Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

WNetGetCachedPassword : Specs!? ..

How can I call this Hidden Function from MPR.DLL
WNetGetCachedPassword...
Can someone give me the Code to call this function!??
Thanx...
0
Loster
Asked:
Loster
  • 12
  • 9
  • 4
1 Solution
 
MadshiCommented:
Perhaps you mean WNetEnumCachedPasswords? Here are some Delphi4 sources for that API. Hope it helps...

type TPasswordCacheEntry  = packed record
                              entry       : word;   // size of this entry, in bytes
                              resourceLen : word;   // size of resource name, in bytes
                              passwordLen : word;   // size of password, in bytes
                              entryIndex  : byte;   // entry index
                              entryType   : byte;   // type of entry
                              resource    : array [0..$FFFFFFF] of char;
                                                    // start of resource name
                                                    // password immediately follows resource name
                            end;
     TPPasswordCacheEntry = ^TPasswordCacheEntry;

function EnumPasswordCallbackProc(pce: TPPasswordCacheEntry; lParam: cardinal) : LongBool; stdcall;
var i1   : integer;
    ppcl : ^TCachedPasswordList;
begin
  result:=true;
  ppcl:=pointer(lParam);
  i1:=length(ppcl^);
  SetLength(ppcl^,i1+1);
  SetLength(ppcl^[i1].resource,pce^.resourceLen);
  Move(pce^.resource[0],pointer(ppcl^[i1].resource)^,pce^.resourceLen);
  ppcl^[i1].resource:=pchar(ppcl^[i1].resource);
  SetLength(ppcl^[i1].password,pce^.passwordLen);
  Move(pce^.resource[pce^.resourceLen],pointer(ppcl^[i1].password)^,pce^.passwordLen);
  ppcl^[i1].password:=pchar(ppcl^[i1].password);
end;

var WNetEnumCachedPasswords : function (ps: pchar; pw: word; pb: byte; proc: pointer; lParam: cardinal) : word; stdcall
                              = nil;
    mpr                     : cardinal = 0;

function GetCachedPasswords : TCachedPasswordList;
begin
  result:=nil;
  if mpr=0 then begin
    mpr:=LoadLibrary('mpr');
    if mpr=0 then exit;
  end;
  if @WNetEnumCachedPasswords=nil then begin
    WNetEnumCachedPasswords:=GetProcAddress(mpr,'WNetEnumCachedPasswords');
    if @WNetEnumCachedPasswords=nil then exit;
  end;
  WNetEnumCachedPasswords(nil,0,$FF,@EnumPasswordCallbackProc,cardinal(@result));
end;

initialization
finalization
  if mpr<>0 then FreeLibrary(mpr);
end.

Regards, Madshi.
0
 
LosterAuthor Commented:
Hmmm.. A bit Complicated hehe... (Btw I'm using Delphi2 )

Okay well I heard about WNetGetCachedPassword Hidden API
function Only... The problem is that I just don't know how to Take
it from the MPR.DLL ..

The only information that I have is:

WORD
WNetGetCachedPassword(pbResource, cbResource, pbPassword, pcbPassword, nType)

LPSTR pbResource; // name of workgroup, computer, or resource
WORD cbResource; // size of name, in bytes
LPSTR pbPassword; // buffer to receive password
LPWORD pcbPassword; // receives size of password, in bytes
BYTE nType; // type of password to retrieve

.. So I supposed to Call this Function as this:
Function WNetGetCachedPassword(pbResource:PAnsiChar; cbResource:WORD;
       Var PbPassword:PAnsiChar; Var pcbPassword:Word;nType:Byte):Word; stdcall;

But when I call WNetGetCachedPassword from Delphi, It just
Hang...  
Hehe, That's my first time Calling Windows API from Dlls,
so I based this on the WINDOWS unit Source ...

 I'll Try what you Wrote, But I'm not sure I will understand
something hehe...

0
 
MadshiCommented:
Hmm. My code won't work with Delphi2, because I'm using arrays with dynamic length (I really love them...).

I think, there's one error in your sources. The pbPassword string must not be a VAR string. If it would be this way, it would have been a ppbPassword variable from the type PLPSTR.

Try this one:

function WNetGetCachedPassword(pbResource: pchar; cbResource: word; pbPassword: pchar; var pcbPassword: word; nType: byte) : word; stdcall; external 'mpr.dll' name 'WNetGetCachedPassword';

Perhaps that works.

Regards, Madshi.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
MadshiCommented:
P.S: Of course you'll have to allocate pbPassword before calling the function...
0
 
LosterAuthor Commented:
.. What do you mean by: You must Allocate PbPassword ...

!?..


