Repository: rvazarkar/GMSAPasswordReader
Branch: master
Commit: f8406f8f1294
Files: 16
Total size: 51.9 KB
Directory structure:
gitextract_ibsj4e_f/
├── .gitignore
├── Extensions.cs
├── FodyWeavers.xml
├── FodyWeavers.xsd
├── GMSA.cs
├── GMSAPasswordReader.csproj
├── GMSAPasswordReader.sln
├── GMSAReader.cs
├── Interop.cs
├── LICENSE
├── MsDsManagedPassword.cs
├── Options.cs
├── Properties/
│ └── AssemblyInfo.cs
├── README.md
├── app.config
└── packages.config
================================================
FILE CONTENTS
================================================
================================================
FILE: .gitignore
================================================
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.rsuser
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Mono auto generated files
mono_crash.*
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
[Ll]ogs/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUnit
*.VisualState.xml
TestResult.xml
nunit-*.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_h.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*_wpftmp.csproj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
$tf/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# NuGet Symbol Packages
*.snupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# Uncomment if necessary however generally it will be regenerated when needed
#!**/[Pp]ackages/repositories.config
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
*.appxbundle
*.appxupload
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!?*.[Cc]ache/
# Others
ClientBin/
~$*
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
# Since there are multiple workflows, uncomment next line to ignore bower_components
# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
#bower_components/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
*- [Bb]ackup.rdl
*- [Bb]ackup ([0-9]).rdl
*- [Bb]ackup ([0-9][0-9]).rdl
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# CodeRush personal settings
.cr/personal
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Cake - Uncomment if you are using it
# tools/**
# !tools/packages.config
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/
# Local History for Visual Studio
.localhistory/
# BeatPulse healthcheck temp database
healthchecksdb
# Backup folder for Package Reference Convert tool in Visual Studio 2017
MigrationBackup/
# Ionide (cross platform F# VS Code tools) working folder
.ionide/
================================================
FILE: Extensions.cs
================================================
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.DirectoryServices.Protocols;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using System.Runtime.InteropServices;
namespace GMSAPasswordReader
{
internal static class Extensions
{
public static byte[] GetPropertyAsBytes(this SearchResultEntry searchResultEntry, string property)
{
if (!searchResultEntry.Attributes.Contains(property))
return null;
var collection = searchResultEntry.Attributes[property];
var lookups = collection.GetValues(typeof(byte[]));
if (lookups.Length == 0)
return null;
if (!(lookups[0] is byte[] bytes) || bytes.Length == 0)
return null;
return bytes;
}
public static string GetProperty(this SearchResultEntry searchResultEntry, string property)
{
if (!searchResultEntry.Attributes.Contains(property))
return null;
var collection = searchResultEntry.Attributes[property];
var lookups = collection.GetValues(typeof(string));
if (lookups.Length == 0)
return null;
if (!(lookups[0] is string prop) || prop.Length == 0)
return null;
return prop;
}
/// <summary>
/// Taken from https://github.com/GhostPack/Rubeus/blob/master/Rubeus/lib/Crypto.cs#L50
/// </summary>
/// <param name="password"></param>
/// <param name="userName"></param>
/// <param name="domainName"></param>
public static void ComputeAllKerberosPasswordHashes(string password, string userName = "", string domainName = "")
{
// use KerberosPasswordHash() to calculate rc4_hmac, aes128_cts_hmac_sha1, aes256_cts_hmac_sha1, and des_cbc_md5 hashes for a given password
if (string.IsNullOrEmpty(password))
{
return;
}
var salt = $"{domainName.ToUpper()}{userName}";
if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(domainName))
