caligo4.htm: How to make passwords hidden by "stars" visible

Using BRW: How to make passwords hidden by "stars" visible

by Lord Caligo
02 December 1998

Courtesy of fravia's pages of reverse engineering
slightly edited by fravia+

I have two observations about this text.
The first one regards the delay in publishing it: I have more than 20 email addresses, because I discard those that have been spammed (one of my email addresses 'felt' into the database of those commercial bastards at xoom, for instance, and has been since continuously spammed), I use some email addresses with automatic filtering capabilities and automatic responders for some automatic tasks, I have special addresses for people in 'real life' that have nothing whatsoever to do with my site, I have three different chains of email addresses for pseudo-anonimity purposes, and I have a couple of 'dormient' addresses as well...
The problem with email addresses changes: you tend to check the 'remote' ones less and less often. Thta's the reason this nice essay by LordCaligo remained unpublished until now... Sorry, old pal :-)

As second observation I may add that, even if BRW version 4,5 is undoubtely the best resource editor ever made, since BRW has been 'discontinued' (see my various essays about it) I'm afraid we'll have all to carry on our studies with a Micro$oft product... (at least until the arrival of a better -and new- resource editor) the most recent version of Micro$oft's resource editor, dubbed 'Developer studio', seems to do the resource job done (albeit not as well as BRW).


                   _   _   ___   _ _ _  _____   ___

                   | |_| | / _ \ | | | ||_   _| / _ \

                   |  _  || (_) || | | |  | |  | (_) |

                   |_| |_| \___/ \_____/  |_|   \___/



                make passwords hidden by "stars" visible

                      a 'tutorial' by lord caligo

                          02 december 1998



OVERVIEW:  I.    INTRODUCTION

           II.   NEEDS

           III.  WHAT IS RESOURCE WORKSHOP ?

           IV.   THE THING TO DO

           VII.  PATCHING THE DIALUP NETWORK

           VIII. LAST WORDS



 --------------------------------------------------------------------------



I. INTRODUCTION



It's been a while since i've been writing these howto's, my only public

essays available. The time I am writing this there are four, if you're 

interested in earlier ones just ask me or Fravia+.

But let us begin: Since a few months a tool became more and more popular:

Snadboy's Revelation (http://www.snadboy.com/) - a great tool to view

passwords hidden by asterisks (just everything uses them, except a few

good ones like PGP). Unfortunately I don't know enough of Win32 Programming 

yet and the author did not tell us how the program works, but I did not

find a thing it does NOT work with.

The only "disadvantage" of Revelation is that you always have to run

it when you need to 'remember' a password - and it needs 1,3MB of my

(important) hard disk space. ;-)

Now I want to show a simple way to get rid of these asterisks in (nearly) 

every Windows program using the Borland Resource Workshop (I don't 

know a 'stable' Internet address for it, but try to locate it

using FTPsearch or Archie. The two versions I have are v1.02 (included in

an old Turbo Pascal/Win Package :) and the last release, v4.5 (filename is

BRW45.ZIP). Some of thhose available on the net do not work correctly, you

cannot directly edit bitmaps/cursors/icons... If you know why or you have 

a fixed version please email me.



 -------------------------------------------------------------------------



II. NEEDS



That's what you need:



 - Borland Resource Workshop (any version, but only newer ones are abled

   to handle Win32 applications :-)

 - a program you want to patch (I successfully did it with Pegasus Mail

   and CuteFTP, should work with other programs, too); Win3.x and Win95

   programs work



 -------------------------------------------------------------------------



III. WHAT IS RESOURCE WORKSHOP?



Before starting you may want to know what this tool does. If you already

know it or if you do not want to know just skip this chapter :)



Borland made this useful program and included it in several coding

language packages. But after a few years Borland suddenly stopped the

support.

As the name says, this tool allows us to view, edit and recompile

the resources of a program (sometimes it does not work, just try out).

That means you can view and edit



 Bitmaps

 Icons

 String References

 Dialog Boxes



Sometimes you can use the BRW to remove nagscreens/unnecessary dialog

boxes by just DELETING them with BRW.

Now, I could tell you more about this tool, but that's not the sense

of this tutorial.



 -------------------------------------------------------------------------



IV. THE THING TO DO



First you'll have to find the dialog box that show the password (the

asterisks).

