justaguywhocodes · June 6, 2025 17:46
diff --git a/spray.ps1 b/spray.ps1
 # PowerShell script to test login attempts for multiple usernames with a given password

 # Define the list of usernames to test
 $usernames = @("user1", "user2", "user3")  # Replace with actual usernames
 $password = "YourPasswordHere"  # Replace with the password to test
 $computerName = "."  # Use "." for the local machine, or specify a remote computer name

 # Function to test credentials using LogonUser API
 Add-Type -TypeDefinition @"
 using System;
 using System.Runtime.InteropServices;

 public class Win32Api {
    [DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool LogonUser(
        string lpszUsername,
        string lpszDomain,
        string lpszPassword,
        int dwLogonType,
        int dwLogonProvider,
        out IntPtr phToken);

    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern bool CloseHandle(IntPtr handle);
 }
 "@

 # Loop through each username and attempt to log in
 foreach ($username in $usernames) {
    Write-Host "Testing credentials for $username..."

    # Initialize token handle
    $token = [IntPtr]::Zero

    # Attempt to log in using LogonUser
    $result = [Win32Api]::LogonUser(
        $username,         # Username
        $computerName,     # Domain ('.' for local machine)
        $password,         # Password
        2,                 # LOGON32_LOGON_INTERACTIVE
        0,                 # LOGON32_PROVIDER_DEFAULT
        [ref]$token        # Output token
    )

    # Check if login was successful
    if ($result) {
        Write-Host "Login successful for $username" -ForegroundColor Green
        # Close the token handle
        [Win32Api]::CloseHandle($token) | Out-Null
    } else {
        $errorCode = [System.Runtime.InteropServices.Marshal]::GetLastWin32Error()
        Write-Host "Login failed for $username. Error code: $errorCode" -ForegroundColor Red
    }
 }

 Write-Host "Credential testing completed."
	# PowerShell script to test login attempts for multiple usernames with a given password

	# Define the list of usernames to test
	$usernames = @("user1", "user2", "user3") # Replace with actual usernames
	$password = "YourPasswordHere" # Replace with the password to test
	$computerName = "." # Use "." for the local machine, or specify a remote computer name

	# Function to test credentials using LogonUser API
	Add-Type -TypeDefinition @"
	using System;
	using System.Runtime.InteropServices;

	public class Win32Api {
	[DllImport("advapi32.dll", SetLastError = true)]
	public static extern bool LogonUser(
	string lpszUsername,
	string lpszDomain,
	string lpszPassword,
	int dwLogonType,
	int dwLogonProvider,
	out IntPtr phToken);

	[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
	public static extern bool CloseHandle(IntPtr handle);
	}
	"@

	# Loop through each username and attempt to log in
	foreach ($username in $usernames) {
	Write-Host "Testing credentials for $username..."

	# Initialize token handle
	$token = [IntPtr]::Zero

	# Attempt to log in using LogonUser
	$result = [Win32Api]::LogonUser(
	$username, # Username
	$computerName, # Domain ('.' for local machine)
	$password, # Password
	2, # LOGON32_LOGON_INTERACTIVE
	0, # LOGON32_PROVIDER_DEFAULT
	[ref]$token # Output token
	)

	# Check if login was successful
	if ($result) {
	Write-Host "Login successful for $username" -ForegroundColor Green
	# Close the token handle
	[Win32Api]::CloseHandle($token) \| Out-Null
	} else {
	$errorCode = [System.Runtime.InteropServices.Marshal]::GetLastWin32Error()
	Write-Host "Login failed for $username. Error code: $errorCode" -ForegroundColor Red
	}
	}

	Write-Host "Credential testing completed."