GoLang. Tests a users credentials against a M$ domain. Pre-cursor to a password spraying script. Run this in Windows.

test-domain-creds.go

package main

import (
	"fmt"
	"syscall"
	"unsafe"
)

const (
	LOGON32_LOGON_NETWORK           = 3
	LOGON32_PROVIDER_DEFAULT        = 0
	ERROR_LOGON_FAILURE      uint32 = 0x52e
)

var (
	modadvapi32 = syscall.NewLazyDLL("advapi32.dll")
	modkernel32 = syscall.NewLazyDLL("kernel32.dll")

	procLogonUser   = modadvapi32.NewProc("LogonUserW")
	procCloseHandle = modkernel32.NewProc("CloseHandle")
)

func main() {
	// Prompt the user for credentials
	var domain, username, password string
	fmt.Print("Domain: ")
	fmt.Scanln(&domain)
	fmt.Print("Username: ")
	fmt.Scanln(&username)
	fmt.Print("Password: ")
	fmt.Scanln(&password)

	// Attempt to authenticate against the domain controller
	err := LogonUser(username, domain, password)
	if err != nil {
		fmt.Printf("Authentication failed: %v\n", err)
	} else {
		fmt.Println("Authentication successful.")
	}
}

func LogonUser(username, domain, password string) error {
	usr, _ := syscall.UTF16PtrFromString(username)
	dom, _ := syscall.UTF16PtrFromString(domain)
	pwd, _ := syscall.UTF16PtrFromString(password)

	var handle syscall.Handle
	ret, _, err := procLogonUser.Call(
		uintptr(unsafe.Pointer(usr)),
		uintptr(unsafe.Pointer(dom)),
		uintptr(unsafe.Pointer(pwd)),
		LOGON32_LOGON_NETWORK,
		LOGON32_PROVIDER_DEFAULT,
		uintptr(unsafe.Pointer(&handle)),
	)

	if ret == 0 {
		if errno, ok := err.(syscall.Errno); ok && errno == syscall.Errno(ERROR_LOGON_FAILURE) {
			return fmt.Errorf("invalid credentials")
		}
		return err
	}
	defer procCloseHandle.Call(uintptr(handle))
	return nil
}