{
Console.WriteLine("[*] Input username : {0}", userName);
Console.WriteLine("[*] Input domain : {0}", domainName);
Console.WriteLine("[*] Salt : {0}", salt);
}
var rc4Hash = KerberosPasswordHash(Interop.KERB_ETYPE.rc4_hmac, password);
Console.WriteLine("[*] rc4_hmac : {0}", rc4Hash);
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(domainName))
{
Console.WriteLine("\r\n[!] /user:X and /domain:Y need to be supplied to calculate AES and DES hash types!");
}
else
{
var aes128Hash = KerberosPasswordHash(Interop.KERB_ETYPE.aes128_cts_hmac_sha1, password, salt);
Console.WriteLine("[*] aes128_cts_hmac_sha1 : {0}", aes128Hash);
var aes256Hash = KerberosPasswordHash(Interop.KERB_ETYPE.aes256_cts_hmac_sha1, password, salt);
Console.WriteLine("[*] aes256_cts_hmac_sha1 : {0}", aes256Hash);
var desHash = KerberosPasswordHash(Interop.KERB_ETYPE.des_cbc_md5, $"{password}{salt}", salt);
Console.WriteLine("[*] des_cbc_md5 : {0}", desHash);
}
Console.WriteLine();
}
/// <summary>
/// Taken from https://github.com/GhostPack/Rubeus/blob/master/Rubeus/lib/Crypto.cs#L50
/// </summary>
/// <param name="etype"></param>
/// <param name="password"></param>
/// <param name="salt"></param>
/// <param name="count"></param>
/// <returns></returns>
public static string KerberosPasswordHash(Interop.KERB_ETYPE etype, string password, string salt = "", int count = 4096)
{
// use the internal KERB_ECRYPT HashPassword() function to calculate a password hash of a given etype
// adapted from @gentilkiwi's Mimikatz "kerberos::hash" implementation
Interop.KERB_ECRYPT pCSystem;
IntPtr pCSystemPtr;
// locate the crypto system for the hash type we want
int status = Interop.CDLocateCSystem(etype, out pCSystemPtr);
pCSystem = (Interop.KERB_ECRYPT)System.Runtime.InteropServices.Marshal.PtrToStructure(pCSystemPtr, typeof(Interop.KERB_ECRYPT));
if (status != 0)
throw new System.ComponentModel.Win32Exception(status, "Error on CDLocateCSystem");
// get the delegate for the password hash function
Interop.KERB_ECRYPT_HashPassword pCSystemHashPassword = (Interop.KERB_ECRYPT_HashPassword)System.Runtime.InteropServices.Marshal.GetDelegateForFunctionPointer(pCSystem.HashPassword, typeof(Interop.KERB_ECRYPT_HashPassword));
Interop.UNICODE_STRING passwordUnicode = new Interop.UNICODE_STRING(password);
Interop.UNICODE_STRING saltUnicode = new Interop.UNICODE_STRING(salt);
byte[] output = new byte[pCSystem.KeySize];
int success = pCSystemHashPassword(passwordUnicode, saltUnicode, count, output);
if (status != 0)
throw new Win32Exception(status);
return System.BitConverter.ToString(output).Replace("-", "");
}
}
}
================================================
FILE: FodyWeavers.xml
================================================
<Weavers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="FodyWeavers.xsd">
<Costura />
</Weavers>
================================================
FILE: FodyWeavers.xsd
================================================
<?xml version="1.0" encoding="utf-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
<!-- This file was generated by Fody. Manual changes to this file will be lost when your project is rebuilt. -->
<xs:element name="Weavers">
<xs:complexType>
<xs:all>
<xs:element name="Costura" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:all>
<xs:element minOccurs="0" maxOccurs="1" name="ExcludeAssemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with line breaks</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element minOccurs="0" maxOccurs="1" name="IncludeAssemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with line breaks.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element minOccurs="0" maxOccurs="1" name="Unmanaged32Assemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with line breaks.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element minOccurs="0" maxOccurs="1" name="Unmanaged64Assemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with line breaks.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element minOccurs="0" maxOccurs="1" name="PreloadOrder" type="xs:string">
<xs:annotation>
<xs:documentation>The order of preloaded assemblies, delimited with line breaks.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:all>
