Bug fixes

2025-10-20 18:28:54 +02:00
parent a0f4091e25
commit e7a01f52a2
10 changed files with 173 additions and 433 deletions
--- a/Elysium/Elysium.ps1
+++ b/Elysium/Elysium.ps1
@@ -0,0 +1,41 @@
+#Global settings
+. "../Settings.ps1"
+function Show-Menu {
+    param (
+        [string]$Title = 'Project Elysium'
+    )
+    Clear-Host
+    Write-Host "================ $Title ================"
+
+    Write-Host "1: Update Known Hashes Database"
+    Write-Host "2: Run Weak Password Test"
+    Write-Host "3: Extract and Send Current Hashes"
+    Write-Host "Q: Exit"
+}
+
+do {
+    Show-Menu
+    $input = Read-Host "Please make a selection"
+    switch ($input) {
+        '1' {
+            # Call Script 1
+            .\UpdateKHDB.ps1
+            break
+        }
+        '2' {
+            # Call Script 2
+            .\TestADAccounts.ps1
+            break
+        }
+        '3' {
+            # Call Script 3
+            .\ExportHashes.ps1
+            break
+        }
+        'Q' {
+            return
+        }
+    }
+    pause
+}
+until ($input -eq 'Q')
--- a/Elysium/ExportHashes.ps1
+++ b/Elysium/ExportHashes.ps1
@@ -0,0 +1,60 @@
+#Global settings
+. "../Settings.ps1"
+
+# Import Required Modules
+Import-Module DSInternals
+Add-Type -AssemblyName System.IO.Compression.FileSystem
+
+# Define Domains and Associated Usernames
+$domains = @{
+    "Domain1" = "username1";
+    "Domain2" = "username2";
+    # Add more domains and usernames as needed
+}
+
+# Present Choice of Domains to User
+$selectedDomain = $domains.Keys | Out-GridView -Title "Select a Domain" -PassThru
+$selectedUsername = $domains[$selectedDomain]
+
+# Ask User to Enter Password for Chosen Account
+Write-Host "Enter password for account $selectedUsername in domain $selectedDomain:"
+$password = Read-Host -AsSecureString
+
+# Define Domain Controller (Modify as needed)
+$domainController = "$selectedDomain" + "Controller"  # Example: Domain1Controller
+
+# Credential Object
+$credential = New-Object System.Management.Automation.PSCredential ($selectedUsername, $password)
+
+# Get Current Timestamp
+$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
+
+# Define Export Path and Filename
+$exportPath = "C:\Path\To\Export"  # Configure this path as needed
+$exportFilename = "extractedHashes_" + $selectedDomain + "_" + $timestamp + ".csv"
+$exportFullPath = Join-Path $exportPath $exportFilename
+
+# Extract Non-Disabled Account Hashes
+Get-ADReplAccount -All -Server $domainController -Credential $credential |
+    Where-Object { -not $_.AccountDisabled } |
+    Select-Object -Property SamAccountName, NTHash |
+    Export-Csv -Path $exportFullPath -NoTypeInformation
+
+# Ask User for a Secure Password for Encryption
+Write-Host "Enter a secure password to encrypt the file:"
+$encryptionPassword = Read-Host -AsSecureString
+
+# Compress and Encrypt File
+$compressedFile = $exportFullPath + ".zip"
+[IO.Compression.ZipFile]::CreateFromDirectory($exportPath, $compressedFile)
+$encryptedFile = $compressedFile + ".encrypted"
+
+# Encrypt the Compressed File
+ConvertFrom-SecureString $encryptionPassword | Out-File "$encryptedFile"
+
+# Clean Up
+Remove-Item -Path $exportFullPath  # Remove the original CSV file
+Remove-Item -Path $compressedFile  # Remove the compressed ZIP file
+
+# Output
+Write-Host "Hashes exported, compressed, and encrypted to: $encryptedFile"
--- a/Elysium/TestADAccounts.ps1
+++ b/Elysium/TestADAccounts.ps1
@@ -0,0 +1,3 @@
+#Global settings
+. "../Settings.ps1"
+
--- a/Elysium/UpdateKHDB.ps1
+++ b/Elysium/UpdateKHDB.ps1
@@ -0,0 +1,52 @@
+#Global settings
+. "../Settings.ps1"
+
+# Function to extract version number from filename
+function Extract-VersionNumber($filename) {
+    if ($filename -match "known-hashes-v(\d+\.\d+)\.encrypted\.zip") {
+        return $matches[1]
+    }
+    return $null
+}
+
+# Get the list of available files (assuming a directory listing is available)
+$response = Invoke-WebRequest -Uri $baseUrl
+$files = $response.Links | Where-Object { $_.href -like "known-hashes-v*.encrypted.zip" } | Select-Object -ExpandProperty href
+
+# Determine the latest version
+$latestVersion = "0.0"
+$latestFile = $null
+foreach ($file in $files) {
+    $version = Extract-VersionNumber $file
+    if ([version]$version -gt [version]$latestVersion) {
+        $latestVersion = $version
+        $latestFile = $file
+    }
+}
+
+# Check local file version
+$localVersion = "0.0"
+if (Test-Path "$localFilePath.encrypted") {
+    $localVersion = Extract-VersionNumber (Get-Item "$localFilePath.encrypted").Name
+}
+
+# Download and extract if the online version is newer
+if ([version]$latestVersion -gt [version]$localVersion) {
+    $downloadUrl = $baseUrl + $latestFile
+    $localZipPath = "$localFilePath-v$latestVersion.encrypted.zip"
+    Invoke-WebRequest -Uri $downloadUrl -OutFile $localZipPath
+
+    # Ask for the ZIP password
+    Write-Host "Enter the password to unzip the file:"
+    $zipPassword = Read-Host -AsSecureString
+
+    # Unzip the file (requires .NET 4.5 or higher and external tools like 7-Zip)
+    $zipPasswordPlainText = [Runtime.InteropServices.Marshal]::PtrToStringBSTR([Runtime.InteropServices.Marshal]::SecureStringToBSTR($zipPassword))
+    $7zipPath = "C:\Path\To\7Zip\7z.exe" # Update with the actual path to 7-Zip executable
+    $arguments = "x `"$localZipPath`" -p$zipPasswordPlainText -o`"$localFilePath`" -y"
+    Start-Process $7zipPath -ArgumentList $arguments -NoNewWindow -Wait
+
+    Write-Host "File downloaded and extracted successfully. Latest version: v$latestVersion"
+} else {
+    Write-Host "Local known-hashes file is up-to-date. Current version: v$localVersion"
+}