Jump to content

how to verify the weak password in Autoit 3

kmps

By kmps,
in AutoIt General Help and Support

 Share

Recommended Posts

kmps Seeker

kmps

Posted
Posted

Hello,

I am trying to write a script to make sure the users NT account password is not blank or something like "abc","123"...

If any good man can tell me,how to do that?

On Error Resume Next

Set objNetwork = CreateObject("Wscript.Network")

strComputer = objNetwork.ComputerName

strPassword = "password"

Set colAccounts = GetObject("WinNT://" & strComputer & "")

colAccounts.Filter = Array("user")

For Each objUser In colAccounts

objUser.ChangePassword strPassword, strPassword

If Err = 0 or Err = -2147023569 Then

Wscript.Echo objUser.Name & " is using the password " & _

strpassword & "."

End If

Err.Clear

Next

just like above but with Autoit 3 not Windows Script language

thx a lot!

Link to comment
Share on other sites
kmps Seeker

kmps

Posted
  • Author
Posted

sorry,maybe I hadn't explain clearly what I wants.

The password I wants to verify is the Windows account passwords,and in this process,all should be automatic and no input dialog needed.

anyway thank you!

maybe..

MsgBox(64, " Pwd Test", GetPass())

Func GetPass()
    While 1
        $passwd = InputBox("Security Check", "Enter your password.", "", "*")
        If @error = 1 Then Exit
        If $passwd = "" Or $passwd = "123" Or $passwd = "abc" then ContinueLoop
        Return $passwd
    WEnd
EndFunc

8)

Link to comment
Share on other sites
MHz Universalist

MHz

Posted
Posted

Here is a coversion of your code, but not sure at present of the use of the VBS Array() function's role in it. It may need some investigating if the guess for Array() replacement below fails.

$array[1] = ["user"]
ObjEvent("AutoIt.Error", "ComErrorHandler")
;~ On Error Resume Next
$objNetwork = ObjCreate("Wscript.Network")
$strComputer = $objNetwork.ComputerName
$strPassword = "password"
$colAccounts = ObjGet("WinNT://" & $strComputer & "")
$colAccounts.Filter = $array;Array("user"); Not sure...
For $objUser In $colAccounts
    $objUser.ChangePassword($strPassword, $strPassword)
;~  If Err = 0 or Err = -2147023569 Then
;~  Wscript.Echo $objUser.Name & " is using the password " & _
;~      $strpassword & "."
;~  EndIf
;~  Err.Clear
Next

Func ComErrorHandler()
  $HexNumber=hex($oMyError.number,8)    ; for displaying purposes
  Msgbox(0,"AutoItCOM Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
             "err.description is: "    & @TAB & $oMyError.description    & @CRLF & _
             "err.number is: "         & @TAB & $HexNumber              & @CRLF & _
             "err.scriptline is: "     & @TAB & $oMyError.scriptline     & @CRLF _
            )
  SetError(1)  ; to check for after this function returns
Endfunc

The commented lines are basicly obsolete.

:P

Link to comment
Share on other sites
ptrex Universalist

ptrex

Posted
Posted

@MHz

Did you run it on your machine to test it before posting ?

Because it is not running.

This is what it should be :

ObjEvent("AutoIt.Error", "ComErrorHandler")

Dim $oMyError
Dim $Array[2] = ["user", "Group"]

$objNetwork = ObjCreate("Wscript.Network")
$strComputer = $objNetwork.ComputerName
$strPassword = "password"
$colAccounts = ObjGet("WinNT://" & $strComputer & "")
$colAccounts.Filter = $Array[0]

For $objUser In $colAccounts
;$objUser.ChangePassword($strPassword, $strPassword)

If @error = 0 or @error = -2147023569 Then

MsgBox(0,"Password Check - "& $Array[1], $objUser.Name & " is using the password " & $strpassword & ".")

