public static int CredEnum(string Filter, out Credential[] Credentials)
{
int count = 0;
int Flags = 0x0;
if (string.IsNullOrEmpty(Filter) ||
"*" == Filter)
{
Filter = null;
if (6 <= Environment.OSVersion.Version.Major)
{
Flags = 0x1; //CRED_ENUMERATE_ALL_CREDENTIALS; only valid is OS >= Vista
}
}
IntPtr pCredentials = IntPtr.Zero;
if (!CredEnumerateW(Filter, Flags, out count, out pCredentials))
{
Credentials = null;
return(Marshal.GetHRForLastWin32Error());
}
CriticalCredentialHandle CredHandle = new CriticalCredentialHandle(pCredentials);
Credentials = CredHandle.GetCredentials(count);
return(0);
}
public static int ReadCred(string key, out string username, out string password)
{
// Validations.
username = password = null;
IntPtr nCredPtr;
//string readPasswordText = null;
// Make the API call using the P/Invoke signature
bool read = CredRead(key, CRED_TYPE.GENERIC, 0, out nCredPtr);
int lastError = Marshal.GetLastWin32Error();
// If the API was successful then...
if (read)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
Credential cred = critCred.GetCredential();
username = cred.UserName;
password = cred.CredentialBlob;
}
return(0);
}
else
{
return(lastError);
}
}
public static bool GetCredentials(string target, out string username, out string password)
{
#if NET45
try
{
var permissions = new SecurityPermission(SecurityPermissionFlag.UnmanagedCode);
permissions.Demand();
var result = CredRead(target, 1, 0, out var credPointer);
if (result)
{
using (var credentialHandle = new CriticalCredentialHandle(credPointer))
{
var credential = credentialHandle.GetCredential();
username = credential.UserName;
if (credential.CredentialBlobSize > 0)
{
password = Marshal.PtrToStringUni(credential.CredentialBlob, credential.CredentialBlobSize / 2);
return(true);
}
}
}
}
catch (Exception e)
{
Debug.WriteLine(e.ToString());
}
#endif
username = null;
password = null;
return(false);
}
public static int TryRead(string target, CredentialType type, out Credential credential)
{
if (!CredReadW(target, type, 0, out var credentialPtr))
{
credential = new Credential();
return(Marshal.GetHRForLastWin32Error());
}
var credentialHandle = new CriticalCredentialHandle(credentialPtr);
credential = credentialHandle.GetCredential();
return(0);
}
public static int CredRead(string target, CRED_TYPE type, out Credential Credential)
{
IntPtr pCredential = IntPtr.Zero;
Credential = new Credential();
if (!CredReadW(target, type, 0, out pCredential))
{
return(Marshal.GetHRForLastWin32Error());
}
CriticalCredentialHandle CredHandle = new CriticalCredentialHandle(pCredential);
Credential = CredHandle.GetCredential();
return(0);
}
private static PSCredential ReadWindowsCredentialManagerEntry(string applicationName)
{
bool success = CredRead(applicationName, CRED_TYPE.GENERIC, 0, out IntPtr credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = StringToSecureString(cred.CredentialBlob);
return(new PSCredential(username, securePassword));
}
return(null);
}
public static Credential ReadCredential(string applicationName)
{
IntPtr nCredPtr;
bool read = CredRead(applicationName, CredentialType.Generic, 0, out nCredPtr);
if (read)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
CREDENTIAL cred = critCred.GetCredential();
return(ReadCredential(cred));
}
}
return(null);
}
