I downloaded the API-Guide from this web site: http://www.mentalis.org/agnet/apiguide.shtml
Every time when I try to run the setup for the API-Guide, I get a message from PestPatrol saying that this exe contains Aquila 1.3
PestPatrol says this about the "pest":
"Aquila is a multifunctional, easy-to-use password recovery tool. The following passwords can be recovered using Aquila: - Cached Windows passwords - Dial-up connections passwords - Passwords in codeword fields (****) - ICQ passwords, Versions 99b to 2000b."
Sounds scary or not?
Anyone know more about this?
(I already contacted the people behind this product but they didn't reply yet)
API-Guide v3.7x containing a password stealer???
-
- PureBasic Expert
- Posts: 2812
- Joined: Fri Apr 25, 2003 4:51 pm
- Location: Portugal, Lisbon
- Contact:
Aquila does not work under NT, Win2k or XP, has it works on an exploit of win9x. The password string was easly acessable though API calls, but that was corrected for NT based OS.
Someone wrote a snippet in purebasic that does the same thing!
Here it is
Someone wrote a snippet in purebasic that does the same thing!
Here it is

Code: Select all
; German forum: http://robsite.de/php/pureboard/viewtopic.php?t=906&highlight=
; 6. May 2003
; Author: Volker
; Klartext
;
; ändert die EM_SETPASSWORDCHAR-Eigenschaft eines Textfeldes via API,
; so dass das Auslesen des Passwortes im Klartext möglich wird.
; Nach dem Start den Cursor über ein Passwort-Textfeld bewegen.
;
; 06.05.2003 Volker
#SWP_NOMOVE = $2
#SWP_NOSIZE = $1
#HWND_TOPMOST = -1
#HWND_NOTOPMOST = -2
#EM_SETPASSWORDCHAR = $CC
#Text1 = 1
#Label2 = 2
Global hwnd.l
Structure POINTAPI
X.l
Y.l
EndStructure
;///////////////////////////////////////////////////////////
Procedure getWindowUM()
;///////////////////////////////////////////////////////////
Dim P.POINTAPI(1)
lo.l
str.s
;Cursorposition auslesen
GetCursorPos_(P(0))
;Das entsprechende Fenster finden
lo = WindowFromPoint_(P(0)\X, P(0)\Y)
;Den Titel auslesen
str = Str(GetWindowTextLength_(lo))
GetWindowText_ (lo, str, 100)
;Ergebnis anzeigen
SetGadgetText (#Text1, str)
;Den Passwortcharacter entfernen
SendMessage_ (lo, #EM_SETPASSWORDCHAR, 0, "")
Delay (10)
EndProcedure
;///////////////////////////////////////////////////////////
Procedure Open_Window()
;///////////////////////////////////////////////////////////
hwnd = OpenWindow(#Label2, 352, 182, 270, 98, #PB_Window_MinimizeGadget |#PB_Window_SystemMenu | #PB_Window_SizeGadget | #PB_Window_TitleBar , "Klartext")
If CreateGadgetList(WindowID())
StringGadget(#Text1, 10, 10, 250, 30, "")
EndIf
EndProcedure
;-Main ////////////////////////////////////////////////////////////////////////////////
Open_Window()
;Formular immer oben halten
SetWindowPos_ (hwnd, #HWND_TOPMOST, 0, 0, 0, 0, #SWP_NOMOVE | #SWP_NOSIZE)
Repeat
Event = WaitWindowEvent()
getWindowUM()
Delay (10)
Until Event = #PB_EventCloseWindow
End
; ExecutableFormat=Windows
; EOF