dead. This means exactly that: No updates to the runtime from Microsoft, no updates to make it work in newer OS's, no nothing.
2. To re-write that Decode() function in VB6 is a pain because of all the Windows API calls that aren't the easiest to marshal.

So in light of the above, I recommend you that you create a dll in C++ that exports the Decode() function and you marshal that one function only instead of marshaling all those WinAPI's inside Decode().
Jan 18, 2012 at 5:04pm
jacob73 (11)
so i change the title
i need to get a value from regitsry
in this part:
1
2
3
4
 
 printf(
        "paste your encrypted password here\n"
        "(\"pw\" from HKEY_CURRENT_USER\\Software\\Google\\Google Talk\\Accounts):\n");
    fgets(pwd, sizeof(pwd), stdin);

i need to get "pwd" value from registry
and write result in registry again
in this part:
 
 
  printf("\nPASSWORD: %s\n", out);

write "out" in some where in registry
Jan 18, 2012 at 5:43pm
webJose (2948)
To read a registry key value, you need to:

1. Call RegCreateKeyEx() to open the subkey Software\Google\Google Talk\Accounts.
2. Call RegQueryValueEx() to query the desired key value. You need to provide a buffer large enough. The usual method is to first call this function without a buffer in order to get the required size, then allocate the buffer dynamically and call the function again, this time with the buffer.
3. Call RegCloseKey() to close the registry key.

There are tons of samples out there on how to read from the registry. Google up the function names.
Jan 18, 2012 at 6:04pm
jacob73 (11)
please give me an example
i'm beginner
Last edited on Jan 18, 2012 at 6:42pm
Jan 18, 2012 at 6:46pm
webJose (2948)
Jan 18, 2012 at 7:09pm
jacob73 (11)
i know that
i have some registry code
but i can't understand c++ codes
i hope u help me
Last edited on Jan 18, 2012 at 7:09pm
Jan 18, 2012 at 8:16pm
webJose (2948)
I am not sure how much more help an example of mine. It wouldn't be too much different from what it is out there.

If you want to understand the functions involved in reading the registry, I recommend that you read MSDN Online and some Windows tutorials. Windows objects (like registry keys) are accessed via handles. If you have the Handle concept down, then this is no different.
Topic archived. No new replies allowed.