<xs:attribute name="CreateTemporaryAssemblies" type="xs:boolean">
<xs:annotation>
<xs:documentation>This will copy embedded files to disk before loading them into memory. This is helpful for some scenarios that expected an assembly to be loaded from a physical file.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="IncludeDebugSymbols" type="xs:boolean">
<xs:annotation>
<xs:documentation>Controls if .pdbs for reference assemblies are also embedded.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="DisableCompression" type="xs:boolean">
<xs:annotation>
<xs:documentation>Embedded assemblies are compressed by default, and uncompressed when they are loaded. You can turn compression off with this option.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="DisableCleanup" type="xs:boolean">
<xs:annotation>
<xs:documentation>As part of Costura, embedded assemblies are no longer included as part of the build. This cleanup can be turned off.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="LoadAtModuleInit" type="xs:boolean">
<xs:annotation>
<xs:documentation>Costura by default will load as part of the module initialization. This flag disables that behavior. Make sure you call CosturaUtility.Initialize() somewhere in your code.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="IgnoreSatelliteAssemblies" type="xs:boolean">
<xs:annotation>
<xs:documentation>Costura will by default use assemblies with a name like 'resources.dll' as a satellite resource and prepend the output path. This flag disables that behavior.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="ExcludeAssemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with |</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="IncludeAssemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with |.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="Unmanaged32Assemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with |.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="Unmanaged64Assemblies" type="xs:string">
<xs:annotation>
<xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with |.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="PreloadOrder" type="xs:string">
<xs:annotation>
<xs:documentation>The order of preloaded assemblies, delimited with |.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
</xs:element>
</xs:all>
<xs:attribute name="VerifyAssembly" type="xs:boolean">
<xs:annotation>
<xs:documentation>'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="VerifyIgnoreCodes" type="xs:string">
<xs:annotation>
<xs:documentation>A comma-separated list of error codes that can be safely ignored in assembly verification.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="GenerateXsd" type="xs:boolean">
<xs:annotation>
<xs:documentation>'false' to turn off automatic generation of the XML Schema file.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
</xs:element>
</xs:schema>
================================================
FILE: GMSA.cs
================================================
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace GMSAPasswordReader
{
internal class GMSA
{
public string AccountName { get; set; }
public string DomainName { get; set; }
public byte[] PasswordBlob { get; set; }
}
}
================================================
FILE: GMSAPasswordReader.csproj
================================================
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="packages\Costura.Fody.4.1.0\build\Costura.Fody.props" Condition="Exists('packages\Costura.Fody.4.1.0\build\Costura.Fody.props')" />
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{C8112750-972D-4EFA-A75B-DA9B8A4533C7}</ProjectGuid>
<OutputType>Exe</OutputType>
<RootNamespace>GMSAPasswordReader</RootNamespace>
<AssemblyName>GMSAPasswordReader</AssemblyName>
<TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<Deterministic>true</Deterministic>
<TargetFrameworkProfile />
<NuGetPackageImportStamp>
</NuGetPackageImportStamp>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
<Prefer32Bit>false</Prefer32Bit>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
<Prefer32Bit>false</Prefer32Bit>
</PropertyGroup>
<ItemGroup>
