PowerShell bulk check domain password weak password

Requirements: Title is the demand, want to use the Password library batch detection of weak passwords in the domain.

Solution: PowerShell to achieve, do not need third-party tools, not afraid of being stolen password.

This script requires 3 files, empty, located under D:/pwd

1 name.csv, save list of user names to be tested

2 Pwd.csv, save the list of passwords you need to test

3 Name2.csv, save the password for successful verification

The domain cannot limit the number of test passwords and must be run by an administrator

echo  "This script requires 3 files, located under D:/pwd" echo  "1 name.csv, save the list of user names to be tested  " echo  "2  Pwd.csv, save the password list that needs to be tested "echo " 3 name2.csv, save the password to verify successful "echo " domain cannot limit the number of test passwords, must be run by administrator "$files  =  (get-childitem d:\pwd\name2.csv) .pspath$content = get-content  $filesImport-csv -path  D:\pwd\name.csv | foreach {  $bb  = "{0}"  -f $_.name$username =   "tech\"  + "$BB" import-csv -path d:\pwd\pwd.csv | foreach {  $pwd 2  = "{0}"  -f $_.pwd$pass = convertto-securestring -asplaintext $_.pwd -force$ Cred = new-object system.management.automation.pscredential ($UserName, $Pass)   $dCred  =   $cred $dusername =  $dCred .username$dpassword =  $dCred. getnetworkcredential (). Password $currentDomain  =  "ldap://"  +  ([ADSI] ""). Distinguishedname$auth = new-object  system.directoryservices.direcToryentry ($CurrentDomain, $dUserName, $dPassword)     if  ($auth .name -eq  $null )     {   # Write-Host  current test user $bb  current test password $pwd2     #Write-host  "failed to verify password."  -foregroundcolor  ' Red '     }    else   {       Write-Host  Current test User $bb  current test password $mysecret     write-host  "Password test success  -> "  $ ($auth. Name)  -foregroundcolor  ' green '       $a  =  "Password test successful  -> $ username  $mysecret " | out-file -append  d:\pwd\name2.csv     }    }     }

If a password is validated successfully, it is automatically appended to the D:\pwd\name2.csv, and the console displays the record in green.

In the above script, I commented out two lines, can show the password verification failed when the record is displayed in red, considering that the non-display will save memory, so commented out. This script uses a lot of PowerShell knowledge points, interested students can see for themselves.

This article is from the "Nine uncle-Microsoft Private Cloud" blog, please make sure to keep this source http://jiushu.blog.51cto.com/972756/1675200

PowerShell bulk check domain password weak password