|
|
<
C# 验证账号暗码的方法类
前言
日常C#开发过程中朋友们大概会遇到需要验证账号暗码的操纵,本人通过多次验证(踩坑无数),终于找到了一个还算数比较靠谱的方法,现在总结分享给大家,大神们如果有更好的方法请在复兴区告诉我哦! 话不多说 直接上代码
2.类
验证账号类:
- [DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)]
- //读取凭据信息
- static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr);
- [DllImport("Advapi32.dll", EntryPoint = "CredWriteW", CharSet = CharSet.Unicode, SetLastError = true)]
- //增加凭据
- static extern bool CredWrite([In] ref NativeCredential userCredential, [In] UInt32 flags);
- [DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)]
- static extern bool CredFree([In] IntPtr cred);
- [DllImport("Advapi32.dll", EntryPoint = "CredDeleteW", CharSet = CharSet.Unicode)]
- //删除凭据
- static extern bool CredDelete(string target, CRED_TYPE type, int flags);
- [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
- public static extern bool CredEnumerate(string filter, uint flag, out uint count, out IntPtr pCredentials);
- //登陆验证
- [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- static extern bool LogonUser(string username, string domain,
- string password, LogonType logonType,
- LogonProvider logonProvider,
- out IntPtr userToken);
- [DllImport("Advapi32.DLL")]
- static extern bool ImpersonateLoggedOnUser(IntPtr hToken);
Interactive =2 本地交互登录。最常见的登录方式。
Network=3网络登录 - 最常见的是访问网络共享文件夹或打印机。IIS的认证也是Type 3
Batch=4 筹划任务
Service=5 服务
某些服务是用一个域帐号来运行的,出现Failure常见的情况是管理员更改了域帐号暗码,但是忘记重设Service中的帐号暗码。
Unlock=7 排除屏幕锁定
许多公司都有这样的安全设置:当用户离开屏幕一段时间后,屏保程序会锁定计算机屏幕。解开屏幕锁定需要键入用户名和暗码。此时产生的日志类型就是Type 7
NetworkCleartext=8 网络明文登录 – 通常发生在IIS 的 ASP登录。不推荐
NewCredentials=9 新身份登录 – 通常发生在RunAS方式运行某程序时的登录验证。
RemoteInteractive=10 远程登录 – 比如Terminal service或者RDP方式。但是Windows 2000是没有Type10的,用Type 2。WindowsXP/2003起有Type 10
CachedInteractive=11 缓存登录:
- public static class WindowsCredTools
- {
- /// <summary>
- /// 凭据类型
- /// </summary>
- public enum CRED_TYPE : uint
- {
- //普通凭据
- GENERIC = 1,
- //域密码
- DOMAIN_PASSWORD = 2,
- //域证书
- DOMAIN_CERTIFICATE = 3,
- //域可见密码
- DOMAIN_VISIBLE_PASSWORD = 4,
- //一般证书
- GENERIC_CERTIFICATE = 5,
- //域扩展
- DOMAIN_EXTENDED = 6,
- //最大
- MAXIMUM = 7,
- // Maximum supported cred type
- MAXIMUM_EX = (MAXIMUM + 1000), // Allow new applications to run on old OSes
- }
- //永久性
- public enum CRED_PERSIST : uint
- {
- SESSION = 1, //本地计算机
- LOCAL_MACHINE = 2, //企业
- ENTERPRISE = 3,
- }
- public enum LogonType : int
- {
- Interactive = 2,
- Network = 3,
- Batch = 4,
- Service = 5,
- Unlock = 7,
- NetworkCleartText = 8,
- NewCredentials = 9,
- }
- public enum LogonProvider : int
- {
- Default = 0,
- }
- internal class NativeCredMan
- {
- [DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)]
- //读取凭据信息
- static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr);
- [DllImport("Advapi32.dll", EntryPoint = "CredWriteW", CharSet = CharSet.Unicode, SetLastError = true)]
- //增加凭据
- static extern bool CredWrite([In] ref NativeCredential userCredential, [In] UInt32 flags);
- [DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)]
- static extern bool CredFree([In] IntPtr cred);
- [DllImport("Advapi32.dll", EntryPoint = "CredDeleteW", CharSet = CharSet.Unicode)]
- //删除凭据
- static extern bool CredDelete(string target, CRED_TYPE type, int flags);
- [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
- public static extern bool CredEnumerate(string filter, uint flag, out uint count, out IntPtr pCredentials);
- //登陆验证
- [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
- static extern bool LogonUser(string username, string domain,
- string password, LogonType logonType,
- LogonProvider logonProvider,
- out IntPtr userToken);
- [DllImport("Advapi32.DLL")]
- static extern bool ImpersonateLoggedOnUser(IntPtr hToken);
- [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
