小贝子编程

我如何将此标志性搜索的结果拆分



我正在尝试使用它来将我的ad nt Hashdump与https://haveibeenpwned.com/passwords Hashes进行比较。我在结果将多个用户名与相同密码组合在一起时遇到了麻烦。

代码:

  param(
        [Parameter(Mandatory = $true)]
        [System.IO.FileInfo] $ADNTHashes,
        [Parameter(Mandatory = $true)]
        [System.IO.FileInfo] $HashDictionary
    )
    #>
    process {
        $stopwatch = [System.Diagnostics.Stopwatch]::StartNew()
        #Declare and fill new hashtable with ADNThashes. Converts to upper case to 
        $htADNTHashes = @{} 
        Import-Csv -Delimiter ":" -Path $ADNTHashes -Header "User","Hash" | % {$htADNTHashes[$_.Hash.toUpper()] += @($_.User)}
        #Create empty output object
        $mrMatchedResults = @()
        #Create Filestream reader 
        $fsHashDictionary = New-Object IO.Filestream $HashDictionary,'Open','Read','Read'
        $frHashDictionary = New-Object System.IO.StreamReader($fsHashDictionary) 
        #Iterate through HashDictionary checking each hash against ADNTHashes
        while (($lineHashDictionary = $frHashDictionary.ReadLine()) -ne $null) {
            if($htADNTHashes.ContainsKey($lineHashDictionary.Split(":")[0].ToUpper())) {
                $foFoundObject = [PSCustomObject]@{
                    User = $htADNTHashes[$lineHashDictionary.Split(":")[0].ToUpper()]
                    Frequency = $lineHashDictionary.Split(":")[1]
                    Hash = $linehashDictionary.Split(":")[0].ToUpper()
                }
                $mrMatchedResults += $foFoundObject               
            }
        }
        $stopwatch.Stop()
        Write-Verbose "Function Match-ADHashes completed in $($stopwatch.Elapsed.TotalSeconds) Seconds"
    }
    end {
        $mrMatchedResults
    }
}

我尝试评论| % {$htADNTHashes[$_.Hash.toUpper()] += @($_.User)}似乎很接近,但以某种方式删除了频列。

结果看起来像这样:

User                            Frequency Hash                            
----                            --------- ----                            
{TestUser2, TestUser3}          20129     H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1
{TestUser1}                     1         H2H2H2H2H2H2H2H2H2H2H2H2H2H2H2H2

我希望它们分开:

User                            Frequency Hash                            
----                            --------- ----                            
{TestUser2}                     20129     H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1
{TestUser3}                     20129     H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1H1
{TestUser1}                     1         H2H2H2H2H2H2H2H2H2H2H2H2H2H2H2H2

我确定这是一个简单的更改,但是我几乎没有Powershell经验。

将$ formateNumerationLimit更改为-1的建议也不是我想要的,它只是修复了列表的截断。{user1,user2,user3 ...} 

while (($lineHashDictionary = $frHashDictionary.ReadLine()) -ne $null) {
            if($htADNTHashes.ContainsKey($lineHashDictionary.Split(":")[0].ToUpper())) {
                $Users = $htADNTHashes[$lineHashDictionary.Split(":")[0].ToUpper()]
                foreach($User in $Users){
                $foFoundObject = [PSCustomObject]@{
                    User = $User
                    Frequency = $lineHashDictionary.Split(":")[1]
                    Hash = $linehashDictionary.Split(":")[0].ToUpper()
                }
                $mrMatchedResults += $foFoundObject
                }
            }
        }

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium