获取Windows中登录用户的用户名/密码
[英]Getting user name/password of the logged in user in Windows
问题描述
Is there any API to get the currently logged in user's name and password in Windows? 
是否有任何API可以在Windows中获取当前登录用户的名称和密码?
Thank you in advance. 先感谢您。
10 个解决方案
解决方案1
29 已采纳 2008-09-22 07:29:41
Password: No, this is not retained for security reasons - it's used, then discarded. 密码:不,出于安全原因,这不会被保留 - 它被使用,然后被丢弃。 You could retrieve the encrypted password for this user from the registry, given sufficient privileges, then decrypt it using something like rainbow tables , but that's extremely resource intensive and time consuming using current methods. 您可以从注册表中检索此用户的加密密码,并给予足够的权限,然后使用彩虹表等方法对其进行解密,但这使用当前方法非常耗费资源并且非常耗时。 Much better to prompt the user. 提示用户好多了。
Alternatively, if you want to implement some sort of 'single signon' system as Novell does, you should do it via either a GINA (pre-Vista) or a Credential Provider (Vista), which will result in your code being given the username and password at login, the only time at which the password is available. 或者,如果你想像Novell那样实现某种“单点登录”系统,你应该通过GINA(Vista之前)或Credential Provider(Vista)来实现,这将导致您的代码被赋予用户名和登录时的密码,密码可用的唯一时间。
For username, getting the current username (the one who is running your code) is easy: the GetUserName function in AdvApi32.dll does exactly this for you. 对于用户名,获取当前用户名(运行代码的用户名)很简单:AdvApi32.dll中的GetUserName函数可以为您完成此操作。
If you're running as a service, you need to remember there is no one "logged in user": there are several at any time, such as LocalSystem, NetworkService, SYSTEM and other accounts, in addition to any actual people. 如果您作为服务运行,则需要记住没有人“登录用户”:除了任何实际的人之外,还有几个在任何时候,例如LocalSystem,NetworkService,SYSTEM和其他帐户。 This article provides some sample code and documentation for doing that. 本文提供了一些示例代码和文档 。
解决方案2
4 2008-09-22 07:21:25
如果可能的话,我认为这是一个巨大的安全漏洞!
解决方案3
4 2008-09-22 07:22:16
You can't get the password of a user since its encrypted (not to mention that its a standard practice not to store passwords in plaintext). 您加密后无法获取用户的密码(更不用说它的标准做法是不以明文形式存储密码)。
For getting the username, you can use GetUserName or NPGetUser 要获取用户名,可以使用GetUserName或NPGetUser
解决方案4
4 2008-09-22 07:29:43
请注意确定如何完成,但http://www.nirsoft.net/utils/network_password_recovery.html上的 “网络密码恢复”工具似乎从某些缓存中获取密码。
解决方案5
4 2015-07-25 19:39:20
For the many commenters who believe it is not possible to reveal the password of the currently logged-in user, see Dump cleartext passwords of logged in user(s) which shows how to use mimikatz to do just that: 对于许多认为无法透露当前登录用户密码的评论者,请参阅登录用户的转储明文密码,其中显示了如何使用mimikatz执行此操作:
mimikatz # privilege::debug
Demande d'ACTIVATION du privilège : SeDebugPrivilege : OK
mimikatz # sekurlsa::logonPasswords full
...
Utilisateur principal : user
Domaine d'authentification : domain
kerberos :
* Utilisateur : user
* Domaine : domain
* Mot de passe : pass
解决方案6
2 2008-09-22 07:22:01
GetUserName will get you the name, but the password you can't get. GetUserName将为您提供名称,但您无法获得密码。 It's not even something Windows stores, AFAIK - only a hash of your password. 它甚至不是Windows存储的东西,AFAIK - 只是密码的哈希值。
Depending on what you're trying to achieve (you can tell us a bit more..) it's possible to impersonate a logged on user and do stuff on his/her behalf. 根据您要实现的目标(您可以告诉我们更多信息......),可以模拟已登录的用户并代表他/她执行操作。
解决方案7
2 2008-09-22 07:30:43
Windows API中的身份验证的完整详细信息可以在MSDN上找到: http : //msdn.microsoft.com/en-us/library/aa374735(VS.85).aspx
解决方案8
1 2016-07-26 20:25:38
I don't know about the windows login password... but you can definitely pull plaintext passwords from the Credentials Manager. 我不知道windows登录密码......但你绝对可以从Credentials Manager中提取明文密码。 For example here is a program to pull the password for TFS. 例如,这是一个拉取TFS密码的程序。 In most cases, this is the same as the Windows Login. 在大多数情况下,这与Windows登录相同。
namespace ShowPassword
{
using Microsoft.TeamFoundation.Client;
using System;
using System.Net;
class Program
{
static void Main(string[] args)
{
var tpc = new TfsTeamProjectCollection(new Uri("http://mycompany.com/tfs"));
var nc = tpc.Credentials as NetworkCredential;
Console.WriteLine("the password is " + nc.Password);
}
}
}
I compiled this as "console" app under vs 2015 with Nuget package TeamFoundation ExtendedClient. 我使用Nuget包TeamFoundation ExtendedClient将其编译为vs 2015下的“console”应用程序。
解决方案9
0 2008-09-22 07:23:07
You can get the user name with GetUserName(), but you cannot get the password; 您可以使用GetUserName()获取用户名,但无法获取密码; this would violate security for dummies 101. 这会违反假人101的安全性。
解决方案10
0 2008-09-22 15:58:53
re "Network Password Recovery" tool 重新“网络密码恢复”工具
Windows (upto XP) stores a copy of the passwd with a simpler easy to break encryption - for connecting to older style lanmanager network shares. Windows(最多XP)存储passwd的副本,具有更简单易于破解的加密 - 用于连接旧式lanmanager网络共享。 The tools generaly try all possible passwords against this, using rainbow tables (precaluted encrypted versions of dictionary words) speeds this up. 这些工具通常会尝试使用所有可能的密码,使用彩虹表(字典单词的预先加密版本)可加快速度。
In XPsp2/3 Vista this feature is removed. 在XPsp2 / 3 Vista中,此功能已被删除。 The new encryption is much harder to crack and needs many hours to try all possible values, there are online services that will run it on large number of machines to give you a quick answer for a price. 新的加密更难破解,需要花费数小时才能尝试所有可能的值,有在线服务可以在大量机器上运行它,以便快速回答价格。
To answer the original poster - you do not generally store the password and compare it with what the user typd in. You encrypt (actually hash) the entered password and store that. 要回答原始海报 - 您通常不会存储密码并将其与用户所用的密码进行比较。您加密(实际哈希)输入的密码并存储密码。 To check a password you perform the same encryption on whatever the user enetered and compare that. 要检查密码,您可以对用户输入的内容执行相同的加密并进行比较。 It is generally impossible to go from the encrypted form back to the real password. 通常不可能从加密表单回到真实密码。
EDIT I suspect you are asking the wrong question here - why do you want the password, what are you trying to verify and when? 编辑我怀疑你在这里问错了 - 为什么你想要密码,你想要验证什么以及什么时候?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.