<Reference Include="CommandLine, Version=2.7.82.0, Culture=neutral, PublicKeyToken=5a870481e358d379, processorArchitecture=MSIL">
<HintPath>packages\CommandLineParser.2.7.82\lib\net45\CommandLine.dll</HintPath>
</Reference>
<Reference Include="Costura, Version=4.1.0.0, Culture=neutral, PublicKeyToken=9919ef960d84173d, processorArchitecture=MSIL">
<HintPath>packages\Costura.Fody.4.1.0\lib\net40\Costura.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.DirectoryServices.Protocols" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="System.Data" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="GMSA.cs" />
<Compile Include="GMSAReader.cs" />
<Compile Include="Interop.cs" />
<Compile Include="MsDsManagedPassword.cs" />
<Compile Include="Options.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="Extensions.cs" />
</ItemGroup>
<ItemGroup>
<None Include="app.config" />
<None Include="packages.config" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<Import Project="packages\Fody.6.0.0\build\Fody.targets" Condition="Exists('packages\Fody.6.0.0\build\Fody.targets')" />
<Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
<PropertyGroup>
<ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
</PropertyGroup>
<Error Condition="!Exists('packages\Fody.6.0.0\build\Fody.targets')" Text="$([System.String]::Format('$(ErrorText)', 'packages\Fody.6.0.0\build\Fody.targets'))" />
<Error Condition="!Exists('packages\Costura.Fody.4.1.0\build\Costura.Fody.props')" Text="$([System.String]::Format('$(ErrorText)', 'packages\Costura.Fody.4.1.0\build\Costura.Fody.props'))" />
</Target>
</Project>
================================================
FILE: GMSAPasswordReader.sln
================================================
Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.29503.13
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "GMSAPasswordReader", "GMSAPasswordReader.csproj", "{C8112750-972D-4EFA-A75B-DA9B8A4533C7}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{C8112750-972D-4EFA-A75B-DA9B8A4533C7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{C8112750-972D-4EFA-A75B-DA9B8A4533C7}.Debug|Any CPU.Build.0 = Debug|Any CPU
{C8112750-972D-4EFA-A75B-DA9B8A4533C7}.Release|Any CPU.ActiveCfg = Release|Any CPU
{C8112750-972D-4EFA-A75B-DA9B8A4533C7}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {07D1ED5C-C5DB-433F-BFBE-28D0C12AC4DD}
EndGlobalSection
EndGlobal
================================================
FILE: GMSAReader.cs
================================================
using System;
using System.Collections.Generic;
using System.DirectoryServices.Protocols;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Runtime.Remoting.Messaging;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading;
using CommandLine;
namespace GMSAPasswordReader
{
internal class GMSAReader
{
private static readonly Regex DCReplaceRegex = new Regex("DC=", RegexOptions.IgnoreCase | RegexOptions.Compiled);
static void Main(string[] args)
{
Options options = null;
var parser = new Parser(with =>
{
with.CaseSensitive = false;
with.HelpWriter = Console.Error;
});
parser.ParseArguments<Options>(args)
.WithParsed<Options>(o => { options = o; });
parser.Dispose();
if (options == null)
return;
string domainName = null, target = null;
if (options.DomainName == null)
{
domainName = GetDomainName(options.DomainName);
}
else
{
domainName = options.DomainName;
}
target = options.DomainController ?? domainName;
domainName = $"DC={domainName.Replace(".", ",DC=")}";
var gmsa = SearchLdap(options.AccountName, domainName, target, options.LdapPort);
if (gmsa == null)
{
Console.WriteLine("Unable to retrieve password blob. Check permissions/account name");
return;
}
var managedPassword = new MsDsManagedPassword(gmsa.PasswordBlob);
if (managedPassword.OldPassword != null)
{
Console.WriteLine("Calculating hashes for Old Value");
Extensions.ComputeAllKerberosPasswordHashes(managedPassword.OldPassword, gmsa.AccountName, gmsa.DomainName);
}
Console.WriteLine("Calculating hashes for Current Value");
Extensions.ComputeAllKerberosPasswordHashes(managedPassword.CurrentPassword, gmsa.AccountName, gmsa.DomainName);
}
private static string CreateNTLMHash(string password)
{
if (password == null)
return null;
var hash = Extensions.KerberosPasswordHash(Interop.KERB_ETYPE.rc4_hmac, password);