Sometimes that dialog box/reference is not located in the main program

itself, if not check a few dll's around. You can find out which DLLs

a program executes by using the Dependacy Viewer (DEPENDS.ZIP) by Matt

Pietrek.

Sometimes there are more than one dialog box displaying the password.

Here are a few examples:



CuteFTP 2.5/Win95 :

   

   DIALOG 106

   DIALOG 131

   DIALOG 1537

   DIALOG 1543

   DIALOG 1547

   DIALOG 1549

   

Pegasus Mail v3.01b/Win95 :



   DIALOG TCPS 

   (a few more...)



When you finally have located the DIALOG BOX, hit enter (or doubleclick

on the Item) and you'll see a text like this one (example taken from 

WinPMail):



 TCPS DIALOG 59, 29, 253, 203

 STYLE WS_CHILD 

 FONT 8, "MS Sans Serif"

 {

  CONTROL " Your &e-mail address is:", 7001, "STATIC", SS_LEFT | WS_CHILD | WS_VISIBLE | WS_GROUP, 8, 11, 81, 8

  CONTROL "", 106, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 7, 20, 186, 12

  CONTROL " Settings for receiving mail ", 7002, "BUTTON", BS_GROUPBOX | WS_CHILD | WS_VISIBLE | WS_GROUP, 7, 37, 186, 54

  CONTROL "POP3 &host", -1, "STATIC", SS_RIGHT | WS_CHILD | WS_VISIBLE | WS_GROUP, 13, 51, 41, 8

  CONTROL "", 101, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 57, 49, 129, 12

  CONTROL "&User name", -1, "STATIC", SS_RIGHT | WS_CHILD | WS_VISIBLE | WS_GROUP, 13, 64, 40, 8

  CONTROL "", 102, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 57, 62, 75, 12

  CONTROL "&Password", -1, "STATIC", SS_RIGHT | ES_PASSWORD | WS_CHILD | WS_VISIBLE | WS_GROUP, 18, 76, 35, 8

  CONTROL "", 103, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 57, 75, 75, 12

 [....]

 }



All you have to do now is to remove the dialog box attribute ES_PASSWORD,

just edit it as if it was a text! :)

After this your dialog box properties should look like this:



 [....]

  CONTROL "", 102, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 57, 62, 75, 12

  CONTROL "&Password", -1, "STATIC", SS_RIGHT | WS_CHILD | WS_VISIBLE | WS_GROUP, 18, 76, 35, 8

  CONTROL "", 103, "EDIT", ES_LEFT | ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | WS_BORDER | WS_TABSTOP, 57, 75, 75, 12

 [....]



You got the point? Just save the whole file (BRW automatically does a

backup, but I think it's always better to keep a manual backup for

yourself) and run the program.

If you did everything right, the dialog box should show you the

clear password without any asterisks.



 -------------------------------------------------------------------------

 

VII. PATCHING THE DIALUP NETWORK



I did this a few months ago just for myself... No other persons have

access to my PC so I don't care whether the program shows the password

or not.

All you need to know is that the dialog box that appears when using

the DialUp Network (you know it...) - I located it after a few minutes in

RASAPI32.DLL .



Erhm, another thing. The dialog box in my version of RASAPI32.DLL

(4.00.1150 German) is DIALOG 1000 ... but if you just want to edit

out the ES_PASSWORD attribute, BRW does not want to recompile the DLL

(Error Message: "Expecting control window style"). So what to do?

I just tried to remove the other unidentified style identifier (in other

words "attribute"): SS_ETCHEDHORZ (appearing in 3 lines).

I did not expect it to work, but it did...



 -------------------------------------------------------------------------



VIII. LAST WORDS



After reading all this you may want to know: Why did I need to know all

this?

The answer is: You don't need to know it. But I'm using the way described

above to remove all lines using asterisks so I do not need to remember

all my passwords - eg. I just can check my CuteFTP settings to find out

the passwords I'm using on my accounts.



I don't know why you need this, but perhaps it's interesting to know

what you can do with BRW... already tried to remove/add a few other

attributes? :-)



 ------------------------------------------------------------------------





(c) by lord caligo - [caligo(at)lords(point)com]

How to use our tools

homepage

links

anonymity

+ORC

students' essays

academy database

antismut

tools

cocktails

search_forms

mail_fravia

Is reverse engineering illegal?