private static NetworkCredential ReadWindowsCredentialManagerEntry(string applicationName)
{
bool success = CredRead(applicationName, CRED_TYPE.GENERIC, 0, out IntPtr credPtr);
if (success)
{
#pragma warning disable CA2000 // Dispose objects before losing scope
var critCred = new CriticalCredentialHandle(credPtr);
#pragma warning restore CA2000 // Dispose objects before losing scope
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = cred.CredentialBlob.ToSecureString();
return(new NetworkCredential(username, securePassword));
}
return(null);
}
public static Credential ReadCredential(string applicationName)
{
IntPtr nCredPtr;
bool read = CredRead(applicationName, CredentialType.Generic, 0, out nCredPtr);
if (read)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
CREDENTIAL cred = critCred.GetCredential();
string userName = Marshal.PtrToStringUni(cred.UserName);
string secret = Marshal.PtrToStringUni(cred.CredentialBlob, (int)cred.CredentialBlobSize / 2);
return(new Credential(userName, secret));
}
}
return(null);
}
public PasswordCredential Get(string key)
{
int lastError = Marshal.GetHRForLastWin32Error();
if (!CredRead(key, CRED_TYPE.GENERIC, 0, out var nCredPtr))
{
return(null);
}
CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr);
Credential credential = critCred.GetCredential();
PasswordCredential passCred = new PasswordCredential();
passCred.UserName = credential.UserName;
passCred.Password = credential.CredentialBlob;
return(passCred);
}
public byte[] Get(string key)
{
var success = Advapi32.CredRead(key, CRED_TYPE.CRED_TYPE_GENERIC, 0, out IntPtr credentialPtr);
if (!success)
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
using (var criticalCredentialHandle = new CriticalCredentialHandle(credentialPtr))
{
var credential = criticalCredentialHandle.GetCredential();
var buffer = new byte[credential.CredentialBlobSize];
Marshal.Copy((IntPtr)credential.CredentialBlob, buffer, 0, (int)credential.CredentialBlobSize);
return(buffer);
}
}
public static string GetCredentialValue(string name)
{
if (!CredRead(name, CredentialType.Generic, 0, out IntPtr credentialPtr))
{
return(null);
}
using (var handle = new CriticalCredentialHandle(credentialPtr))
{
var credential = handle.GetCredential();
if (credential.CredentialBlobSize > 0)
{
var password = Marshal.PtrToStringUni(credential.CredentialBlob, credential.CredentialBlobSize / 2);
return(password);
}
}
return(null);
}
/// <summary>
/// Read the credentials associated with <paramref name="key" /> from the Windows Credential Manager's store.
/// </summary>
/// <param name="key">
/// Key.
/// </param>
/// <param name="userName">
/// User name returned.
/// </param>
/// <param name="password">
/// Password returned.
/// </param>
/// <returns>
/// Windows status code - 0 is success.
/// </returns>
public static int ReadCredentials(string key, out SecureString userName, out SecureString password)
{
// Sanity check...
if (string.IsNullOrEmpty(key))
{
throw new ArgumentNullException("key is null or empty");
}
IntPtr credentialPointer;
userName = null;
password = null;
// Make the API call using the P/Invoke signature.
var read = CredRead(key, CredentialType.CredTypeGeneric, 0, out credentialPointer);
var lastError = Marshal.GetLastWin32Error();
if (!read)
{
return(lastError);
}
// If the API was successful then extract the credential.