return hash;
}
private static string GetDomainName(string domain)
{
var result = DsGetDcName(null, domain, null, null, DSGETDCNAME_FLAGS.DS_DIRECTORY_SERVICE_REQUIRED | DSGETDCNAME_FLAGS.DS_RETURN_DNS_NAME,
out var pDCI);
try
{
if (result == 0)
{
var dci = Marshal.PtrToStructure<DOMAIN_CONTROLLER_INFO>(pDCI);
var domainName = dci.DomainName;
return domainName;
}
else
{
return Environment.UserDomainName;
}
}
finally
{
if (pDCI != IntPtr.Zero)
NetApiBufferFree(pDCI);
}
}
private static string ConvertDNToDomain(string distinguishedName)
{
var temp = distinguishedName.Substring(distinguishedName.IndexOf("DC=",
StringComparison.CurrentCultureIgnoreCase));
temp = DCReplaceRegex.Replace(temp, "").Replace(",", ".").ToUpper();
return temp;
}
private static GMSA SearchLdap(string accountName, string domainName, string target, int port)
{
var identifier = new LdapDirectoryIdentifier(target, port, false, false);
var connection = new LdapConnection(identifier) {AuthType = AuthType.Negotiate};
var cso = connection.SessionOptions;
//Necessary to get password blobs back
cso.Signing = true;
cso.Sealing = true;
cso.RootDseCache = true;
var filter = $"(&(|(sAMAccountName={accountName}$)(sAMAccountName={accountName}))(msds-groupmsamembership=*))";
var searchRequest = new SearchRequest(domainName, filter, SearchScope.Subtree, "sAMAccountName", "msDS-ManagedPassword");
try
{
var searchResponse = (SearchResponse)connection.SendRequest(searchRequest);
var entries = searchResponse?.Entries;
if (entries == null || entries.Count == 0)
{
Console.WriteLine("GMSA Account Not Found!");
return null;
}
foreach (SearchResultEntry entry in searchResponse.Entries)
{
var passwordBlob = entry.GetPropertyAsBytes("msDS-ManagedPassword");
if (passwordBlob != null)
{
var newDomainName = ConvertDNToDomain(entry.DistinguishedName);
var newAccountName = entry.GetProperty("samaccountname");
return new GMSA
{
AccountName = newAccountName,
DomainName = newDomainName,
PasswordBlob = passwordBlob
};
}
}
//We didn't get a password blob
Console.WriteLine("Unable to get a password blob, maybe not enough permissions?");
return null;
}
finally
{
connection.Dispose();
}
}
[DllImport("Netapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
static extern int DsGetDcName
(
[MarshalAs(UnmanagedType.LPTStr)]
string ComputerName,
[MarshalAs(UnmanagedType.LPTStr)]
string DomainName,
[In] GuidClass DomainGuid,
[MarshalAs(UnmanagedType.LPTStr)]
string SiteName,
DSGETDCNAME_FLAGS Flags,
out IntPtr pDOMAIN_CONTROLLER_INFO
);
[StructLayout(LayoutKind.Sequential)]
public class GuidClass
{
public Guid TheGuid;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
struct DOMAIN_CONTROLLER_INFO
{
[MarshalAs(UnmanagedType.LPTStr)]
public string DomainControllerName;
[MarshalAs(UnmanagedType.LPTStr)]
public string DomainControllerAddress;
public uint DomainControllerAddressType;
public Guid DomainGuid;
[MarshalAs(UnmanagedType.LPTStr)]
public string DomainName;
[MarshalAs(UnmanagedType.LPTStr)]
public string DnsForestName;
public uint Flags;
[MarshalAs(UnmanagedType.LPTStr)]
public string DcSiteName;
[MarshalAs(UnmanagedType.LPTStr)]
public string ClientSiteName;
}
[Flags]
public enum DSGETDCNAME_FLAGS : uint
{
DS_FORCE_REDISCOVERY = 0x00000001,
DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010,
DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020,
DS_GC_SERVER_REQUIRED = 0x00000040,
DS_PDC_REQUIRED = 0x00000080,
DS_BACKGROUND_ONLY = 0x00000100,
DS_IP_REQUIRED = 0x00000200,
DS_KDC_REQUIRED = 0x00000400,
DS_TIMESERV_REQUIRED = 0x00000800,
DS_WRITABLE_REQUIRED = 0x00001000,
DS_GOOD_TIMESERV_PREFERRED = 0x00002000,
DS_AVOID_SELF = 0x00004000,
DS_ONLY_LDAP_NEEDED = 0x00008000,
DS_IS_FLAT_NAME = 0x00010000,
DS_IS_DNS_NAME = 0x00020000,
DS_RETURN_DNS_NAME = 0x40000000,
DS_RETURN_FLAT_NAME = 0x80000000
}
[DllImport("Netapi32.dll", SetLastError = true)]
static extern int NetApiBufferFree(IntPtr Buffer);
}
}
================================================
FILE: Interop.cs
================================================
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading.Tasks;
namespace GMSAPasswordReader
{
/// <summary>
/// Taken and stripped from https://github.com/GhostPack/Rubeus/blob/master/Rubeus/lib/Interop.cs
/// </summary>
