From 579988141855520e14155b24db6a0acca0bc3b50 Mon Sep 17 00:00:00 2001 From: Tomas Kracmar Date: Tue, 21 Oct 2025 13:35:09 +0200 Subject: [PATCH] Fixing table sorting and S3 upload --- Extract-NTHashes.ps1 | 23 +++++++++++++++++------ Test-WeakADPasswords.ps1 | 4 ++-- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/Extract-NTHashes.ps1 b/Extract-NTHashes.ps1 index bb4c07c..230c4fb 100644 --- a/Extract-NTHashes.ps1 +++ b/Extract-NTHashes.ps1 @@ -122,7 +122,14 @@ function New-S3Client { function Get-Bytes([string]$s) { return [System.Text.Encoding]::UTF8.GetBytes($s) } function Get-HashHex([byte[]]$bytes) { $sha = [System.Security.Cryptography.SHA256]::Create() - try { return ([BitConverter]::ToString($sha.ComputeHash($bytes))).Replace('-', '').ToLowerInvariant() } finally { $sha.Dispose() } + try { + if ($null -eq $bytes) { $bytes = [byte[]]@() } + $ms = [System.IO.MemoryStream]::new($bytes) + try { + $hashBytes = $sha.ComputeHash($ms) + return ([BitConverter]::ToString($hashBytes)).Replace('-', '').ToLowerInvariant() + } finally { $ms.Dispose() } + } finally { $sha.Dispose() } } function Get-FileSha256Hex([string]$path) { $sha = [System.Security.Cryptography.SHA256]::Create() @@ -131,7 +138,11 @@ function Get-FileSha256Hex([string]$path) { } function HmacSha256([byte[]]$key, [string]$data) { $h = [System.Security.Cryptography.HMACSHA256]::new($key) - try { return $h.ComputeHash((Get-Bytes $data)) } finally { $h.Dispose() } + try { + $dataBytes = Get-Bytes $data + $ms = [System.IO.MemoryStream]::new($dataBytes) + try { return $h.ComputeHash($ms) } finally { $ms.Dispose() } + } finally { $h.Dispose() } } function GetSignatureKey([string]$secret, [string]$dateStamp, [string]$regionName, [string]$serviceName) { $kDate = HmacSha256 (Get-Bytes ('AWS4' + $secret)) $dateStamp @@ -159,7 +170,7 @@ function BuildAuthHeaders($method, [System.Uri]$uri, [string]$region, [string]$a $amzdate = (Get-Date).ToUniversalTime().ToString('yyyyMMddTHHmmssZ') $datestamp = (Get-Date).ToUniversalTime().ToString('yyyyMMdd') $hostHeader = $uri.Host - if (-not $uri.IsDefaultPort) { $hostHeader = "$hostHeader:$($uri.Port)" } + if (-not $uri.IsDefaultPort) { $hostHeader = "{0}:{1}" -f $hostHeader, $uri.Port } $canonicalUri = BuildCanonicalPath $uri $canonicalQueryString = '' @@ -308,8 +319,8 @@ function Get-FileChecksum { $reportBase = Normalize-ReportPath -p $ElysiumSettings['ReportPathBase'] if (-not (Test-Path $reportBase)) { New-Item -Path $reportBase -ItemType Directory -Force | Out-Null } -# Build domain details from settings -$DomainDetails = @{} +# Build domain details from settings (ordered to keep numeric index order) +$DomainDetails = [ordered]@{} for ($i = 1; $ElysiumSettings.ContainsKey("Domain${i}Name"); $i++) { $DomainDetails["$i"] = @{ Name = $ElysiumSettings["Domain${i}Name"] @@ -320,7 +331,7 @@ for ($i = 1; $ElysiumSettings.ContainsKey("Domain${i}Name"); $i++) { # User selects a domain Write-Host "Select a domain to extract NTLM hashes:" -$DomainDetails.GetEnumerator() | ForEach-Object { Write-Host "$($_.Key): $($_.Value.Name)" } +$DomainDetails.GetEnumerator() | Sort-Object { [int]$_.Key } | ForEach-Object { Write-Host "$($_.Key): $($_.Value.Name)" } $selection = Read-Host "Enter the number of the domain" $selectedDomain = $DomainDetails[$selection] diff --git a/Test-WeakADPasswords.ps1 b/Test-WeakADPasswords.ps1 index c81ba6e..ab1610c 100644 --- a/Test-WeakADPasswords.ps1 +++ b/Test-WeakADPasswords.ps1 @@ -99,7 +99,7 @@ function Get-DomainDetailsFromSettings { [hashtable]$Settings ) - $domainDetails = @{} + $domainDetails = [ordered]@{} $counter = 1 while ($true) { $nameKey = "Domain${counter}Name" @@ -330,7 +330,7 @@ function Test-WeakADPasswords { # User selects a domain Write-Host "Select a domain to test:" - $DomainDetails.GetEnumerator() | ForEach-Object { Write-Host "$($_.Key): $($_.Value.Name)" } + $DomainDetails.GetEnumerator() | Sort-Object { [int]$_.Key } | ForEach-Object { Write-Host "$($_.Key): $($_.Value.Name)" } $selection = Read-Host "Enter the number of the domain" if (-not ($DomainDetails.ContainsKey($selection))) {