- private struct NativeCredential
- {
- public UInt32 Flags;
- public CRED_TYPE Type;
- public IntPtr TargetName;
- public IntPtr Comment;
- public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
- public UInt32 CredentialBlobSize;
- public IntPtr CredentialBlob;
- public UInt32 Persist;
- public UInt32 AttributeCount;
- public IntPtr Attributes;
- public IntPtr TargetAlias;
- public IntPtr UserName;
- internal static NativeCredential GetNativeCredential(Credential cred)
- {
- NativeCredential ncred = new NativeCredential();
- ncred.AttributeCount = 0;
- ncred.AttributeCount = 0;
- ncred.Attributes = IntPtr.Zero;
- ncred.Comment = IntPtr.Zero;
- ncred.TargetAlias = IntPtr.Zero;
- ncred.Type = cred.Type;
- ncred.Persist = (UInt32)cred.Persist;
- ncred.CredentialBlobSize = (UInt32)cred.CredentialBlobSize;
- ncred.TargetName = Marshal.StringToCoTaskMemUni(cred.TargetName);
- ncred.CredentialBlob = Marshal.StringToCoTaskMemUni(cred.CredentialBlob);
- ncred.UserName = Marshal.StringToCoTaskMemUni(cred.UserName);
- return ncred;
- }
- }
- [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
- public struct Credential
- {
- public UInt32 Flags;
- public CRED_TYPE Type;
- public string TargetName;
- public string Comment;
- public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
- public UInt32 CredentialBlobSize;
- public string CredentialBlob;
- public CRED_PERSIST Persist;
- public UInt32 AttributeCount;
- public IntPtr Attributes;
- public string TargetAlias;
- public string UserName;
- }
- /// <summary>
- /// 向添加计算机的凭据管理其中添加凭据
- /// </summary>
- /// <param name="key">internet地址或者网络地址</param>
- /// <param name="userName">用户名</param>
- /// <param name="secret">密码</param>
- /// <param name="type">密码类型</param>
- /// <param name="credPersist"></param>
- /// <returns></returns>
- public static int WriteCred(string key, string userName, string secret, CRED_TYPE type, CRED_PERSIST credPersist)
- {
- byte[] byteArray = Encoding.Unicode.GetBytes(secret);
- if (byteArray.Length > 512)
- throw new ArgumentOutOfRangeException("The secret message has exceeded 512 bytes.");
- Credential cred = new Credential();
- cred.TargetName = key;
- cred.CredentialBlob = secret;
- cred.CredentialBlobSize = (UInt32)Encoding.Unicode.GetBytes(secret).Length;
- cred.AttributeCount = 0;
- cred.Attributes = IntPtr.Zero;
- cred.UserName = userName;
- cred.Comment = null;
- cred.TargetAlias = null;
- cred.Type = type;
- cred.Persist = credPersist;
- NativeCredential ncred = NativeCredential.GetNativeCredential(cred);
- bool written = CredWrite(ref ncred, 0);
- int lastError = Marshal.GetLastWin32Error();
- if (written)
- {
- return 0;
- }
- string message = string.Empty;
- if (lastError == 1312)
- {
- message = (string.Format(String.Format("Failed to save {0} with error code {{0}}.", key), lastError)
- + " This error typically occurrs on home editions of Windows XP and Vista. Verify the version of Windows is Pro/Business or higher.");
- }
- else
- {
- message = string.Format(String.Format("Failed to save {0} with error code {{0}}.", key), lastError);
- }
- return 1;
- }
- /// <summary>
- /// 读取凭据
- /// </summary>
- /// <param name="targetName"></param>
- /// <param name="credType"></param>
- /// <param name="reservedFlag"></param>
- /// <param name="intPtr"></param>
- /// <returns></returns>
- public static bool WReadCred(string targetName, CRED_TYPE credType, int reservedFlag, out IntPtr intPtr)
- {
- bool flag = CredRead(targetName, CRED_TYPE.DOMAIN_PASSWORD, reservedFlag, out intPtr);
- return flag;
- }
- /// <summary>
- /// 删除凭据
- /// </summary>
- /// <param name="target"></param>
- /// <param name="type"></param>
- /// <param name="flags"></param>
- /// <returns></returns>