public class Interop
{
// constants
// Enums
// from https://tools.ietf.org/html/rfc3961
public enum KERB_ETYPE : UInt32
{
des_cbc_crc = 1,
des_cbc_md4 = 2,
des_cbc_md5 = 3,
des3_cbc_md5 = 5,
des3_cbc_sha1 = 7,
dsaWithSHA1_CmsOID = 9,
md5WithRSAEncryption_CmsOID = 10,
sha1WithRSAEncryption_CmsOID = 11,
rc2CBC_EnvOID = 12,
rsaEncryption_EnvOID = 13,
rsaES_OAEP_ENV_OID = 14,
des_ede3_cbc_Env_OID = 15,
des3_cbc_sha1_kd = 16,
aes128_cts_hmac_sha1 = 17,
aes256_cts_hmac_sha1 = 18,
rc4_hmac = 23,
rc4_hmac_exp = 24,
subkey_keymaterial = 65
}
// structs
// From Vincent LE TOUX' "MakeMeEnterpriseAdmin"
// https://github.com/vletoux/MakeMeEnterpriseAdmin/blob/master/MakeMeEnterpriseAdmin.ps1#L1773-L1794
[StructLayout(LayoutKind.Sequential)]
public struct KERB_ECRYPT
{
int Type0;
public int BlockSize;
int Type1;
public int KeySize;
public int Size;
int unk2;
int unk3;
public IntPtr AlgName;
public IntPtr Initialize;
public IntPtr Encrypt;
public IntPtr Decrypt;
public IntPtr Finish;
public IntPtr HashPassword;
IntPtr RandomKey;
IntPtr Control;
IntPtr unk0_null;
IntPtr unk1_null;
IntPtr unk2_null;
}
[StructLayout(LayoutKind.Sequential)]
public struct UNICODE_STRING : IDisposable
{
public ushort Length;
public ushort MaximumLength;
public IntPtr buffer;
public UNICODE_STRING(string s)
{
Length = (ushort)(s.Length * 2);
MaximumLength = (ushort)(Length + 2);
buffer = Marshal.StringToHGlobalUni(s);
}
public void Dispose()
{
Marshal.FreeHGlobal(buffer);
buffer = IntPtr.Zero;
}
public override string ToString()
{
return Marshal.PtrToStringUni(buffer);
}
}
// functions
// Adapted from Vincent LE TOUX' "MakeMeEnterpriseAdmin"
[DllImport("cryptdll.Dll", CharSet = CharSet.Auto, SetLastError = false)]
public static extern int CDLocateCSystem(KERB_ETYPE type, out IntPtr pCheckSum);
public delegate int KERB_ECRYPT_HashPassword(UNICODE_STRING Password, UNICODE_STRING Salt, int count, byte[] output);
}
}
================================================
FILE: LICENSE
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================
FILE: MsDsManagedPassword.cs
================================================
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace GMSAPasswordReader
{
/// <summary>
/// Adapted entirely from Mark Gamache's script found here: https://github.com/markgamache/gMSA/blob/master/PSgMSAPwd
/// All the hard work and credit goes to him
/// </summary>
internal class MsDsManagedPassword
{
internal short Version { get; set; }
internal string CurrentPassword { get; set; }
internal string OldPassword { get; set; }
internal DateTime NextQueryTime { get; set; }
internal DateTime PasswordGoodUntil { get; set; }
internal MsDsManagedPassword(byte[] blob)
{
using (var stream = new MemoryStream(blob))
{
using (var reader = new BinaryReader(stream))
{
Version = reader.ReadInt16();
reader.ReadInt16();
var length = reader.ReadInt32();
if (length != blob.Length)
{
throw new Exception("Missized blob");
}
var curPwdOffset = reader.ReadInt16();
CurrentPassword = GetUnicodeString(blob, curPwdOffset);
var oldPwdOffset = reader.ReadInt16();
if (oldPwdOffset > 0)
{
OldPassword = GetUnicodeString(blob, oldPwdOffset);
}
var queryPasswordIntervalOffset = reader.ReadInt16();
var queryPasswordIntervalTicks = BitConverter.ToInt64(blob, queryPasswordIntervalOffset);
NextQueryTime = DateTime.Now + TimeSpan.FromTicks(queryPasswordIntervalTicks);
var unchangedPasswordIntervalOffset = reader.ReadInt16();
var unchangedPasswordIntervalTicks = BitConverter.ToInt64(blob, unchangedPasswordIntervalOffset);
PasswordGoodUntil = DateTime.Now + TimeSpan.FromTicks(unchangedPasswordIntervalTicks);
}
}
}
private string GetUnicodeString(byte[] blob, int index)
{
var stOut = "";
for (var i = index; i < blob.Length; i += 2)
{
var ch = BitConverter.ToChar(blob, i);
if (ch == char.MinValue)
{
//found the end . A null-terminated WCHAR string
return stOut;
}
stOut += ch;
}
return null;
}
}
}
================================================
FILE: Options.cs
================================================
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using CommandLine;
using CommandLine.Text;
namespace GMSAPasswordReader
{
internal class Options
{
[Option(Default = null, HelpText = "Domain name the account belongs too.")]
