Also dieser Thread wird wahrscheinlich lange hier offen stehen,
denn es erfordert glaube ich Profiwissen 
>So nun zu dem Problem
Ich habe mit meinem Freund nen C-OpenSource Code gefunden,
für einen Steam Password Recovery. Dieses Programm zeigt die letzten gespeicherten Passwörter in der Console.
Da ich das ja nicht mit meinem 1 Monat Delphi Kenntnis von C in Delphi umschreiben kann, kam ich net weiter. Nun sagte mir jemand das man aus dem C-Programm die Ergebnisse mit Delphi herausfiltern kann über Output oder so :irre:, weil ich glaube das keiner das ganze C-Project in delphi umschreiben kann. 
Den C - Source Code des PW-Recover findet ihr unter dieser Seite
http://p1r4t.pi.ohost.de/premium_01/Pw-Recover_C.rar
Oder hier
C
- //
- // DecryptStoredSteamPassword.c
- //
- // Combines Luigi's ClientRegistry.blob parsing function(s)
- // with VALVe's exported SteamDecryptDataForThisMachine() function
- //
- // small code changes and comments added by desxor
- #include <stdio.h>
- #include <stdint.h>
- #include <sys/stat.h>
- #include <windows.h>
- void SteamParseEncryptedPassPhrase(uint8_t *fname);
- uint8_t *find_data(uint8_t *buff, int buffsz, uint8_t *str);
- char *GetSteamPath();
- typedef int (__cdecl *SteamDecryptDataForThisMachine_t)(char *a, int b, char *c, int d, int *e);
- SteamDecryptDataForThisMachine_t SteamDecryptDataForThisMachine;
- int main(int argc, char *argv[]) {
- HANDLE hSteamDLL;
- char *str1 = GetSteamPath();
- char *str2 = "[URL=file://\\STEAM.DLL]\\STEAM.DLL[/URL]";
- char *str3 = "[URL=file://\\ClientRegistry.blob]\\ClientRegistry.blob[/URL]";
- char *str4;
- char *str5;
- str4 = (char *)malloc((strlen(str1) + strlen(str2) + 1) * sizeof(char));
- str5 = (char *)malloc((strlen(str1) + strlen(str3) + 1) * sizeof(char));
- strcpy(str4, str1);
- strcat(str4, str2);
- strcpy(str5, str1);
- strcat(str5, str3);
- printf("F %s\n", str1);
- // this path should be grabbed automatically from registry "InstallPath" value, but since
- // this is just an example, desxor is being lazy.
- hSteamDLL = LoadLibrary(str4); // "C:\\Program Files (x86)\\Valve\\Steam\\STEAM.DLL"
- if(!hSteamDLL) {
- printf("E 1\n");
- // printf("\nError: the file STEAM.DLL has not been found.\n");
- exit(1);
- }
- SteamDecryptDataForThisMachine = (void *)GetProcAddress(hSteamDLL, "SteamDecryptDataForThisMachine");
- if(!SteamDecryptDataForThisMachine) {
- printf("E 2\n");
- // printf("\nError: the function SteamDecryptDataForThisMachine has not been found.\n");
- exit(1);
- }
- // this path should be grabbed automatically from registry "InstallPath" value as well
- SteamParseEncryptedPassPhrase(str5); // "C:\\Program Files (x86)\\Valve\\Steam\\ClientRegistry.blob"
- FreeLibrary(hSteamDLL);
- free(str1);
- free(str2);
- free(str3);
- free(str4);
- free(str5);
- return(0);
- }
- char *GetSteamPath()
- {
- //get steam registry values
- //HKEY_LOCAL_MACHINE\SOFTWARE\Valve\Steam\InstallPath
- //HKEY_CURRENT_USER\Software\Valve\Steam\SteamPath
- HKEY hKey;
- DWORD buffersize = 1024;
- //char* lpData = new char[ buffersize ];
- char *lpData;
- /* malloc call: note the cast of the return value
- from a void * to the appropriate pointer type */
- lpData = (char *)malloc((buffersize + 1) * sizeof(char));
- if( RegOpenKeyEx(
- HKEY_LOCAL_MACHINE, "SOFTWARE\\Valve\\Steam",
- NULL, KEY_READ, &hKey ) == ERROR_SUCCESS )
- {
- //we succeeded
- if( RegQueryValueEx( hKey, "InstallPath",
- NULL, NULL, (LPBYTE)lpData, &buffersize ) == ERROR_SUCCESS )
- {
- return lpData;
- }
- else
- {
- goto tryKey_;
- }
- }
- else
- {
- tryKey_:
- //failed, do it better
- if( RegOpenKeyEx(
- HKEY_CURRENT_USER, "SOFTWARE\\Valve\\Steam",
- NULL, KEY_READ, &hKey ) == ERROR_SUCCESS )
- {
- //we succeeded
- if( RegQueryValueEx( hKey, "SteamPath",
- NULL, NULL, (LPBYTE)lpData, &buffersize ) == ERROR_SUCCESS )
- {
- return lpData;
- }
- }
- }
- return NULL;
- }
- void SteamParseEncryptedPassPhrase(uint8_t *fname) {
- int len, fdsize, pwds;
- uint16_t nlen;
- uint8_t *fdbuff, *fdnext, *p, *buff;
- char decpass[100];
- struct stat xstat;
- FILE *fd;
- fd = fopen(fname, "rb");
- if(!fd) {
- printf("E 3\n");
- // printf("Could not open %s for reading/memory search.\n", fname);
- exit(1);
- } else {
- fstat(fileno(fd), &xstat);
- fdbuff = malloc(xstat.st_size);
- if(!fdbuff) {
- printf("E 4\n");
- // printf("Could not allocate file into memory.\n");
- // comments for the following are pretty much the same as below so look there for
- // a more detailed description of what's going on
- len = strlen(fname);
- fdsize = 64 + len;
- fdbuff = malloc(fdsize);
- p = fdbuff;
- p += sprintf(p, "%-30s", "\x50\x68\x72\x61\x73\x65\x01\x50");
- *(uint16_t *)p = 0;
- p += 2;
- *(uint32_t *)p = len;
- p += 4 + 0;
- strcpy(p, fname);
- fclose(fd);
- goto next;
- }
- // load our file into memory for searching and reading its data
- fread(fdbuff, 1, xstat.st_size, fd);
- fclose(fd);
- fdsize = xstat.st_size;
- }
- next:
- fdnext = fdbuff;
- for(pwds = 0;; pwds++) {
- // search for unique phrase text using memcmp(), using a great little function provided by Luigi A.
