Hello people, i'm new here.
I have a program developed in Visual Basic 6, I forgot the password and there's no chance of getting the source code with the developer.
I've decompiled it with a vbdecompiler program, I have the source code but the password is not clear in the code. I hope you help me.
Well, the action on the Ok Button to confirm the password :
" loc_0041FA2B: call MSVBVM60.DLL.__vbaHresultCheckObj
loc_0041FA31: mov eax, var_18
loc_0041FA34: push eax
loc_0041FA35: call 00414BA0h
loc_0041FA3A: mov edx, eax
loc_0041FA3C: lea ecx, var_1C
loc_0041FA3F: call MSVBVM60.DLL.__vbaStrMove
loc_0041FA45: push eax
loc_0041FA46: call MSVBVM60.DLL.__vbaStrCmp
loc_0041FA4C: mov edi, eax "
I did another simple program with a textbox to compare the decompiled code, i'm sure the red line above says something about the password. The 'vbaStrCmp' is the If clause in the program. In my simple test program, the password appeared in the code, here in the real lost password program it calls 00414BA0h
. There I found this:
"Private sub Unknown_414BA0
loc_00414BA0: push ebp
loc_00414BA1: mov ebp, esp
loc_00414BA3: sub esp, 00000008h
loc_00414BA6: push 00401886h ; MSVBVM60.DLL.__vbaExceptHandler
loc_00414BAB: mov eax, fs:[00h]
loc_00414BB1: push eax
loc_00414BB2: mov fs:[00000000h], esp
loc_00414BB9: sub esp, 00000008h
loc_00414BBC: push ebx
loc_00414BBD: push esi
loc_00414BBE: push edi
loc_00414BBF: mov var_8, esp
loc_00414BC2: mov var_4, 00401210h
loc_00414BC9: mov edx, [00422034h] ;
loc_00414BCF: lea ecx, var_14
loc_00414BD2: mov var_14, 00000000h
loc_00414BD9: call MSVBVM60.DLL.__vbaStrCopy
loc_00414BDF: push 00414BF1h ; "‹Mð‹Eì_^d‰'#1"
loc_00414BE4: jmp 414BF0h
loc_00414BE6: lea ecx, var_14
loc_00414BE9: call MSVBVM60.DLL.__vbaFreeStr
I really think the red code above it's the password, in my program that's how it has appeared. At this one I couldn't recognize these weird characters.
Well, just to finish, I don't know nothing about Assembly.
If you know something to help me, please let me know. thank you.