0
 
LosterAuthor Commented:
.. I mean, HOW do I allocate this.....
(- Sorry I learned to program by myself so I'm not familliar with
   Allocating Variables -)

0
 
MadshiCommented:
>> LPSTR pbPassword; // buffer to receive password
>> LPWORD pcbPassword; // receives size of password, in bytes

pbPassword is the "buffer to receive password". That means, you have to give the Windows function a pointer to a buffer, to which the Windows function can copy the password characters. And I guess, you'll have to give the size of the buffer (you allocated) into "pcbPassword". When you return from the Windows call, Windows will have written the size of the buffer it has used in "pcbPassword" again.

Do this:

var pc : pchar;
    w1 : word;
begin
  AllocMem(pc,100); w1:=100;  // now give "pc" and "w1" into the WNetXXX function
  try
  finally FreeMem(pc) end;  // Never forget to free allocated buffers...
end;

Or use this:

var s1 : string;
    w1 : word;
begin
  SetLength(s1,100); w1:=100;
  // Now call WNetXXX with "pchar(s1)" and "w1"
  // When using Delphi strings, you don't need to care about deallocation, Delphi does that for you...
  SetLength(s1,w1);  // Set the string length...
  // Now you can use "s1"
end;

Regards, Madshi.
0
 
MadshiCommented:
Hmm. In my first example you can use "pc" between "try" and "finally" of course...

Am going to sleep now. Will come back in 10 hours...  :-)
0
 
LosterAuthor Commented:
Ahhhh Oki!!! ..
Well... Okay I understand..

But now, what I don't understand is the Fact that the Pbpassword
doesn't contain the VAR statement.. Will the Function return
PbPassword in s1 !? ? ..

Look at my Code, I want to be sure I got it .. ;)

Function WNetGetCachedPassword(pbResource: pchar; cbResource: word;
         pbPassword: pchar; var pcbPassword: word; nType: byte) : word; stdcall; external 'mpr.dll' name 'WNetGetCachedPassword';
{ ----------------------------------------------------------- }

Var  s1        : String;
       w1,Test: word;
Begin
   SetLength(s1,100); w1:=100;

     WNetGetCachedPassword('LOSTER',6,PChar(s1),w1,0);
 
    SetLength(s1,w1);
      ShowMessage(S1);
end;

 Thank you!! ;)


0
 
MadshiCommented:
Yes, you got it!

Only problem: I *guessed* a lot because you didn't gave me the complete documentation (I think you don't have it, right?). But I guessed the way, normal winAPI work.

So please try it out. Does it work?

Hmmm. Just an explanation. We set "s1" to 100 Bytes length. That is a kind of memory allocation. With "pchar(s1)" Delphi gives back the pointer to the first character in the string buffer. And the line "SetLength(s1,w1)" is nessecary to reduce the string length to the string data, the WNetXXX function returned.

Regards, Madshi.
0
 
LosterAuthor Commented:
Hmm.. No your right, I don't have the Documentation ... Well.. I don't think I can
find it anywayz .. .


And It doesn't work ....8( .. I tried some user names for the Resource, I also tried
InterNet Connection Name.. Nothings works.. I just get an Empty String . .. I tried
several values for nType ... And I get no Result! ... Hmmm...

Do you have any idea why it doesn't work!?? ...
0
 
MadshiCommented:
I've tested the function. But since I've no documentation, I don't know exactly what I have to give in.
I get an empty string, too. However, it shows, that the declaration is alright. I filled the string before calling the function. The function definitely sets the string to "".
So something is wrong with the parameters we give in.

For what purpose do you need this function?

Regards, Madshi.
0
 
LosterAuthor Commented:
Hmm ..
Ok the Purpose of this... I want to check the Login Password
of Windows, it is supposed to Take the password from the .PWL
Files....
You give the Resource Name wich I suppose is the Connection
Name or User Name ..
I think the Problem is in the nTYPE .. I have no idea of what it is.

And I did not find any Documentation of this Function anywhere...
As I said, it's a Hidden Function of M$ .. It's purpose is to
Decode the .PWL File .. So they did not documented it..
Maybe there is a Checksum somewhere, a key or something
to make this Work .. maybe nType is the checksum of the
Resource Name... !???? To be more Secured, I really don't know..

But I have some Infos to Decode the RC4 Cipher Encryption of
the .PWL .. But if I can decode it with this simple Function , I'll
use it!! 8)

0
 
intheCommented:
ntype is the type of password resource used ie
WNetGetCachedPassword('LOSTER',6,PChar(s1),w1,18);

would return the password of a netware account.

madshi do you know c very well if so i can post 2 functions for getting and setting novell password. the only prob is i dont know what number to use for windows password,as seems to be your trouble here.
Regards Barry

0
 
intheCommented:
on closer look you seem to be right with everything already just the last parameter(type of password).i searched everywhere a month or so ago and could nor find the windows password number anywhere as loster said it is very undocumented function.
good luck
Regards Barry
0
 
LosterAuthor Commented:
Thanks Barry for your Comment..
So the problem is the nType ..
Hmm okay, well I can do an increment search calling the function
with a value from 0 to 65535 !

