User Authentication from NT Accounts

Codewalker Forums

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

USER MANAGEMENT CODE

RSS

User Authentication from NT Accounts

By: Codewalkers	Search For More Articles! Disclaimer Author Terms
Rating: / 3
2002-06-14

Table of Contents:

SEARCH CODEWALKERS

TOOLS YOU CAN USE

This little chunk exploits the win32api extensions. Allows you to validate a user on a NT domain.

By : geekmug

<?

//Copyright 2002 Scott Dial
//scott@scottdial.com
//
//This code is free to modify, use, abuse, or whatever you like. It'd be interesting though to hear what you are using it for, so shoot me an email if you use this snippet.

//These values are pulled straight from winbase.h from the platform sdk

define("LOGON32_LOGON_INTERACTIVE", 2);
define("LOGON32_LOGON_NETWORK", 3);
define("LOGON32_LOGON_BATCH", 4);
define("LOGON32_LOGON_SERVICE", 5);

define("LOGON32_PROVIDER_DEFAULT", 0);
define("LOGON32_PROVIDER_WINNT35", 1);
define("LOGON32_PROVIDER_WINNT40", 2);
define("LOGON32_PROVIDER_WINNT50", 3);

//These aren't actually in winbase.h but are accurate
define("LOGON32_DOMAIN_LOCAL", ".");
define("LOGON32_DOMAIN_ALL", 0);

if(!extension_loaded('win32api')) {
if (!dl('win32api')) {
die("Couldn't load win32api!");
}
}

function NT_Validate_User($user, $domain, $pass)
{
w32api_register_function("kernel32.dll", "LocalAlloc", "long");
w32api_register_function("kernel32.dll", "LocalFree", "long");
w32api_register_function("kernel32.dll", "CloseHandle", "bool");
w32api_register_function("advapi32.dll", "LogonUserA", "bool");

$cleanup = w32api_register_function("deref.dll", "deref", "long");

$pHandle = LocalAlloc(0, 4); //Pointer to a HANDLE

$test = LogonUserA($user,
$domain,
$pass,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
$pHandle);

if($test != 0)
{
if($cleanup)
{
$handle = deref($pHandle);
CloseHandle($handle);
}
LocalFree($pHandle);
return 1;
} else {
return 0;
}
}

?>

deref.dll is the following C:
__declspec(dllexport) void *deref(void **a)
{
return *a;
}

http://scottdial.com/deref.dll

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More User Management Code Articles
More By Codewalkers

blog comments powered by Disqus

USER MANAGEMENT CODE ARTICLES

- XCRYPT v1.0b
- DB_eSession class stores sessions in a MySQL...
- Ever Changing Dynamic Passcode Code
- phpAutoMembersArea - create own members area
- Azura Signup 2.5
- Azura Signup 2.0
- Azura Signup
- Flexcustomer
- PHP Quicksite 2.0
- PHP Quicksite 1.0
- random string generator (key generator)
- Example Login system
- Simple and Easy Security
- Basic Security
- UMA - User Management and Authentication

Find More User Management Code Articles