- public static bool DeleteCred(string target, CRED_TYPE type, int flags)
- {
- return CredDelete(target, type, flags);
- }
- /// <summary>
- /// 登陆测试
- /// </summary>
- /// <param name="username"></param>
- /// <param name="domain"></param>
- /// <param name="password"></param>
- /// <returns></returns>
- public static bool LongonCheck(string username, string domain, string password)
- {
- IntPtr userToken = IntPtr.Zero;
- bool bImpersonated = LogonUser(username, domain, password, LogonType.NewCredentials, LogonProvider.Default, out userToken);
- try
- {
- if (bImpersonated)
- {
- if (!ImpersonateLoggedOnUser(userToken))
- {
- int nErrorCode = Marshal.GetLastWin32Error();
- CLRLogger.GetInstance().LogDevError("ImpersonateLoggedOnUser error;Code=" + nErrorCode);
- bImpersonated = false;
- }
- }
- }
- catch (Exception ex)
- {
- bImpersonated = false;
- CLRLogger.GetInstance().LogDevError("LongonCheck catch ex is " + ex.ToString());
- }
- return bImpersonated;
- }
- }
- /// <summary>
- /// 创建Windows凭据
- /// </summary>
- /// <param name="key">IP或者网络地址</param>
- /// <param name="userName">用户名</param>
- /// <param name="password">用户密码</param>
- /// <returns></returns>
- public static bool CreateCred(string key, string userName, string password)
- {
- //用于标记凭据添加是否成功 i=0:添加成功;i=1:添加失败
- int i = 0;
- try
- {
- i = NativeCredMan.WriteCred(key,
- userName,
- password,
- CRED_TYPE.DOMAIN_PASSWORD,
- CRED_PERSIST.LOCAL_MACHINE);
- }
- catch (Exception ex)
- {
- i = 1;
- CLRLogger.GetInstance().LogDevError("CreateCred has error : " + ex.Message);
- }
- return i == 0;
- }
- /// <summary>
- /// 查询凭据是否存在
- /// </summary>
- /// <param name="targetName">IP或者网络地址</param>
- /// <returns>是否存在</returns>
- public static bool QueryCred(string targetName)
- {
- IntPtr intPtr = new IntPtr();
- bool flag = false;
- try
- {
- flag = NativeCredMan.WReadCred(targetName, CRED_TYPE.DOMAIN_PASSWORD, 1, out intPtr);
- }
- catch (Exception ex)
- {
- flag = false;
- CLRLogger.GetInstance().LogDevError("QueryCred has error : " + ex.Message);
- }
- return flag;
- }
- /// <summary>
- /// 删除凭据
- /// </summary>
- /// <param name="targetName">IP或者网络地址</param>
- /// <returns>是否删除成功</returns>
- public static bool DeleteCred(string targetName)
- {
- bool flag = false;
- try
- {
- IntPtr intPtr = new IntPtr();
- if (NativeCredMan.WReadCred(targetName, CRED_TYPE.DOMAIN_PASSWORD, 1, out intPtr))
- {
- flag = NativeCredMan.DeleteCred(targetName.Trim(), CRED_TYPE.DOMAIN_PASSWORD, 0);
- }
- else
- {
- flag = true;
- }
- }
- catch (Exception ex)
- {
- flag = false;
- CLRLogger.GetInstance().LogDevError("DeleteCred has error : " + ex.Message);
- }
- return flag;
- }
- /// <summary>
- /// 登陆验证方法 IP为输出目录的地址,userName为账户名,domain为域名(united-imaging.com),password为密码
- /// </summary>
- /// <param name="username"></param>
- /// <param name="domain"></param>
- /// <param name="password"></param>
- /// <returns></returns>
- public static bool LogonUser(string ip, string username, string domain, string password)
- {
- bool loggedOn = false;
- try
- {
- if (NativeCredMan.LongonCheck(username, domain, password) && Directory.Exists(ip))
- {
- loggedOn = true;
- }
- }
- catch (Exception ex)
- {
- loggedOn = false;
- CLRLogger.GetInstance().LogDevError("LogonUser has error : " + ex.Message);
- }
- return loggedOn;
- }
- }
|
1、本网站属于个人的非赢利性网站,转载的文章遵循原作者的版权声明,如果原文没有版权声明,按照目前互联网开放的原则,我们将在不通知作者的情况下,转载文章;如果原文明确注明“禁止转载”,我们一定不会转载。如果我们转载的文章不符合作者的版权声明或者作者不想让我们转载您的文章的话,请您发送邮箱:Cdnjson@163.com提供相关证明,我们将积极配合您!
2、本网站转载文章仅为传播更多信息之目的,凡在本网站出现的信息,均仅供参考。本网站将尽力确保所提供信息的准确性及可靠性,但不保证信息的正确性和完整性,且不对因信息的不正确或遗漏导致的任何损失或损害承担责任。
3、任何透过本网站网页而链接及得到的资讯、产品及服务,本网站概不负责,亦不负任何法律责任。
4、本网站所刊发、转载的文章,其版权均归原作者所有,如其他媒体、网站或个人从本网下载使用,请在转载有关文章时务必尊重该文章的著作权,保留本网注明的“稿件来源”,并自负版权等法律责任。
|
代码
915 人阅读
|
0 人回复
