[4635] in WWW Security List Archive
Re: changing passwords
daemon@ATHENA.MIT.EDU (Greg Haverkamp)
Mon Mar 3 17:12:50 1997
Date: Mon, 03 Mar 1997 13:59:50 -0500
To: "Piotr Jakubczak" <pj@zigzag.pl>
From: Greg Haverkamp <gregh@instinctive.com>
Cc: <www-security@ns2.rutgers.edu>
In-Reply-To: <199703030104.CAB00164@alpha2.zigzag.pl>
Errors-To: owner-www-security@ns2.rutgers.edu
At 02:09 AM 3/3/97 +0100, Piotr Jakubczak wrote:
>Being an administrator for an ISP I've always had many clients
>requesting some Web interface for changing passwords. I guess with
>SSL it would be secure enough. And anyway, clients don't have too many
>rights or privilages on my machines so I don't really care. I could
>not, however, find any way to make something like that possible. I
>talked to Microsoft about it and they said it's impossible to implement
>such interface as NT security system is designed in the way that won't
>allow such thing! Well, I thought they knew what they were saying and
>got convinced. Lately however I've been shocked to find that a fellow
>admin wrote some short program to perform exactly what I need.
Unfortunatelly he's working for our No 1 competitor in this city, so he
>won't share it with me. :)
>
>Does anybody have any idea how it could be done?
It's certainly possible and doable. And if you're willing to overlook the
security implications (be very cautious on this point), it's pretty easy.
All you need to do is call NetUserChangePassword with the appropriate
information. Below is some source code that came across the ntsecurity
list. It's uncredited, but explicitly states in the readme that there's no
copyright.
Greg
#include <windows.h>
#include <stdio.h>
#include <lmcons.h>
#include <lmaccess.h>
#include <lmerr.h>
#include <lmapibuf.h>
int main(int argc, char* argv[])
{
if(argc<5)
{
printf("Usage: rsetpass computer user oldpass newpass\n");
return(1);
}
WCHAR wsComputer[512];
WCHAR wsUser[512];
WCHAR wsOldPass[512];
WCHAR wsNewPass[512];
// convert computer name to wide char
MultiByteToWideChar(CP_ACP,0, argv[1], -1,wsComputer,512);
// convert user name to wide char
MultiByteToWideChar(CP_ACP,0, argv[2], -1,wsUser,512);
// convert old password to wide char
MultiByteToWideChar(CP_ACP,0, argv[3], -1,wsOldPass,512);
// convert new password to wide char
MultiByteToWideChar(CP_ACP,0, argv[4], -1,wsNewPass,512);
NET_API_STATUS nasErr;
// change the user password
nasErr = NetUserChangePassword(wsComputer,
wsUser,
wsOldPass,
wsNewPass);
// report errors
if(nasErr != NERR_Success)
{
printf("NetUserChangePassword returned %d\n",nasErr);
switch(nasErr)
{
case ERROR_ACCESS_DENIED:
printf(" You do not have access to the that information\n");
break;
case NERR_InvalidComputer:
printf(" The computer name is invalid\n");
break;
case NERR_NotPrimary:
printf(" That operation is only allowed on the primary domain
controller\n");
break;
case NERR_UserNotFound:
printf(" The user name could not be found\n");
break;
case NERR_PasswordTooShort:
printf(" The new password is too long or short\n");
break;
case 86:
printf(" Old password is not valid\n");
break;
default:
printf(" Unknown error\n");
break;
}
return(nasErr);
}
return(0);
}