public string DomainName { get; set; }
[Option(Default = null, HelpText = "Hostname of a domain controller to query from")]
public string DomainController { get; set; }
[Option(Default = 389, HelpText = "Override port used to connect to LDAP")]
public int LdapPort { get; set; }
[Option(Required = true, HelpText = "Account Name of the GMSA")]
public string AccountName { get; set; }
[Usage(ApplicationAlias = "GMSAPasswordReader")]
public static IEnumerable<Example> Examples =>
new List<Example>
{
new Example("Retrieve password for the account jkohler in your current domain", new Options{ AccountName = "jkohler"}),
new Example("Retrieve password for the account arobbins in the domain testlab", new Options
{
AccountName = "arobbins",
DomainName = "testlab.local"
})
};
}
}
================================================
FILE: Properties/AssemblyInfo.cs
================================================
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[assembly: AssemblyTitle("GMSAPasswordReader")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("GMSAPasswordReader")]
[assembly: AssemblyCopyright("Copyright © 2020")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]
// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("c8112750-972d-4efa-a75b-da9b8a4533c7")]
// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]
================================================
FILE: README.md
================================================
# GMSAPasswordReader
## Description
Reads the password blob from a GMSA account using LDAP, and parses the values into hashes for re-use.
## Compiling
Clone this project and build using Visual Studio.
## Usage
./GMSAPasswordReader --AccountName jkohler
## Previous Work and Acknowledgements
Huge thanks to [Mark Gamache](https://github.com/markgamache) for the basis of this program and doing all the hard work of figuring out the structures.
Big thanks to [Will Schroeder](https://twitter.com/harmj0y?lang=en) and [Benjamin Delpy](https://twitter.com/gentilkiwi) for the code used to generate hashes.
================================================
FILE: app.config
================================================
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/></startup></configuration>
================================================
FILE: packages.config
================================================
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="CommandLineParser" version="2.7.82" targetFramework="net452" />
<package id="Costura.Fody" version="4.1.0" targetFramework="net452" />
<package id="Fody" version="6.0.0" targetFramework="net452" developmentDependency="true" />
</packages>
gitextract_ibsj4e_f/ ├── .gitignore ├── Extensions.cs ├── FodyWeavers.xml ├── FodyWeavers.xsd ├── GMSA.cs ├── GMSAPasswordReader.csproj ├── GMSAPasswordReader.sln ├── GMSAReader.cs ├── Interop.cs ├── LICENSE ├── MsDsManagedPassword.cs ├── Options.cs ├── Properties/ │ └── AssemblyInfo.cs ├── README.md ├── app.config └── packages.config
SYMBOL INDEX (29 symbols across 6 files)
FILE: Extensions.cs
class Extensions (line 14) | internal static class Extensions
method GetPropertyAsBytes (line 16) | public static byte[] GetPropertyAsBytes(this SearchResultEntry searchR...
method GetProperty (line 32) | public static string GetProperty(this SearchResultEntry searchResultEn...
method ComputeAllKerberosPasswordHashes (line 54) | public static void ComputeAllKerberosPasswordHashes(string password, s...
method KerberosPasswordHash (line 102) | public static string KerberosPasswordHash(Interop.KERB_ETYPE etype, st...
