Remote password changer

Toltec · February 27, 2009

Hello,

I need to create a simple gui that allows the following to occur:

1. user enters their user name

2. user enters a new password

3. user clicks 'ok' and the password is changed on a remote Windows 2003 server

This is code that I know will work from a batch script or command line using Psexec and the 'Net User' command as in the following example:

psexec \\server -u administrator -p somepassword net user test test2

I've tested the above and it works fine, now I want to create a user interface so I can make it very easy to change the password without having to resort to batch files. The admin password will need to be obfuscated of course, but not the user's. I checked out Koda, and came up with this for the design (non-functional of course, I don't know how to take the input values and translate them to the necessary DOS commands):

CODE

#include <GUIConstants.au3>

#Region ### START Koda GUI section ### Form=c:\downloads\koda_1.7.0.1\templates\axis password changerkxf.kxf

$dlgPassword = GUICreate("Axis Password Changer", 262, 190, -1, -1)

GUISetIcon("D:\008.ico")

$PasswordEdit = GUICtrlCreateInput("password", 8, 96, 233, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL))

$ButtonOk = GUICtrlCreateButton("&OK", 94, 144, 75, 25, 0)

$ButtonCancel = GUICtrlCreateButton("&Cancel", 175, 144, 75, 25, 0)

$EnterPassLabel = GUICtrlCreateLabel("Enter new password", 8, 68, 100, 17)

$UserName = GUICtrlCreateInput("password", 8, 40, 233, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL))

$Label2 = GUICtrlCreateLabel("Enter user name", 8, 12, 81, 17)

GUISetState(@SW_SHOW)

#EndRegion ### END Koda GUI section ###

While 1

$nMsg = GUIGetMsg()

Switch $nMsg

Case $GUI_EVENT_CLOSE

Exit

Case $ButtonCancel

EndSwitch

WEnd

Any assistance would be very appreciated!

Thank you

Toltec · February 27, 2009

I've come up with this, which works partially:

CODE

#include <file.au3>

#include <guiconstants.au3>

#include <Constants.au3>

Global $netuser

$netuser = "net user "

$ret = _GUICreateLogin(10000)

Func _GUICreateLogin($hTitle, $hPrompt = "", $bBlank = False, $hWidth = -1, $hHeight = -1, $hLeft = -1, $hTop = -1, $timeout = 0, $ShowError = 0)

$username = InputBox("Username","Username:","","")

$password = InputBox("Password","Password:","","*")

$user = GUICtrlRead($username)

$pass = GUICtrlRead($password)

RunWait(@ComSpec & " /c psexec \\server -u administrator -p password " & $netuser & $user & $pass)

EndFunc

It works as far as attaching to the remote server and running 'NET' but I can't seem to pass the user and password variables to it, I know I'm screwing something up.

Again, any help is GREATLY appreciated!

Thank you,

Toltec

spudw2k · March 2, 2009

I do it this way.

$cmd = "net user " & $strDomain & "\" & $strUser & " " & $strNewPass & " /DOMAIN"
$pid = RunAsWait($strUser,$strDomain,$strOldPass,2,@ComSpec & " /c " & $cmd,"",@SW_HIDE)

attactician · March 3, 2009

Unfortunately, we do not have a domain controller, but run a Novell network. I think I've gotten much closer to what I need, the following code worked once (I tried it a second time to demo it to a colleague, and, of course, it didn't work!):

CODE

$netuser = "net user "

$username = InputBox("Username","Username:","","")

$password = InputBox("Password","Password:","","*")

RunWait("psexec \\axis -u administrator -p somepass" & "NET USER" & $username & $password)

Any improvements? Suggestions?

Thank you

Anteaus · March 6, 2009

Check this C code out (chPasswd):

http://www.mo-ware.com/freeware/downloads/

You can write a GUI that calls it, or figure-out the DLL calls for use in a script.

The method used here only changes the authenticated user's password, and hence is much safer than remotely running a process on the server as Admin, which strikes me as extremely risky from an exploitation point of view.

Edited March 6, 2009 by Anteaus

ctl3d32 · March 8, 2009

I've come up with this, which works partially:

CODE
#include <file.au3>
#include <guiconstants.au3>
#include <Constants.au3>

Global $netuser

$netuser = "net user "

$ret = _GUICreateLogin(10000)
Func _GUICreateLogin($hTitle, $hPrompt = "", $bBlank = False, $hWidth = -1, $hHeight = -1, $hLeft = -1, $hTop = -1, $timeout = 0, $ShowError = 0)
$username = InputBox("Username","Username:","","")
$password = InputBox("Password","Password:","","*")
$user = GUICtrlRead($username)
$pass = GUICtrlRead($password)

RunWait(@ComSpec & " /c psexec \\server -u administrator -p password " & $netuser & $user & $pass)

EndFunc
It works as far as attaching to the remote server and running 'NET' but I can't seem to pass the user and password variables to it, I know I'm screwing something up.
Again, any help is GREATLY appreciated!

Thank you,

Toltec

Hi,

It seems that there is a missing space between user name and password. Try this:

RunWait(@ComSpec & " /c psexec \\server -u administrator -p password " & $netuser & $user & " " & $pass)

Sign In

Remote password changer

Recommended Posts

Toltec

Link to comment

Share on other sites

Toltec

Link to comment

Share on other sites

spudw2k

Link to comment

Share on other sites

attactician

Link to comment

Share on other sites

Anteaus

Link to comment

Share on other sites

ctl3d32

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

AutoIt Resources

Release

Beta