Thank you very much Madchi and Barry!! 8)
0
 
MadshiCommented:
>> madshi do you know c very well if so i can post 2 functions
>> for getting and setting novell password. the only prob is i
>> dont know what number to use for windows password,as seems to
>> be your trouble here.

Hi Barry, I'm no C(++) expert, I know just enough to convert simple programs to Delphi...   :-)

Regards, Madshi.
0
 
MadshiCommented:
Hi Loster, does it finally work? Then you should ask Barry to write an answer so he can get the points...  :-)
0
 
intheCommented:
Loster
it would be give madshi the points for this as he did all the graft in delphi,i only knew how to do it from  c and are pleased to see how it is done in delphi.
btw if it is working would you please be kind enough to post the complete code with the windows password number as this would be helpful for other users with similar problems.
 Regards Barry ¤ :-) ¤
0
 
MadshiCommented:
No, please Barry, the final hint came from you. And I want to see you in the top 15. So please do you answer the question...  :-)
0
 
LosterAuthor Commented:
Ehehe..
Thans Guy, It Finnally WorkS!!!!

Hahaha...
Well, I'm glad to tell you that the nType number is 8 ..
But, I do an increment For .. Do ...

Hmm, You were right in your explanations..

Okay, well, I found that the Resource Name was not just the
User Name.. For example, if you want your InterNet Connection
Password, who is saved in the .Pwl, you should use the function
like this:

WNetGetCachedPassWord('*Rna\InterNetConnectionName\UserName',
                                            LengthofAbove,  PassWord, LengthPw,
                                            nType);

As I said, nType should be incremented from 0 to 255 to be
sure to find All passwords.. Maybe nType is not Constant..


. And I also found something interesting on www.microsoft.com
hehe...

PWLEDIT.EXE .. a program from M$, who give you the Resource
Names contained in your .PWL file..


So .. hmmm, who should have the credits!??? 8)
Well, I really don't know guys! .. you helped me so much! 8))))

Thank you again!


0
 
LosterAuthor Commented:
Ehehe..
Thans Guy, It Finnally WorkS!!!!

Hahaha...
Well, I'm glad to tell you that the nType number is 8 ..
But, I do an increment For .. Do ...

Hmm, You were right in your explanations..

Okay, well, I found that the Resource Name was not just the
User Name.. For example, if you want your InterNet Connection
Password, who is saved in the .Pwl, you should use the function
like this:

WNetGetCachedPassWord('*Rna\InterNetConnectionName\UserName',
                                            LengthofAbove,  PassWord, LengthPw,
                                            nType);

As I said, nType should be incremented from 0 to 255 to be
sure to find All passwords.. Maybe nType is not Constant..


. And I also found something interesting on www.microsoft.com
hehe...

PWLEDIT.EXE .. a program from M$, who give you the Resource
Names contained in your .PWL file..


So .. hmmm, who should have the credits!??? 8)
Well, I really don't know guys! .. you helped me so much! 8))))

Thank you again!


0
 
MadshiCommented:
Hmm. If you really do a loop from 0 to 255, you should use WNetEnum..., 'cause it will tell you all passwords in just ONE call.
If you wait some days/weeks, you can get an object oriented function for WNetEnum... from me, I'm planning to put some of windows' enum functions in Delphi objects...   :-)

Regards, Madshi.
0
 
intheCommented:
Loster,
i will only put this as answer as madshi insists id do :-)
although dont forget his enum stuff ,i have some of his work and it's very good :-)
pleased to see you got the number 8 :-)
did you know pwledit.exe is on your windows cd.

B.T.W you can also use this one:
WNetCachePassword(LPCSTR pbResource,
                  WORD  cbResource,
                  LPCSTR pbPassword,
                  WORD  cbPassword,
                  BYTE  nType,
                  UINT  fnFlags);
this is for setting the password,where the final parameter fnflags is set for a 0 or a 1 depending on whether you want the password saved for duration of logon or permenantly.

Madshi,
Thankyou  
(only 11,000 to number 15 and the telephone bill 's just gets bigger :-( ,but it's amazing want you can learn here so worth it.
let me and loster know when you have done the enum stuff ,your sources are very good to see as always .
Regards Barry
8888888888888888888888888888888888888888888888888888888888888888
0
 
MadshiCommented:
Barry,

>> only 11,000 to number 15 and the telephone bill 's just gets
>> bigger :-( ,but it's amazing want you can learn here so worth it.
So with me. My telephone bill is quite big the last months...  :-(((
 
>> let me and loster know when you have done the enum stuff
>> your sources are very good to see as always .
I will...  :-)

Regards, Madshi.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 12
  • 9
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now