const
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_PERFORMANCE_DATA
HKEY_CURRENT_CONFIG
HKEY_DYN_DATA
TRegistryEx = class
function KeyExists(const Key: string): Boolean;
function ValueExists(const Name: string): Boolean;
function ReadString(const AValue: string): string;
function ReadInteger(const Name: string): Integer;
function ReadBinaryDataAsString(const AValue: string): string;
procedure GetKeyNames(Strings: TStrings);
procedure GetValueNames(Strings: TStrings);
property CurrentPath: string;
property RootKey: DWord;
TFileRecordObj = class
property Name: string
property NameOnly: string
property Name32: DWord
property NameOnly32: DWord
property Path: string
property Full: string
property Ext: string
property Ext32: DWord
property Size: DWord
property Data: string
function CreateIniFile(const AFileName: string): TIniFile;
TIniFile = class
function SectionExists(const Section: string): Boolean;
function ValueExists(const Section, Ident: string): Boolean;
function ReadString(const Section, Ident, Default: string): string;
function ReadInteger(const Section, Ident: string; Default: Longint): Longint;
function ReadBool(const Section, Ident: string; Default: Boolean): Boolean;
function ReadDate(const Section, Ident: string; Default: TDateTime): TDateTime;
function ReadDateTime(const Section, Ident: string; Default: TDateTime): TDateTime;
function ReadFloat(const Section, Ident: string; Default: Double): Double;
function ReadTime(const Section, Ident: string; Default: TDateTime): TDateTime;
function CryptoHash(const AStr, AHash: string): string;
AHash=
// hash //
SHA0, SHA1, SHA224, SHA256, SHA384, SHA512, SHA512_224, SHA512_256
MD2, MD4, MD5, HAS160
RIPEMD, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320
HAVAL128R3P1, HAVAL160R3P1, HAVAL192R3P1, HAVAL224R3P1, HAVAL256R3P1
HAVAL128R4P1, HAVAL160R4P1, HAVAL192R4P1, HAVAL224R4P1, HAVAL256R4P1
HAVAL128R5P1, HAVAL160R5P1, HAVAL192R5P1, HAVAL224R5P1, HAVAL256R5P1
HAVAL128R3P128, HAVAL160R3P128, HAVAL192R3P128, HAVAL224R3P128, HAVAL256R3P128
HAVAL128R4P128, HAVAL160R4P128, HAVAL192R4P128, HAVAL224R4P128, HAVAL256R4P128
HAVAL128R5P128, HAVAL160R5P128, HAVAL192R5P128, HAVAL224R5P128, HAVAL256R5P128
TIGER128R3, TIGER160R3, TIGER192R3
TIGER128R4, TIGER160R4, TIGER192R4
TIGER128R3SO, TIGER160R3SO, TIGER192R3SO
TIGER128R4SO, TIGER160R4SO, TIGER192R4SO
TIGER2
KECCAK224, KECCAK256, KECCAK384, KECCAK512
WHIRLPOOL, TMDPA, PANAMA, GOST, GOSTCRYPTOPRO
GRINDAHL256, GRINDAHL512
RADIOGATUN32, RADIOGATUN64
SNEFRU128R4, SNEFRU256R4
SNEFRU128R8, SNEFRU256R8
// crc //
ADLER32, MURMUR2, MURMUR3, MURMUR2_64, MURMUR3_128, SIPHASH
JENKINS3, JS, CRC32_IEEE_802_3, CRC32_KOOPMAN, CRC32_CASTAGNOLI
CRC32_Q, CRC64_ISO, CRC64_ECMA182, AP, BERNSTEIN, BERNSTEIN1
BKDR, DEK, DJB, ELF, FNV, FNV1A, ONEATTIME, PJW, ROTATING
RS, SDBM, SHIFTANDXOR, SUPERFAST, FNV1A64, FNV64, VXWORKS5
MOTOROLADOCSIS
// windows //
LM, NTLM
type TCipherMode = cmCTSx, cmCBCx, cmCFB8, cmCFBx, cmOFB8, cmOFBx, cmCFS8, cmCFSx, cmECBx;
function CryptoDecrypt(const data, key, iv: string; mode: TCipherMode; ACipher: string): string;
function CryptoEncrypt(const data, key, iv: string; mode: TCipherMode; ACipher: string): string;
ACipher=
BLOWFISH
BLOWFISHCOMPAT
1DES
1DESVNC
3DES
RC2
RC4
RIJNDAEL
IDEA
TWOFISH
function StringToHexString(const s: string): string;
function HexStringToString(const s: string): string;
function IsValidHex(const s: string): boolean;
function IsValidMAC(const s: string): boolean;
function IsValidNum(const s: string): boolean;
procedure RegistryScan(RootType: DWord; RootKey: string);
procedure AddItem(App, Item, User, Pass, FileName: string);
procedure ShowMessage(aMsg: string);
function ExtractFilePath(const FileName: string): string;
function ExtractFileDrive(const FileName: string): string;
function ExtractFileName(const FileName: string): string;
function ExtractFileExt(const FileName: string): string;
function ExtractFileDir(Const FileName: string): string;
function FileExists(const FileName: string): Boolean;
function DirectoryExists(const DirName: string): Boolean;
function ParamStr(l: LongInt):string;
function ParamCount: LongInt;
function ModuleType: TModuleType;
begin
Result := mtRegistry;
end;
function ModuleName: string;
begin
Result := 'Custom Registry Module';
end;
procedure Scan(ROOT_KEY: DWord);
begin
RegistryScan(ROOT_KEY, '\SOFTWARE\TigerVNC\WinVNC4');
RegistryScan(ROOT_KEY, '\SOFTWARE\RealVNC\WinVNC4');
RegistryScan(ROOT_KEY, '\SOFTWARE\ORL\WinVNC3');
RegistryScan(ROOT_KEY, '\SOFTWARE\TightVNC');
end;
procedure ReadValue(Value: string);
var
s: string;
begin
if Registry.ValueExists(Value) then
begin
s := UpperCase(Registry.CurrentPath);
if Pos('\TIGHTVNC', s) > 0 then
s := 'TightVNC'
else
if Pos('\TIGERVNC', s) > 0 then
s := 'TigerVNC'
else
if Pos('\WINVNC', s) > 0 then
s := 'RealVNC 3.x'
else
if Pos('\REALVNC', s) > 0 then
s := 'RealVNC 3.x, 4.x'
else
s := ModuleName;
AddItem(s, 'Custom Module', '',
Trim(CryptoDecrypt(Registry.ReadString(Value),
#23#82#107#6#35#78#88#7, '', cmECBx, '1DESVNC')),'');
end;
end;
procedure OnExecute; // 1st level
begin
Scan(HKEY_LOCAL_MACHINE);
Scan(HKEY_CURRENT_USER);
end;
procedure OnCheck; // 2nd level
begin
ReadValue('Password');
ReadValue('PasswordViewOnly');
end;
begin
end.