Skip to content

Instantly share code, notes, and snippets.

@J0s3f

J0s3f/DelZip179.cpp

Last active August 29, 2015 14:25
Show Gist options
  • Save J0s3f/8616a6ceab3fdd04752a to your computer and use it in GitHub Desktop.
Save J0s3f/8616a6ceab3fdd04752a to your computer and use it in GitHub Desktop.
Download ZIP
Dump DelZip179.dll passwords
Raw
DelZip179.cpp
#include <windows.h>
#include <stdio.h>
#include <fstream>
#include <string>
#pragma option -a1
union CallBackData
{
char FileNameOrMsg[512];
struct
{
char FileName[504];
char *Data;
}Xtra;
};
struct ZCallBackStruct {
HWND Handle;
void *Caller; // 'this' reference of the ZipBuilder class
long Version; // version no. of DLL.
BOOL IsOperationZip; // true=zip, false=unzip
long ActionCode;
long ErrorCode;
long FileSize;
// char FileNameOrMsg[512];
CallBackData CBData;
};
#pragma option -a.
typedef ZCallBackStruct *PZCallBackStruct;
/* Declare a function pointer type for the BCB/Delphi callback function, to
* be called by the DLL to pass updated status info back to BCB/Delphi.
* From V1.5 the callback is a static member function of the ZipBuilder class! */
typedef unsigned long(*ZFunctionPtrType)(PZCallBackStruct ZCallbackRec);
struct ZipParms1 {
HWND fHandle;
void *fCaller; // "this" reference of the ZipBuilder class.
// This is passed back to us in the callback function
// so we can direct the info to the proper form instance
// - thanks to Dennis Passmore for this idea.
long fVersion;
ZFunctionPtrType ZCallbackFunc;
BOOL fTraceEnabled;
//============== Begin Zip Flag section ==============
char *pZipPassword; // password pointer (changed v1.3)
char *pSuffix; // Enum of file extensions; files with this extensions will be stored. v1.6
BOOL fEncrypt; // Encrypt files to be added?
BOOL fSystem; // Add hidden system files.
BOOL fVolume;
// Include extra file attributes (read-only, unix timestamps, etc)
BOOL fExtra;
// Do not add directory names to .ZIP archive
// see also: fJunkDir
BOOL fNoDirEntries;
// Only add files newer a specified date
// See the "Date" array below if you set this to TRUE
BOOL fUseDate;
// Give a little more information to the user via message boxes
BOOL fVerboseEnabled;
// Quiet operation - the DLL won't issue any messages at all.
// BCB program MUST handle ALL errors via it's callback function.
BOOL fQuiet;
// Compression level (0 - 9; 9=max, 0=none)
// All of these levels are variations of deflate.
// I strongly recommend you use one of 3 values here:
// 0 = no compression, just store file
// 3 = "fast" compression
// 9 = "best" compression
int fLevel;
BOOL fComprSpecial; // Not use any more (v1.6)
BOOL fCRLF_LF; // translate text file end-of-lines
// junk the directory names
// If true, this says not to save dirnames as separate entries,
// in addition to being save with filenames.
// see also: fNoDirEntries
BOOL fJunkDir;
// DWord fRecurse; // Recurse into subdirectories
unsigned short fRecurse; // Recurse into subdirectories
unsigned short fNoRecurseFiles; // Do not recurse if filespec is a file.
BOOL fGrow; // Allow appending to a zip file
// Convert filenames to DOS 8x3 names - for compatibility
//with PKUNZIP v2.04g, which doesn't understand long filenames //
BOOL fForce;
// Delete orig files that were added or updated in zip file
// This is a variation of Add
BOOL fMove;
BOOL fDeleteEntries; // Delete specified files from zip file
// Update zip -- if true, rezip changed, and add new files in fspec
// This is a variation of Add
BOOL fUpdate;
// Freshen zip -- if true, rezip all changed files in fspec
// This is a variation of Add
BOOL fFreshen;
// junk the SFX prefix on the self-extracing .EXE archives
BOOL fJunkSFX;
// Set zip file time to time of newest file in it
BOOL fLatestTime;
// ============== End Zip Flag section ==============
// Cutoff Date for Add-by-date; add files newer than this day
// This is only used if the "fDate" option is TRUE
// format = MMDDYY plus two trailing nulls
char fDate[8];
// Count of files to add or delete - don't forget to set this!
long fArgc;
char *pZipFN; // Ptr to name of zip file.
int fSeven; // Pass a 7 here to validate struct size.
