LinuxOnly - Circumvent password expiry in Windows

Circumvent password expiry in Windows

In Windows, administrators can configure the system to let passwords expire after a certain period of time. This forces the user to periodically change the password. It is assumed that making users change their passwords increases overall security, although some studies dispute this.

This expiration policy can be easily circumvented by changing the password multiple times and then changing it back to the original. This only works if the administrator did not set a minimum password age. If the minimum password age is set, you can not change your password immediately and this method will not work.

The following C# or .NET code shows how to change the password a number of times before resetting it to the old value:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.DirectoryServices;


namespace PasswordChanger
{
    class Program
    {
        static void Main(string[] args)
        {
            if (args.Length != 2)
            {
                System.Console.WriteLine("Usage: resetpass user password");
                System.Environment.Exit(1);
            }
            string user = args[0];
            string password = args[1];

            string previousPass = password;
            string newPass = null;

            DirectoryEntry entry;
            entry = new DirectoryEntry(@"WinNT://MYDOMAIN/" + user + ",User");
            for (int i = 0; i < 10; i++)
            {
                newPass = "a" + password + Convert.ToString(i);
                changePassword(entry, previousPass, newPass);
                previousPass = newPass;
            }
            changePassword(entry, previousPass, password);
            System.Console.WriteLine("Ok.");
        }

        static void changePassword(DirectoryEntry entry, string oldPass, string newPass)
        {
            try
            {
                entry.Invoke("ChangePassword", oldPass, newPass);
            }
            catch (System.Reflection.TargetInvocationException e)
            {
                System.Console.WriteLine("Password: " + oldPass);
                Exception cause = e.InnerException;
                System.Console.WriteLine(cause.Message);
                System.Environment.Exit(1);
            }
        }
    }
}

This program gets an ActiveDirectory entry for the given user and calls invoke for ChangePassword. It does this several times for a number of different passwords and then sets the old password back.