EndIf
Next

Func MyErrFunc()
  $HexNumber=hex($oMyError.number,8)
  Msgbox(0,"COM Error Test","We intercepted a COM Error !"       & @CRLF  & @CRLF & _
             "err.description is: "    & @TAB & $oMyError.description    & @CRLF & _
             "err.windescription:"     & @TAB & $oMyError.windescription & @CRLF & _
             "err.number is: "         & @TAB & $HexNumber              & @CRLF & _
             "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
             "err.scriptline is: "     & @TAB & $oMyError.scriptline     & @CRLF & _
             "err.source is: "         & @TAB & $oMyError.source         & @CRLF & _
             "err.helpfile is: "       & @TAB & $oMyError.helpfile       & @CRLF & _
             "err.helpcontext is: "    & @TAB & $oMyError.helpcontext _
            )
  SetError(1)  ; to check for after this function returns
Endfunc

I did comment the actual change action in the sccript,

because I don' t won' t to change my passwords ofcourse :P

Enjoy !!

ptrex

Contributions :Firewall Log Analyzer for XP - Creating COM objects without a need of DLL's - UPnP support in AU3Crystal Reports Viewer - PDFCreator in AutoIT - Duplicate File FinderSQLite3 Database functionality - USB Monitoring - Reading Excel using SQLRun Au3 as a Windows Service - File Monitor - Embedded Flash PlayerDynamic Functions - Control Panel Applets - Digital Signing Code - Excel Grid In AutoIT - Constants for Special Folders in WindowsRead data from Any Windows Edit Control - SOAP and Web Services in AutoIT - Barcode Printing Using PS - AU3 on LightTD WebserverMS LogParser SQL Engine in AutoIT - ImageMagick Image Processing - Converter @ Dec - Hex - Bin -Email Address Encoder - MSI Editor - SNMP - MIB ProtocolFinancial Functions UDF - Set ACL Permissions - Syntax HighLighter for AU3ADOR.RecordSet approach - Real OCR - HTTP Disk - PDF Reader Personal Worldclock - MS Indexing Engine - Printing ControlsGuiListView - Navigation (break the 4000 Limit barrier) - Registration Free COM DLL Distribution - Update - WinRM SMART Analysis - COM Object Browser - Excel PivotTable Object - VLC Media Player - Windows LogOnOff Gui -Extract Data from Outlook to Word & Excel - Analyze Event ID 4226 - DotNet Compiler Wrapper - Powershell_COM  - New

Link to comment
Share on other sites
MHz Universalist

MHz

Posted
Posted

Did you run it on your machine to test it before posting ?

No, I did not test, but merely converted it and as mentioned previously, I am unsure of the Array function used for the filter. Upon running you script, even eventlog, FastUserSwitching...has passwords? :P

I still consider an issue with the filter is present.

Link to comment
Share on other sites
MHz Universalist

MHz

Posted
Posted (edited)

I have tried the ChangePassword but continues to end the script with error. I noticed the similar script here by the MS scripting guy.

Global $array[1] = ["user"]
Global $oMyError = ObjEvent("AutoIt.Error", "ComErrorHandler")

$objNetwork = ObjCreate("Wscript.Network")
$strComputer = $objNetwork.ComputerName

$strPassword = ""

$colAccounts = ObjGet("WinNT://" & $strComputer & "")
$colAccounts.Filter = $array

For $objUser In $colAccounts
    ConsoleWrite($objUser.name & @LF)
    $objUser.ChangePassword ($strPassword, $strPassword)
Next

Func ComErrorHandler()
    Dim $oMyError
    Local $HexNumber = hex($oMyError.number,8)
    If $HexNumber = 0 Or $HexNumber = -2147023569 Then
        Return MsgBox(0, '', $objUser.name & ' is using a blank password')
    EndIf
    Msgbox(0,"AutoItCOM Test","We intercepted a COM Error !"        & @CRLF & @CRLF & _
             "err.description is: "    & @TAB & $oMyError.description       & @CRLF & _
             "err.windescription:"     & @TAB & $oMyError.windescription    & @CRLF & _
             "err.number is: "         & @TAB & $HexNumber                  & @CRLF & _
             "err.scriptline is: "     & @TAB & $oMyError.scriptline        & @CRLF )
    SetError(1)
Endfunc

Edit:

Perhaps same issue like I have in the bug thread (Dictionary Object bug) with an issue writing to an object?

Edit:

Working better now with small changes, but not catching the -2147023569 error.

Late edit:

Seems the -2147023569 error is a general error anyway. So long as you get an error from the ComErrorHandler(), then the password failed. The code is AFAIK deemed working.

Edited by MHz
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...