- // his function will search the entire allocated memory for the data you specify and return with it
- // if its found, otherwise null
- p = find_data(fdnext, fdsize, "\x50\x68\x72\x61\x73\x65\x01\x50");
- if(!p) {
- if(pwds) break;
- printf("E 5\n");
- // printf("An encrypted and stored password could not be located, exiting.\n");
- exit(1);
- }
- // skip 30 bytes past the PHRASE text to the encrypted password until we come
- // to "04 00" or simply 4, (0x04 + (0x00 * 256)), we now have 24 bytes remaining
- p += 30;
- // this is the 16 bit number we are looking for, save it in the following format:
- // num = byte1 + (byte2 * 256)
- nlen = *(uint16_t *)p;
- // skip the next 2 bytes of the 16bit number we just saved
- p += 2;
- // after we skipped 2 bytes, we come to 32bit number (4 bytes) which should always be the
- // size of our encrypted string, it should appear as "5c 00 00 00", which equals 0x5c or simply, 92
- // save this in the same format as before
- len = *(uint32_t *)p;
- // now we skip the 4 bytes that we _just read_ PLUS the amount of bytes specified by the first
- // 16 bit number we just saved, should be 2 bytes anyhow
- // this should now bring us to our encrypted password located in ClientRegistry.blob which should be
- // 92 (0x5c) characters long
- p += 4 + nlen;
- // an example of the data, provided by Luigi:
- // 50 68 72 61 73 65 01 50 7e 00 00 00 00 00 00 00 Phrase.P~.......
- // 04 00 04 00 00 00 01 00 00 00 02 00 00 00 04 00 ................
- // 5c 00 00 00 02 00 00 00 39 41 46 41 42 44 39 36 \.......9AFABD96
- // 32 30 43 45 43 34 39 31 46 38 33 44 43 45 31 32 20CEC491F83DCE12
- // 36 33 33 44 39 43 44 41 41 44 45 30 42 36 46 46 633D9CDAADE0B6FF
- // 41 32 42 42 45 30 31 32 45 38 39 32 37 33 36 39 A2BBE012E8927369
- // 35 32 35 37 43 44 43 45 39 35 37 32 41 37 30 38 5257CDCE9572A708
- // 38 42 32 43 41 43 30 33 37 44 43 38 33 33 36 33 8B2CAC037DC83363
- // 33 33 35 35 12 00 2a 00 00 00 43 6c 6f 63 3355..*...Cloc
- fdsize -= (p - fdnext);
- fdnext = p;
- // as long as our length is greater than zero but no bigger than fdsize, execute the exported decryption function
- if((len > 0) && (len < fdsize)) {
- // null terminate the end of our string, otherwise it will cause problems
- p[len] = 0;
- // printf("Found stored encrypted password:\n \"%s\"\n\n", p);
- if(!SteamDecryptDataForThisMachine(p, strlen(p), decpass, sizeof(decpass), &len)) {
- printf("P %.*s\n", len, decpass);
- // printf("Password: %.*s\n", len, decpass);
- } else {
- printf("E 6\n");
- // printf("Unable to decrypt the stored password, is this the same machine it was encrypted on?\n");
- }
- }
- }
- free(fdbuff);
- }
- uint8_t *find_data(uint8_t *buff, int buffsz, uint8_t *str) {
- int strsz;
- uint8_t *limit;
- strsz = strlen(str);
- limit = buff + buffsz - strsz;
- for(; buff <= limit; buff++) {
- if(!memcmp(buff, str, strsz)) return(buff);
- }
- return(NULL);
- }
Hoffe wir kömmen zu einer gescheiten Lösung 