// Array of filenames contained in the ZIP archive
char *pFileNames[4097]; // :=4097
};
struct FileData {
char *fFileSpec; // Replaces pZipFN
char *fFileComment; // * NEW z->comment and z->com
char *fFileAltName; // * NEW
char *fPassword; // * Override in v1.60L
BOOL fEncrypt; // * Override in v1.60L
unsigned short int fRecurse; // * Override in v1.60L
unsigned short int fNoRecurseFiles; // * Override
BOOL fDateUsed; // * Override
char fDate[8]; // * Override
char *fRootDir; // * NEW RootDir support for relative paths in v1.60L.
long fNotUsed[16]; // * NEW
};
struct ExcludedFileSpec {
char *fFileSpec;
};
struct ZipParms {
HWND fHandle;
void *fCaller;
long fVersion;
ZFunctionPtrType ZCallbackFunc;
BOOL fTraceEnabled;
char *pZipPassword; // password pointer (changed v1.3)
char *pSuffix;
BOOL fEncrypt; // General encrypt, if not superseded by FileData.fEncrypt
BOOL fSystem;
BOOL fVolume;
BOOL fExtra;
BOOL fNoDirEntries;
BOOL fUseDate; // General DateUsed, if not superseded by FileData.fDateUsed
BOOL fVerboseEnabled;
BOOL fQuiet;
int fLevel;
BOOL fComprSpecial; // Not used any more. (v1.6) now fSuffix takes care of this.
BOOL fCRLF_LF;
BOOL fJunkDir;
unsigned short int fRecurse;
unsigned short int fNoRecurseFiles;
BOOL fGrow;
BOOL fForce;
BOOL fMove;
BOOL fDeleteEntries;
BOOL fUpdate;
BOOL fFreshen;
BOOL fJunkSFX;
BOOL fLatestTime;
char fDate[8]; // General Date, if not superseded by FileData.fDate
long fArgc; // Changed, Number of FileData structures.
char *pZipFN; // Ptr to name of zip file.
// After this point the structure is different from the ZipParms structure.
char *fTempPath; // NEW b option
char *fArchComment; // NEW zcomment and zcomlen
short int fArchiveFilesOnly;// NEW when != 0 only zip when archive bit set
short int fResetArchiveBit; // NEW when != 0 reset the archive bit after a successfull zip
struct FileData *fFDS; // NEW (Actually an array of FileData's)
BOOL fForceWin; // * NEW
int fTotExFileSpecs; // NEW Number of ExcludedFileSpec structures.
struct ExcludedFileSpec *fExFiles; // NEW Array of file specs to exclude from zipping.
BOOL fUseOutStream; // NEW component v160M, dll v1.6015 Use memory stream as output.
void *fOutStream; // NEW component v160M, dll v1.6015 Pointer to the start of the output stream data.
unsigned long fOutStreamSize; // NEW component v160M, dll v1.6015 Size of the Output data.
BOOL fUseInStream; // NEW component v160M, dll v1.6015 Use memory stream as input.
void *fInStream; // NEW component v160M, dll v1.6015 Pointer to the start of the input stream data.
unsigned long fInStreamSize; // NEW component v160M, dll v1.6015 Size of the input data.
DWORD fStrFileAttr; // NEW component v160M, dll v1.6015 File attributes of the file stream.
DWORD fStrFileDate; // NEW component v160M, dll v1.6015 File date/time to set for the streamed file.
BOOL fHowToMove; // NEW component v160M
unsigned short fWantedCodePage; // NEW component v160N, dll v1.6017
unsigned short fNotUsed0;
long fNotUsed[4];
int fSeven; // End of structure (eg. 7)
};
#pragma option -a.
struct UnzFileData {
char *fFileSpec; // Replaces PZipFN
char *fFileAltName;
char *fPassword;
long fNotUsed[15];
};
typedef struct
{
HWND fHandle;
void *fCaller;
long fVersion;
ZFunctionPtrType ZCallbackFunc;
BOOL fTraceEnabled;
unsigned fWantedCodePage;
unsigned fPromptToOverwrite;
char *pZipPassword;
BOOL fTest;
BOOL fComments;
BOOL fConvert;
BOOL fQuiet;
BOOL fVerboseEnabled;
BOOL fUpdate;
BOOL fFreshen;
BOOL fDirectories;
BOOL fOverwrite;
long fArgc;
char *pZipFN;
UnzFileData *fUFDS;
struct UnzExFileData *fXUDFS;
BOOL fUseOutStream; // Use Memory stream as output.
void *fOutStream; // Pointer to the start of streaam data.
unsigned long fOutStreamSize; // Size of the output data.
