protected bool SetAccountPassword(DatastoreObject targetObject, object targetObjectIdentifier, SecureString newPassword, byte[] bootKey, bool skipMetaUpdate) { // Validate input Validator.AssertNotNull(newPassword, "newPassword"); // Calculate NT hash byte[] ntHash = NTHash.ComputeHash(newPassword); // We need to read sAMAccountName and userPrincipalName to be able to generate the supplementalCredentials. string samAccountName; targetObject.ReadAttribute(CommonDirectoryAttributes.SAMAccountName, out samAccountName); string userPrincipalName; targetObject.ReadAttribute(CommonDirectoryAttributes.UserPrincipalName, out userPrincipalName); var supplementalCredentials = new SupplementalCredentials( newPassword, samAccountName, userPrincipalName, this.context.DomainController.NetBIOSDomainName, this.context.DomainController.DomainName); return(this.SetAccountPasswordHash( targetObject, targetObjectIdentifier, ntHash, supplementalCredentials, bootKey, skipMetaUpdate)); }
protected bool SetAccountPassword(DatastoreObject targetObject, object targetObjectIdentifier, SecureString newPassword, byte[] bootKey, bool skipMetaUpdate) { // Validate input Validator.AssertNotNull(newPassword, "newPassword"); // Calculate NT hash byte[] ntHash = NTHash.ComputeHash(newPassword); // TODO TODO TODO: Change parameter to DSAccount from DatastoreObject var account = this.GetAccount(targetObject, targetObjectIdentifier, bootKey); var supplementalCredentials = new SupplementalCredentials( newPassword, account.SamAccountName, account.UserPrincipalName, this.context.DomainController.NetBIOSDomainName, this.context.DomainController.Domain); return(this.SetAccountPasswordHash( targetObject, targetObjectIdentifier, ntHash, supplementalCredentials, bootKey, skipMetaUpdate)); }
public void NTHash_String_TestVector1() { string result = NTHash.ComputeHash("Pa$$w0rd").ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void NTHash_String_EmptyInput() { string result = NTHash.ComputeHash(string.Empty).ToHex(true); string expected = "31D6CFE0D16AE931B73C59D7E0C089C0"; Assert.AreEqual(expected, result); }
protected override void ProcessRecord() { // TODO: Extract as resource this.WriteVerbose("Calculating NT hash."); try { byte[] hashBytes = NTHash.ComputeHash(Password); string hashHex = hashBytes.ToHex(); this.WriteObject(hashHex); } catch (ArgumentException ex) { ErrorRecord error = new ErrorRecord(ex, "Error1", ErrorCategory.InvalidArgument, this.Password); this.WriteError(error); } catch (Win32Exception ex) { ErrorCategory category = ((Win32ErrorCode)ex.NativeErrorCode).ToPSCategory(); ErrorRecord error = new ErrorRecord(ex, "Error2", category, this.Password); // Allow the processing to continue on this error: this.WriteError(error); } catch (Exception ex) { ErrorRecord error = new ErrorRecord(ex, "Error3", ErrorCategory.NotSpecified, this.Password); this.WriteError(error); } }
public void NTHash_TestVector1() { SecureString password = "******".ToSecureString(); string result = NTHash.ComputeHash(password).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void NTHash_EmptyInput() { SecureString password = string.Empty.ToSecureString(); string result = NTHash.ComputeHash(password).ToHex(true); string expected = "31D6CFE0D16AE931B73C59D7E0C089C0"; Assert.AreEqual(expected, result); }
private void TestWeakPassword(string weakPassword) { // Windows has a hard limit on password length, so we ignore long ones if (weakPassword.Length <= NTHash.MaxInputLength) { byte[] weakHash = NTHash.ComputeHash(weakPassword); this.TestWeakNTHash(weakHash); } }
private void TestComputerDefaultPassword() { string defaultPassword = this.Account.SamAccountName.TrimEnd('$').ToLower(); byte[] defaultHash = NTHash.ComputeHash(defaultPassword); if (HashEqualityComparer.GetInstance().Equals(this.Account.NTHash, defaultHash)) { // The computer has the default password. this.result.DefaultComputerPassword.Add(this.Account.LogonName); } }
public void ManagedPassword_Vector1() { // Sample value taken from a GMSA in AD byte[] blob = "01000000220100001000000012011a011609f270f541c315ffee9fcd22a98447b5c6e6fb7151cb020a2b017bb4e003647949967fc96f7c9ec3426b80901bb9c162867cbc68c520c4d7a431c3d9a670f8aa41d2ae5c0c08f27f8698b90c18a5a576e9933fb0cadaf8e661be2f58308c580866b1ae582ee50a9aa7c5d65a312dbbc3542c51c7e0b2d4c61e9763de481d9963367273aa72b53c2e402e31c6cd38e7785ad06639cdfa07738d19ae20c370e06787ad2f600823c505fc9dd32b3f06505da37b86b298d3650140af83c1f01c907964d182ea0efb19e74c949f58123fdecb41f78ed0eabbde31bb46afd3134da82550380ed36038d100f71095404a97e52d661dbe4f74deef4122a102dca698960000864973f96017000086eba24660170000".HexToBinary(); // Its corresponding NT hash, also taken from AD string expectedHash = "1fe07f47bfa7f511d902ed5cfb79cc4d"; // Try parsing the blob ManagedPassword pwd = new ManagedPassword(blob); string actualHash = NTHash.ComputeHash(pwd.CurrentPassword.ToSecureString()).ToHex(false); Assert.AreEqual(expectedHash, actualHash); }
private void crackPasses() { FileStream passList = new FileStream(passwordList, FileMode.Open); StreamReader passStream = new StreamReader(passList, System.Text.Encoding.ASCII, true, 128); string currPass; while ((currPass = passStream.ReadLine()) != null) { currPass = currPass.TrimEnd(); if (currPass.Length < 4) { continue; } string currHash = NTHash.ComputeHash(currPass).ToHex(); if (currHash != null && currHash.Length > 0 && hashDict.ContainsKey(currHash)) { cracked.Add(currPass, new List <DSAccount>(hashDict[currHash])); } } }
protected override void ProcessRecord() { foreach (string password in this.Input) { if (string.IsNullOrEmpty(password)) { // Skip empty lines from the input. continue; } try { byte[] hash = NTHash.ComputeHash(password); if (!this.hashDictionary.ContainsKey(hash)) { // Do not try to add duplicate hashes, because the Add method would throw an ArgumentException. this.hashDictionary.Add(hash, password); } } catch (ArgumentException ex) { ErrorRecord error = new ErrorRecord(ex, "Error1", ErrorCategory.InvalidArgument, password); this.WriteError(error); } catch (Win32Exception ex) { ErrorCategory category = ((Win32ErrorCode)ex.NativeErrorCode).ToPSCategory(); ErrorRecord error = new ErrorRecord(ex, "Error2", category, password); this.WriteError(error); } catch (Exception ex) { ErrorRecord error = new ErrorRecord(ex, "Error3", ErrorCategory.NotSpecified, password); this.WriteError(error); } } }
public void NTHash_LongInput() { SecureString password = "******".ToSecureString(); string result = NTHash.ComputeHash(password).ToHex(true); }
public void NTHash_NullInput() { NTHash.ComputeHash(null); }
public void NTHash_String_NullInput() { NTHash.ComputeHash((string)null); }
public void NTHash_String_LongInput() { string password = "******"; string result = NTHash.ComputeHash(password).ToHex(true); }