Did you ever have forgotten your Windows Live Messenger password? Once forgotten you are completely logged out of all services like: Hotmail, Messenger and other services because they are all sharing the same ID.
In this article I will l explain you what kind of storage/encryption mechanism is used by the Windows Live Messenger and how you can recover such stored passwords with Delphi in conjunction with JWA.
Well, you might asked why I wrote such a tool when there are masses out in the wild which will recover the Live Messenger password and the passwords of most if not all other messenger applications.
The answer is simple because a lot of tools aren’t freeware which I hardly noticed as I really was in need to find one quickly due to a problem at my brother’s pc.
The next problem is if you really found a freeware tool which would do the task can you trust it?
Well, and then there were a lot of tools which are marked as freeware but contains Trojans or adware. So I decided to write my because I was curious to know if I could do it and how Windows Live Messenger works while encrypting stored passwords.
On the left you can see a screenshot of my WLM Decrypter tool.
By the way let me please say the following since I received some mails asking me for a project file. Well, the code is right in front of this article so everyone can compile it themselves.
MSN and Windows Live Messenger both using the same storage the “Credential Store” like Windows does for network authentication passwords but also application like RDP, or Outlook to name a few of them. You can access this storage using the Credential Management API Functions.
Windows ‘Credential Store’ supports different type of password storage mechanisms. Each type uses different kind of encryption and requires different level of privileges for decryption.
Here are the main types
- Generic Password
- Domain Password
- Domain Visible Password / .NET Passport
Recovering Password from Windows Live Messenger
All versions of Live Messenger including latest 2011 edition uses same storage and encryption mechanism “Generic Password” to store the credentials. ‘Generic Password’ types are user specific and can be decrypted only in the security context of corresponding user.
procedure DecryptWLPassword(); var dwCount: DWORD; CredArray: PCredentialsArray; I: Integer; Pwd: string; begin dwCount := 0; CredArray := nil; Memo1.Lines.Clear; try Win32Check(CredEnumerate('WindowsLive:name=*', 0, dwCount, PCREDENTIALW(CredArray))); for I := 0 to dwCount - 1 do begin with Memo1.Lines, CredArray^[I]^ do begin if CredentialBlobSize > 0 then begin SetLength(pwd, CredentialBlobSize div sizeof(Char)); CopyMemory(@pwd, CredentialBlob, CredentialBlobSize); end else begin SetLength(pwd, 0); end; Add(Format('Username: %s Password: %s', [Username, pwd])); end; end; except ShowMessage('Sorry no accounts found maybe the user doesn''t saved the password'); end; if dwCount > 0 then SecureZeroMemory(@pwd, Length(pwd)); CredFree(CredArray); end;