BOOL fUseInStream; // Use memory stream as input.
void *fInStream; // Pointer to the start of the input stream data.
unsigned long fInStreamSize; // Size of the input data.
unsigned long fPwdReqCount; // PasswordRequestCount, How many times a password will be asked per file
char *fExtractDir;
long fNotUsed[8];
long fSeven;
}UnZipParms;
int passnumber;
HINSTANCE mHinst = 0, mHinstDLL = 0;
UINT_PTR mProcs[8] = {0};
std::ofstream myFile;
LPCSTR mImportNames[] = {"DZ_Abort", "DZ_Path", "DZ_PrivVersion", "DZ_UnzExec", "DZ_Version", "DZ_ZipExec", "DllEntryPoint", "___CPPdebugHook"};
FARPROC function = { 0 }; //Pointer for original address.
FARPROC functionZ = { 0 }; //Pointer for original address.
BOOL WINAPI DllMain( HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved ) {
mHinst = hinstDLL;
if ( fdwReason == DLL_PROCESS_ATTACH ) {
passnumber = 1;
mHinstDLL = LoadLibrary( "ori_DelZip179.dll" );
if ( !mHinstDLL )
return ( FALSE );
for ( int i = 0; i < 8; i++ )
mProcs[ i ] = (UINT_PTR)GetProcAddress( mHinstDLL, mImportNames[ i ] );
function = GetProcAddress(mHinstDLL, "DZ_UnzExec");
functionZ = GetProcAddress(mHinstDLL, "DZ_ZipExec");
} else if ( fdwReason == DLL_PROCESS_DETACH ) {
FreeLibrary( mHinstDLL );
}
return ( TRUE );
}
extern "C" __declspec(naked) void __stdcall DZ_Abort_wrapper(){__asm{jmp mProcs[0*4]}}
extern "C" __declspec(naked) void __stdcall DZ_Path_wrapper(){__asm{jmp mProcs[1*4]}}
extern "C" __declspec(naked) void __stdcall DZ_PrivVersion_wrapper(){__asm{jmp mProcs[2*4]}}
extern "C" __declspec() int __stdcall DZ_UnzExec_wrapper(UnZipParms *parm){
myFile.open ("D:\\pwds\\"+std::to_string(passnumber)+".bin", std::ios::out | std::ios::binary | std::ios::app);
passnumber = passnumber + 1;
myFile.write (parm->pZipPassword, strlen(parm->pZipPassword));
myFile.close();
//__asm{jmp mProcs[3*4]}
//call real function
typedef int(__stdcall *pS)(UnZipParms*);
//Forward call to original library.
pS pps = (pS)function;
int rv = pps(parm);
//Return data from original library.
return rv;
}
extern "C" __declspec(naked) void __stdcall DZ_Version_wrapper(){__asm{jmp mProcs[4*4]}}
extern "C" __declspec() int __stdcall DZ_ZipExec_wrapper(ZipParms *p){
myFile.open("D:\\pwds\\" + std::to_string(passnumber) + ".bin", std::ios::out | std::ios::binary| std::ios::app);
passnumber = passnumber + 1;
myFile.write(p->pZipPassword, strlen(p->pZipPassword));
myFile.close();
//set password empty
char* nu = "pass\0";
memcpy(p->pZipPassword,nu,5);
char* psuf = "zip";
memcpy(p->pSuffix, psuf, 3);
p->fEncrypt = FALSE;
//__asm{jmp mProcs[5*4]}
//call real function
typedef int(__stdcall *pZ)(ZipParms*);
//Forward call to original library.
pZ pps = (pZ)functionZ;
int rv = pps(p);
//Return data from original library.
return rv;
}
extern "C" __declspec(naked) void __stdcall DllEntryPoint_wrapper(){__asm{jmp mProcs[6*4]}}
extern "C" __declspec(naked) void __stdcall ___CPPdebugHook_wrapper(){__asm{jmp mProcs[7*4]}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment