This little chunk exploits the win32api extensions. Allows you to validate a user on a NT domain.
By : geekmug
<?
//Copyright 2002 Scott Dial
//scott@scottdial.com
//
//This code is free to modify, use, abuse, or whatever you like. It'd be interesting though to hear what you are using it for, so shoot me an email if you use this snippet.
//These values are pulled straight from winbase.h from the platform sdk
define("LOGON32_LOGON_INTERACTIVE", 2);
define("LOGON32_LOGON_NETWORK", 3);
define("LOGON32_LOGON_BATCH", 4);
define("LOGON32_LOGON_SERVICE", 5);
define("LOGON32_PROVIDER_DEFAULT", 0);
define("LOGON32_PROVIDER_WINNT35", 1);
define("LOGON32_PROVIDER_WINNT40", 2);
define("LOGON32_PROVIDER_WINNT50", 3);
//These aren't actually in winbase.h but are accurate
define("LOGON32_DOMAIN_LOCAL", ".");
define("LOGON32_DOMAIN_ALL", 0);
if(!extension_loaded('win32api')) {
if (!dl('win32api')) {
die("Couldn't load win32api!");
}
}
function NT_Validate_User($user, $domain, $pass)
{
w32api_register_function("kernel32.dll", "LocalAlloc", "long");
w32api_register_function("kernel32.dll", "LocalFree", "long");
w32api_register_function("kernel32.dll", "CloseHandle", "bool");
w32api_register_function("advapi32.dll", "LogonUserA", "bool");
$cleanup = w32api_register_function("deref.dll", "deref", "long");
$pHandle = LocalAlloc(0, 4); //Pointer to a HANDLE
$test = LogonUserA($user,
$domain,
$pass,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
$pHandle);
if($test != 0)
{
if($cleanup)
{
$handle = deref($pHandle);
CloseHandle($handle);
}
LocalFree($pHandle);
return 1;
} else {
return 0;
}
}
?>
deref.dll is the following C:
__declspec(dllexport) void *deref(void **a)
{
return *a;
}
http://scottdial.com/deref.dll
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More User Management Code Articles
More By Codewalkers
developerWorks - FREE Tools! |
You'll get answers to many questions and more from David Barnes, Lead Evangelist for IBM Emerging Internet Technologies. David will discuss aspects of Web 2.0 that bring value to corporations, academia, and government. He'll also discuss IBM's vision around Web 2.0, including the importance of remixability and consumability. The discussion will culminate with examples of various IBM Software Group solutions you can use to get ahead of the Web 2.0 adoption curve. FREE! Go There Now!
|
|
|
|
Poor Requirements Management capabilities in an Enterprise have been linked to excessive project failures, escalating IT costs, and failure to deliver competitive advantage into the marketplace. Join Brianna M Smith from IBM Rational and learn about how successful organizations align IT and Business stakeholders through collaborative processes and tools for effective requirements management, and how an integrated approach across the IT lifecycle can provide unparalleled visibility and traceability to ensure that project teams are delivering on the business vision by "doing the right things" and "doing things right." FREE! Go There Now!
|
|
|
|
Learn how you can extend modern application lifecycle management to IBM System z through the IBM Rational Software Delivery Platform (SDP). The Did you say mainframe? e-kit includes podcasts, webcasts, tutorials, white and red papers, demos, and articles designed to help ease the challenges of modernizing your enterprise. This complimentary kit for mainframe developers is a practical, how-to guide for making the most of an existing development environment, including the skills and infrastructure already in place at an established enterprise. FREE! Go There Now!
|
|
|
|
WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies. FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial of the latest release of IBM Lotus Sametime Standard V8.0. Lotus Sametime Standard V8.0 is a platform for unified communications and collaboration that combines security features with an extensible, open solution including integrated Voice over IP, geographic location awareness, mobile clients, and a robust Business Partner community offering telephony and video integration. FREE! Go There Now!
|
|
|
|
Analysts, architects, and developers who have existing COBOL or PL/I skills and want to extend those skills to deploy new workloads on the mainframe can use the IBM Enterprise Modernization Sandbox for System z to find hands-on walkthroughs of common real world scenarios. The scenarios provide examples of how to rapidly design, create, assemble, test, and deploy high-quality Web, Web services, portal, and SOA applications for IBM CICS, IBM IMS, and IBM WebSphere Application Server. FREE! Go There Now!
|
|
|
|
Get a free trial download of the latest version of IBM Rational Performance Tester V7.0.1, a load and performance testing solution for teams concerned about the scalability of their Web-based applications. Combining multiple ease-of-use features with granular detail, Rational Performance Tester simplifies the test-creation, load-generation and data-collection processes that help teams ensure the ability of their applications to accommodate required user loads. FREE! Go There Now!
|
|
|
|
The Eclipse community is constantly working to extend Eclipse's functionality. In this webcast, learn about some of the most important and feature-rich projects under development. From multi-language support to plug-in development, tune in to see what Eclipse is capable of now. FREE! Go There Now!
|
|
|
|
Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable. FREE! Go There Now!
|
|
|
|
The unprecedented scope of a service-oriented architecture (SOA) initiative brings to the forefront a number of management and governance issues that were sidestepped in the past. The key to a successful SOA implementation is managing and governing activities throughout the entire SOA delivery lifecycle by ensuring that services conform to the needs of all of the business’s stakeholders. Learn how service lifecycle management allows the business to ensure that the process by which services are defined, created, tested, deployed, optimized and retired is manageable, repeatable and auditable. FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools! |