using (var critCred = new CriticalCredentialHandle(credentialPointer))
{
var cred = critCred.GetCredential();
var passwordBytes = new byte[cred.CredentialBlobSize];
// Copy the memory from the blob to our array
Marshal.Copy(cred.CredentialBlob, passwordBytes, 0, (int)cred.CredentialBlobSize);
userName = cred.UserName == IntPtr.Zero
? new SecureString()
: Marshal.PtrToStringUni(cred.UserName).ConvertToSecureString();
password = Encoding.Unicode.GetString(passwordBytes).ConvertToSecureString();
}
return(0);
}
/// <summary>
/// Read first credential available for application
/// </summary>
/// <returns>Credential object, null in case of error</returns>
public Credential ReadCredential()
{
try
{
var read = CredRead(_applicationName, CredentialType.Generic, 0, out IntPtr nCredPtr);
if (!read)
{
return(null);
}
using (var critCred = new CriticalCredentialHandle(nCredPtr))
{
var credential = critCred.GetCredential();
return(ReadCredential(credential));
}
}
catch (Exception exception)
{
Logger.LogException("CredentialManager", LogLevel.Warning, exception);
return(null);
}
}
public static int Query(string filter, out Credential[] credentials)
{
var flags = 0x0;
if (string.IsNullOrEmpty(filter) || filter == "*")
{
filter = null;
if (Environment.OSVersion.Version.Major >= 6) // CRED_ENUMERATE_ALL_CREDENTIALS; only valid is OS >= Vista
{
flags = 0x1;
}
}
if (!CredEnumerateW(filter, flags, out var count, out var credentialPtr))
{
credentials = null;
return(Marshal.GetHRForLastWin32Error());
}
var credentialHandle = new CriticalCredentialHandle(credentialPtr);
credentials = credentialHandle.GetCredentials(count);
return(0);
}
public static PSCredential GetCredential(string Name)
{
PSCredential psCredential = null;
IntPtr credPtr;
bool success = CredRead(Name, CRED_TYPE.GENERIC, 0, out credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = new SecureString();
string credentialBlob = cred.CredentialBlob;
char[] passwordChars = credentialBlob.ToCharArray();
foreach (char c in passwordChars)
{
securePassword.AppendChar(c);
}
psCredential = new PSCredential(username, securePassword);
}
return psCredential;
}
/// <summary>
/// Returns a NetworkCredential given a certain name. Add the credential in the Windows Credential Manager and create a new Windows Credential. Then add a new GENERIC Credential. The name parameter in the method maps to the Internet or network address field.
/// </summary>
/// <param name="name"></param>
/// <returns>System.Net.NetworkCredential</returns>
public static NetworkCredential GetCredential(string name)
{
NetworkCredential credential = null;
IntPtr credPtr;
var success = NativeMethods.CredRead(name, CRED_TYPE.GENERIC, 0, out credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = new SecureString();
var credentialBlob = cred.CredentialBlob;
var passwordChars = credentialBlob.ToCharArray();
foreach (var c in passwordChars)
{
securePassword.AppendChar(c);
}
credential = new NetworkCredential(username, securePassword);
}
return credential;
}
public static PSCredential GetCredential(string name)
{
PSCredential psCredential = null;
IntPtr credPtr;
bool success = CredRead(name, CRED_TYPE.GENERIC, 0, out credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = new SecureString();
string credentialBlob = cred.CredentialBlob;
char[] passwordChars = credentialBlob.ToCharArray();
foreach (char c in passwordChars)
{
securePassword.AppendChar(c);
}
psCredential = new PSCredential(username, securePassword);
}
return(psCredential);
}
/// <summary>
/// Returns a NetworkCredential given a certain name. Add the credential in the Windows Credential Manager and create a new Windows Credential. Then add a new GENERIC Credential. The name parameter in the method maps to the Internet or network address field.
/// </summary>
/// <param name="name"></param>
/// <returns>System.Net.NetworkCredential</returns>
public static NetworkCredential GetCredential(string name)
{
NetworkCredential credential = null;
IntPtr credPtr;
var success = NativeMethods.CredRead(name, CRED_TYPE.GENERIC, 0, out credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = new SecureString();
var credentialBlob = cred.CredentialBlob;
var passwordChars = credentialBlob.ToCharArray();
foreach (var c in passwordChars)
