Added ChangeAccountPassword

tyranid · tyranid · commit 50d9b72bc3a2 · 2022-11-14T17:53:59.000-08:00
diff --git a/NtApiDotNet/Win32/Security/Authentication/AuthenticationPackage.cs b/NtApiDotNet/Win32/Security/Authentication/AuthenticationPackage.cs
@@ -17,11 +17,12 @@
 using NtApiDotNet.Win32.Security.Authentication.Kerberos;
 using NtApiDotNet.Win32.Security.Authentication.Negotiate;
 using NtApiDotNet.Win32.Security.Authentication.Ntlm;
+using NtApiDotNet.Win32.Security.Buffers;
 using NtApiDotNet.Win32.Security.Native;
 using System;
 using System.Collections.Generic;
 using System.Linq;
-
+
 namespace NtApiDotNet.Win32.Security.Authentication
 {
     /// <summary>
@@ -338,6 +339,32 @@ public IServerAuthenticationContext CreateServer(AuthenticationCredentials crede
             }
         }
 
+        /// <summary>
+        /// Change an account password using this package.
+        /// </summary>
+        /// <param name="domain">The user's domain name.</param>
+        /// <param name="username">The user's name.</param>
+        /// <param name="old_password">The user's old password.</param>
+        /// <param name="new_password">The user's new password.</param>
+        /// <param name="impersonating">Whether the caller is impersonating.</param>
+        public void ChangeAccountPassword(string domain, string username,
+          string old_password, string new_password, bool impersonating = false)
+        {
+            var password_info_buffer = new SecurityBufferAllocMem(SecurityBufferType.ChangePassResponse);
+            List<SecurityBuffer> buffers = new List<SecurityBuffer>
+            {
+                password_info_buffer
+            };
+            using (var list = new DisposableList())
+            {
+                var output = buffers.ToBufferList(list);
+                var desc = output.ToDesc(list);
+                SecurityNativeMethods.ChangeAccountPassword(Name, domain, username, 
+                    old_password, new_password, impersonating, 0, desc).CheckResult();
+                buffers.UpdateBuffers(desc);
+            }
+        }
+
         /// <summary>
         /// Overridden ToString method.
         /// </summary>
diff --git a/NtApiDotNet/Win32/Security/Native/SecurityNativeMethods.cs b/NtApiDotNet/Win32/Security/Native/SecurityNativeMethods.cs
@@ -204,6 +204,19 @@ internal static extern SecStatusCode ImportSecurityContext(
             [Out] SecHandle phContext
         );
 
+        [DllImport("Secur32.dll", CharSet = CharSet.Unicode)]
+        internal static extern SecStatusCode ChangeAccountPassword(
+          string pszPackageName,
+          string pszDomainName,
+          string pszAccountName,
+          string pszOldPassword,
+          string pszNewPassword,
+          [MarshalAs(UnmanagedType.U1)]
+          bool bImpersonating,
+          int dwReserved,
+          SecBufferDesc pOutput
+        );
+
         [DllImport("sspicli.dll", CharSet = CharSet.Unicode)]
         internal static extern SecStatusCode SspiMarshalAuthIdentity(
           SafeBuffer AuthIdentity, // PSEC_WINNT_AUTH_IDENTITY_OPAQUE 
