StarDestroyer

[ACS]

Hey all,

Here's my first (of what I hope will be several) contribution to these forums. My first major script, StarDestroyer.

This script will reveal the password hidden behind those pesky asterisks. Hence, it "destroys" the purpose of the "stars".

Yes I know that Windows XP uses little black dots instead of asterisks these days, but "DotDestroyer" sounds lame, and I had to use the Star Wars reference.

I was inspired to write this program after finding several similar programs on the Internet, mostly commercial ones that cost around $20.

There's a nice free one, Password Revealer, but this program only works on standard Windows EDIT controls. It doesn't work with IE windows or other non-standard controls.

StarDestroyer features the following:

- Reveal the password behind any standard password field

- Retrieve passworded fields from any Internet Explorer form

- Option to retrieve text from ANY field, in the case of some non-standard password fields (such as those in Excel)

I plan to update the program with the following features:

- Eliminate the need for StarDestroyer to be the active window for it to work (like Au3Info.) Currently the program must have focus in order for it to retrieve passwords.

- Retrieve passwords from IE windows with frames. Currently StarDestroyer does not support pages with frames, and does some funny stuff.

- Ability to "freeze" the log display. Currently the log will keep scrolling as new entries are added unless focus is lost to another application.

- Other features that anyone else may find useful

The archive includes the program source, the changelog (which also contains complete details) and a nifty little icon. :♠D

Let me know what you think!

Latest version: 1.0

[EDIT: Downloaded link deleted as per Post #12.]

Edited May 12, 2008 by ACS

[Andreik]

wow this is nice script

[BigDod]

I have tried this in my Outlook Express and it did not reveal the password only ""

[UQOII]

thanx

this is very usefull for me

@bigdog this is only Internet Explore

Edited May 9, 2008 by UQOII

[James]

This doesn't work for when you are asked to enter a username and password in Mozilla Firefox.

[gseller]

This is way cool! Can I suggest adding a drag icon line Snadboy's Revelation? Theirs uses a dll and is caught in Norton's now as a hacker tool. Would be great to have one made in all autoit. Thanks for sharing..

[ludocus]

Awsome.. Works realy well here! Maybe try to make a transparent gui sort off, and that the user has to drag that over the password field.

And the stars become letters!

[spudw2k]

Works with forms in IE fine, but I've had no luck unmasking anything else.

[emoyasha]

i know this is probably a strange post, but me and a friend have been trying to make an anti key logging system, and found the only way to do so is by controlsettext (or the function that sets the text of the edit) i like how you can move over an edit to view its info, i was wondering if you could explain to me how you get the controls info, like i want to know how you get the window name + control id every time you move over a control.

[ACS]

Thanks for your replies everyone!

I have tried this in my Outlook Express and it did not reveal the password only ""

Hmm, that is indeed strange. I tried different methods but still came up with the same result.

Even Au3Info can't get the text of this control, although it does report the control class as the standard Windows "Edit" control.

It appears MS was smart about this one and subclassed the control to make it reject any outside attempts at obtaining its text.

I'll keep hacking away at it though, and hopefully I can come up with something.

This doesn't work for when you are asked to enter a username and password in Mozilla Firefox.

I explicitly state in the changelog this program only works for Internet Explorer windows and not any other browser. This is just the nature of the beast.

This is way cool! Can I suggest adding a drag icon line Snadboy's Revelation? Theirs uses a dll and is caught in Norton's now as a hacker tool. Would be great to have one made in all autoit. Thanks for sharing..

I'm not sure I understand the point of the target icon vs what I'm doing now (just hovering the mouse.) Is it just to have more control over what text to retrieve?

Incidentally, Snadboy's Revelation IS able to retrieve the password from Outlook Express, so there IS a way to do it...

Awsome.. Works realy well here! Maybe try to make a transparent gui sort off, and that the user has to drag that over the password field.

And the stars become letters!

Actually I thought about changing the stars into letters (which of course would only work for Windows controls and not web forms.) I think I'll implement this after all, so StarDestroyer can really live up to its name.

Works with forms in IE fine, but I've had no luck unmasking anything else.

How come? What happens when you try to unmask? Where did you try?

i know this is probably a strange post, but me and a friend have been trying to make an anti key logging system, and found the only way to do so is by controlsettext (or the function that sets the text of the edit) i like how you can move over an edit to view its info, i was wondering if you could explain to me how you get the controls info, like i want to know how you get the window name + control id every time you move over a control.

Just check out the source code, it's all in there.

First I get the absolute position of the mouse cursor. Then I use the WinAPI function "WindowFromPoint" and pass to it the position of the mouse cursor. This function returns the hwnd of the window at a particular point (in this case the mouse cursor) and just take it from there.

[DexterMorgan]

nice program.

[ACS]

Well it appears there's a huge flaw in program-- that being that it doesn't really do what it's supposed to do.

This is due to my lack of understanding of the problem, but also my lack of thorough testing.

So this project is on hold while I rewrite it to... well, work.

[BrettF]

Well it appears there's a huge flaw in program-- that being that it doesn't really do what it's supposed to do.

This is due to my lack of understanding of the problem, but also my lack of thorough testing.

So this project is on hold while I rewrite it to... well, work.

And the flaw is...

[gseller]

Far as I have tested it it works on ie stuff, just like you said! Still, I patiently await your rewrite to check it out too.

[ACS]

And the flaw is...

The program doesn't properly retrieve text from passworded fields.

A few may work but the majority don't/won't.

[Xand3r]

that's the whole point of having password fields ....

1. not being able to see the text

2. not being able to retrieve the text

3. not being able to hook keys(i tried before to hook some keys and write into a password field and it didn't work)

[ACS]

that's the whole point of having password fields ....

1. not being able to see the text

2. not being able to retrieve the text

3. not being able to hook keys(i tried before to hook some keys and write into a password field and it didn't work)

And that's the point of THIS program. The ability to retrieve the text from those unretrievable fields.

Of course I'm not condoning malicious intent. To be honest one of the reasons I wrote this is because many times I will not have the passwords to certain programs/websites and even though it's right in front of me, it's frustrating not being able to see it.

[crashdemons]

I'm not sure what you're doing since you removed your script - but if it helps I remember one free tool revealing passwords by using the Kernel, Shell and SetParent API in conjunction with length-testing some other API's return values.

I know that's vague but that's all I remember - the program I used worked great - using the information I tried to mimic it in AutoIt at one point and failed...

EDIT !!!

the original app was called Password Spy++

worked on Edits and IE controls.

the sourcecode is downloadable

Edited May 14, 2008 by crashdemons

[Xand3r]

And that's the point of THIS program. The ability to retrieve the text from those unretrievable fields.

Of course I'm not condoning malicious intent. To be honest one of the reasons I wrote this is because many times I will not have the passwords to certain programs/websites and even though it's right in front of me, it's frustrating not being able to see it.

yes.. i'm sry i was a sleepy and didn't finish my post completly

what i meant was ... that if it would be simple to read under the * then.... there wouldn't really be any need for them (except for the seeing part )

[ekimfeenux]

how is the update for this program going?