script to detect user accounts with blank password

Download JSON Download Python

Ratings

Release Time

06/21/2024

Downloads

256 times

Update Time

04/04/2025

Views

446 times

Share-it:

Tags

User accounts Security

This script checks whether any user accounts have a blank password on the machine. You can check which user accounts have a blank password in the script execution log

RUN AS LOCALSYSTEM USER

this script has been scanned with virustotal.com and xcitium verdict cloud.

PYTHON SCRIPT FILE SHA1 VALUE - f05870deb962023c65a47f71b6be4ec86ce18a4b

JSON FILE SHA1 VALUE - 79cd92ac0dc4f10640bcc627293ff1dce04f8f99

Procedure's Instructions

import os
import ctypes

class disable_file_system_redirection:
    _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
    _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
    def __enter__(self):
        self.old_value = ctypes.c_long()
        self.success = self._disable(ctypes.byref(self.old_value))
    def __exit__(self, type, value, traceback):
        if self.success:
            self._revert(self.old_value)

vbs=r'''
On Error Resume Next

Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
strPassword = ""
Set colAccounts = GetObject("WinNT://" & strComputer)
colAccounts.Filter = Array("user")
For Each objUser In colAccounts
    If objUser.Name <> "Administrator" And objUser.Name <> "DefaultAccount" Then
        objUser.ChangePassword strPassword, strPassword
        If Err = 0 or Err = -2147023569 Then
            Wscript.Echo objUser.Name & " is using a blank password."
        End If
        Err.Clear
    End If
Next
'''

def runvbs(vbs):
    workdir=os.environ['PROGRAMDATA']+r'\temp'
    if not os.path.isdir(workdir): 
        os.mkdir(workdir)
    with open(workdir+r'\temprun.vbs',"w") as f :
        f.write(vbs)        
    with disable_file_system_redirection():
        output = os.popen('cscript.exe "'+workdir+r'\temprun.vbs"').read()
        print('Script execution completed successfully\n')
        if "blank password" in output:
            print(output)
        else:
            print("no user accounts on this machine has blank password")
    if os.path.isfile(workdir+r'\temprun.vbs'):
        os.remove(workdir+r'\temprun.vbs')

runvbs(vbs)

 
import os
import ctypes
​
class disable_file_system_redirection:
    _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
    _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
    def __enter__(self):
        self.old_value = ctypes.c_long()
        self.success = self._disable(ctypes.byref(self.old_value))
    def __exit__(self, type, value, traceback):
        if self.success:
            self._revert(self.old_value)
​
​
vbs=r'''
On Error Resume Next
​
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
strPassword = ""
Set colAccounts = GetObject("WinNT://" & strComputer)
colAccounts.Filter = Array("user")
For Each objUser In colAccounts
    If objUser.Name <> "Administrator" And objUser.Name <> "DefaultAccount" Then
        objUser.ChangePassword strPassword, strPassword
        If Err = 0 or Err = -2147023569 Then
            Wscript.Echo objUser.Name & " is using a blank password."
        End If
        Err.Clear
    End If
Next
'''
​
def runvbs(vbs):
    workdir=os.environ['PROGRAMDATA']+r'\temp'
    if not os.path.isdir(workdir): 
        os.mkdir(workdir)
    with open(workdir+r'\temprun.vbs',"w") as f :
        f.write(vbs)        
    with disable_file_system_redirection():
        output = os.popen('cscript.exe "'+workdir+r'\temprun.vbs"').read()
        print('Script execution completed successfully\n')
        if "blank password" in output:
            print(output)
        else:
            print("no user accounts on this machine has blank password")
    if os.path.isfile(workdir+r'\temprun.vbs'):
        os.remove(workdir+r'\temprun.vbs')
​
runvbs(vbs)

Comments

No Comments.

script to detect user accounts with blank password

Comments

Leave a Comment