{
securePassword.AppendChar(c);
}
credential = new NetworkCredential(username, securePassword);
}
return(credential);
}
public static Credential ReadCredential(string applicationName)
{
IntPtr nCredPtr;
bool read = CredRead(applicationName, CredentialType.Generic, 0, out nCredPtr);
if (read)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
CREDENTIAL cred = critCred.GetCredential();
var credential = ReadCredential(cred);
if (string.IsNullOrWhiteSpace(credential.Password) ||
string.IsNullOrWhiteSpace(credential.UserName))
{
return(null);
}
return(credential);
}
}
return(null);
}
public static Microsoft.SharePoint.Client.SharePointOnlineCredentials GetCredential(string Name)
{
Microsoft.SharePoint.Client.SharePointOnlineCredentials credential = null;
IntPtr credPtr;
bool success = CredRead(Name, CRED_TYPE.GENERIC, 0, out credPtr);
if (success)
{
var critCred = new CriticalCredentialHandle(credPtr);
var cred = critCred.GetCredential();
var username = cred.UserName;
var securePassword = new SecureString();
string credentialBlob = cred.CredentialBlob;
char[] passwordChars = credentialBlob.ToCharArray();
foreach (char c in passwordChars)
{
securePassword.AppendChar(c);
}
credential = new Microsoft.SharePoint.Client.SharePointOnlineCredentials(username, securePassword);
}
return(credential);
}
public static void ExportCredentialPtr(IntPtr nCredPtr)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
CREDENTIAL cred = critCred.GetCredential();
uint Flags = cred.Flags;
CredentialType Type = cred.Type;
string TargetName = Marshal.PtrToStringUni(cred.TargetName);
string Comment = Marshal.PtrToStringUni(cred.Comment);
System.Runtime.InteropServices.ComTypes.FILETIME LastWritten = cred.LastWritten;
uint CredentialBlobSize = cred.CredentialBlobSize;
var data = new byte[CredentialBlobSize];
if (CredentialBlobSize > 0)
{
Marshal.Copy(cred.CredentialBlob, data, 0, data.Length);
}
uint Persist = cred.Persist;
int AttributeCount = cred.AttributeCount;
var attribSize = Marshal.SizeOf(typeof(NativeCredentialAttribute));
ExportAttrib[] attribs = new ExportAttrib[AttributeCount];
if (AttributeCount > 0)
{
byte[] rawData = new byte[AttributeCount * attribSize];
var buffer = Marshal.AllocHGlobal(attribSize);
Marshal.Copy(cred.Attributes, rawData, (int)0, (int)AttributeCount * attribSize);
for (int i = 0; i < AttributeCount; i++)
{
Marshal.Copy(rawData, i * attribSize, buffer, attribSize);
var attr = (NativeCredentialAttribute)Marshal.PtrToStructure(buffer,
typeof(NativeCredentialAttribute));
var key = attr.Keyword;
var val = new byte[attr.ValueSize];
Marshal.Copy(attr.Value, val, (int)0, (int)attr.ValueSize);
Console.WriteLine("[-] Attribute {0}", key);
ExportAttrib attrib = new ExportAttrib();
attrib.Keyword = attr.Keyword;
attrib.Flags = attr.Flags;
attrib.ValueSize = attr.ValueSize;
attrib.Value = val;
attribs[i] = attrib;
}
Marshal.FreeHGlobal(buffer);
}
string TargetAlias = Marshal.PtrToStringUni(cred.TargetAlias);
string UserName = Marshal.PtrToStringUni(cred.UserName);
ExportCred export = new ExportCred();
export.Flags = Flags;
export.Type = Type;
export.TargetName = TargetName;
export.Comment = Comment;
export.LastWritten = LastWritten;
export.CredentialBlobSize = CredentialBlobSize;
export.CredentialBlob = data;
export.Persist = Persist;
export.AttributeCount = AttributeCount;
export.AttributesLength = AttributeCount * attribSize;
export.Attributes = attribs;
export.TargetAlias = TargetAlias;
export.UserName = UserName;
Console.WriteLine(JsonConvert.SerializeObject(export).Replace("\"", "'"));
}
}
public static AutoRohlikovac.Credential ReadCredential(string applicationName)
{
IntPtr nCredPtr;
var read = CredRead(applicationName, CredentialType.Generic, 0, out nCredPtr);
if (read)
{
using (var critCred = new CriticalCredentialHandle(nCredPtr))
{
var cred = critCred.GetCredential();
return ReadCredential(cred);
}
}
return null;
}
public static Credential ReadCredential(string applicationName)
{
IntPtr nCredPtr;
bool read = CredRead(applicationName, CredentialType.Generic, 0, out nCredPtr);
if (read)
{
using (CriticalCredentialHandle critCred = new CriticalCredentialHandle(nCredPtr))
{
CREDENTIAL cred = critCred.GetCredential();
return ReadCredential(cred);
}
}
return null;
}
