Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Test-SmbPassword.ps1
function Test-SmbPassword {
<#
.SYNOPSIS
Tests a username and password to see if it is valid against a remote machine or domain.
Author: Chris Campbell (@obscuresec)
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
Version: 0.1.0
.DESCRIPTION
Tests a username and password to see if it is valid against a remote machine or domain.
.EXAMPLE
PS C:\> Test-SmbPassword -ComputerName 2K8DC -UserName test123 -Password password123456! -Domain
Password Username Valid
-------- -------- -----
password123456! test123 True
.EXAMPLE
PS C:\> Get-Content 'c:\demo\usernames.txt' | Test-SmbPassword -ComputerName 'DC1' -Password 'Passsword123456!' -Domain
Password Username Valid
-------- -------- -----
password123456! test False
password123456! Administrator False
password123456! tomcat False
password123456! test123 True
.LINK
#>
[CmdletBinding()] Param(
[Parameter(Mandatory = $true)]
[String] $ComputerName,
[parameter(Mandatory = $True,ValueFromPipeline=$True)]
[String] $UserName,
[parameter(Mandatory = $True)]
[String] $Password,
[parameter()]
[Switch] $Domain
)
Begin {Set-StrictMode -Version 2}
Process {
#try to load assembly
Try {Add-Type -AssemblyName System.DirectoryServices.AccountManagement}
Catch {Write-Error $Error[0].ToString() + $Error[0].InvocationInfo.PositionMessage}
If ($Domain) {$ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain}
Else {$ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Machine}
Try {
$PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext($ContextType, $ComputerName)
$Valid = $PrincipalContext.ValidateCredentials($Username, $Password).ToString()
If ($Valid) {Write-Verbose "SUCCESS: $Username works with $Password"}
Else {Write-Verbose "FAILURE: $Username did not work with $Password"}
#Create custom object to output results
$ObjectProperties = @{'Username' = $UserName;
'Password' = $Password;
'Valid' = $Valid}
$ResultsObject = New-Object -TypeName PSObject -Property $ObjectProperties
Return $ResultsObject
}
Catch {Write-Error $Error[0].ToString() + $Error[0].InvocationInfo.PositionMessage}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.