FILE: GMSA.cs
class GMSA (line 9) | internal class GMSA
FILE: GMSAReader.cs
class GMSAReader (line 16) | internal class GMSAReader
method Main (line 20) | static void Main(string[] args)
method CreateNTLMHash (line 75) | private static string CreateNTLMHash(string password)
method GetDomainName (line 84) | private static string GetDomainName(string domain)
method ConvertDNToDomain (line 110) | private static string ConvertDNToDomain(string distinguishedName)
method SearchLdap (line 118) | private static GMSA SearchLdap(string accountName, string domainName, ...
method DsGetDcName (line 170) | [DllImport("Netapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
class GuidClass (line 184) | [StructLayout(LayoutKind.Sequential)]
type DOMAIN_CONTROLLER_INFO (line 190) | [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
type DSGETDCNAME_FLAGS (line 211) | [Flags]
method NetApiBufferFree (line 233) | [DllImport("Netapi32.dll", SetLastError = true)]
FILE: Interop.cs
class Interop (line 13) | public class Interop
type KERB_ETYPE (line 20) | public enum KERB_ETYPE : UInt32
type KERB_ECRYPT (line 45) | [StructLayout(LayoutKind.Sequential)]
type UNICODE_STRING (line 68) | [StructLayout(LayoutKind.Sequential)]
method UNICODE_STRING (line 75) | public UNICODE_STRING(string s)
method Dispose (line 82) | public void Dispose()
method ToString (line 88) | public override string ToString()
method CDLocateCSystem (line 97) | [DllImport("cryptdll.Dll", CharSet = CharSet.Auto, SetLastError = false)]
FILE: MsDsManagedPassword.cs
class MsDsManagedPassword (line 15) | internal class MsDsManagedPassword
method MsDsManagedPassword (line 23) | internal MsDsManagedPassword(byte[] blob)
method GetUnicodeString (line 59) | private string GetUnicodeString(byte[] blob, int index)
FILE: Options.cs
class Options (line 11) | internal class Options
Condensed preview — 16 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (56K chars).
[
{
"path": ".gitignore",
"chars": 6002,
"preview": "## Ignore Visual Studio temporary files, build results, and\n## files generated by popular Visual Studio add-ons.\n##\n## G"
},
{
"path": "Extensions.cs",
"chars": 5617,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.ComponentModel;\nusing System.DirectoryServices.Protocols;\n"
},
{
"path": "FodyWeavers.xml",
"chars": 137,
"preview": "<Weavers xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:noNamespaceSchemaLocation=\"FodyWeavers.xsd\">\n <Cost"
},
{
"path": "FodyWeavers.xsd",
"chars": 6616,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">\n <!-- This file was gen"
},
{
"path": "GMSA.cs",
"chars": 332,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text;\nusing System.Threading.Tasks;\n\nna"
},
{
"path": "GMSAPasswordReader.csproj",
"chars": 4122,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<Project ToolsVersion=\"15.0\" xmlns=\"http://schemas.microsoft.com/developer/msbui"
},
{
"path": "GMSAPasswordReader.sln",
"chars": 1113,
"preview": "\nMicrosoft Visual Studio Solution File, Format Version 12.00\n# Visual Studio Version 16\nVisualStudioVersion = 16.0.2950"
},
{
"path": "GMSAReader.cs",
"chars": 8219,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.DirectoryServices.Protocols;\nusing System.IO;\nusing System"
},
{
"path": "Interop.cs",
"chars": 3132,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Runtime.InteropServices;\nusing System.T"
},
{
"path": "LICENSE",
"chars": 11357,
"preview": " Apache License\n Version 2.0, January 2004\n "
},
{
"path": "MsDsManagedPassword.cs",
"chars": 2679,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing System.Text;\nusing System.Thr"
},
{
"path": "Options.cs",
"chars": 1308,
"preview": "using System;\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text;\nusing System.Threading.Tasks;\nusi"
},
{
"path": "Properties/AssemblyInfo.cs",
"chars": 1404,
"preview": "using System.Reflection;\nusing System.Runtime.CompilerServices;\nusing System.Runtime.InteropServices;\n\n// General Infor"
},
{
"path": "README.md",
"chars": 607,
"preview": "# GMSAPasswordReader\n\n## Description\n\nReads the password blob from a GMSA account using LDAP, and parses the values into"
},
{
"path": "app.config",
"chars": 160,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<configuration>\n<startup><supportedRuntime version=\"v4.0\" sku=\".NETFramework,Vers"
},
{
"path": "packages.config",
"chars": 308,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<packages>\n <package id=\"CommandLineParser\" version=\"2.7.82\" targetFramework=\"n"
}
]
About this extraction
This page contains the full source code of the rvazarkar/GMSAPasswordReader GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 16 files (51.9 KB), approximately 12.5k tokens, and a symbol index with 29 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.