PowerShell-Misc/credentialTester.ps1 at main · gwillgues/PowerShell-Misc · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# This script takes a filename as an argument containing a list of email addresses and passwords and
# searches active directory for each address to determine if the account exists
# If an account is found, the script attempts to authenticate with the username and password,
# if valid credentials are found, then the username of the account is printed to stdout
#LIST FORMAT: USER@DOMAIN.COM:PASSWORD
#USERNAMES MUST BE IN EMAIL FORMAT
#
#        USAGE: ./credentialTester.ps1 ./file.txt

$filename = $args[0]
$ErrorActionPreference = 'SilentlyContinue'
foreach($line in Get-Content $filename) {

    if($line -match $regex){
        $addr = $line.split('@')


		if(get-aduser $addr[0]) {
			$username = $addr.split('@')[0] #split first half of email (username)
      $password = $line.split(':')[-1] #split last field of line (password)
      $CurrentDomain = "LDAP://" + ([ADSI]"").distinguishedName #grab domain name from currently authenticated account
      $domain = New-Object System.DirectoryServices.DirectoryEntry($CurrentDomain,$username,$password)

             if ($domain.name -eq $null) #bad creds
             {
                #write-host "No Dice"

             }
             else
             {
                #echo "successful authentication"
                echo $username
             }

		}
    }
}