Created
May 13, 2025 19:47
-
-
Save joshfinley/e30fd912c55d1cfd9ac4913dfe488ac9 to your computer and use it in GitHub Desktop.
Convert AD UAC values to decimal or human readable forms
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| def set_user_account_control_value_table(): | |
| return { | |
| "SCRIPT": 1, | |
| "ACCOUNTDISABLE": 2, | |
| "HOMEDIR_REQUIRED": 8, | |
| "LOCKOUT": 16, | |
| "PASSWD_NOTREQD": 32, | |
| "ENCRYPTED_TEXT_PWD_ALLOWED": 128, | |
| "TEMP_DUPLICATE_ACCOUNT": 256, | |
| "NORMAL_ACCOUNT": 512, | |
| "INTERDOMAIN_TRUST_ACCOUNT": 2048, | |
| "WORKSTATION_TRUST_ACCOUNT": 4096, | |
| "SERVER_TRUST_ACCOUNT": 8192, | |
| "DONT_EXPIRE_PASSWORD": 65536, | |
| "MNS_LOGON_ACCOUNT": 131072, | |
| "SMARTCARD_REQUIRED": 262144, | |
| "TRUSTED_FOR_DELEGATION": 524288, | |
| "NOT_DELEGATED": 1048576, | |
| "USE_DES_KEY_ONLY": 2097152, | |
| "DONT_REQ_PREAUTH": 4194304, | |
| "PASSWORD_EXPIRED": 8388608, | |
| "TRUSTED_TO_AUTH_FOR_DELEGATION": 16777216, | |
| "PARTIAL_SECRETS_ACCOUNT": 67108864 | |
| } | |
| def get_user_account_control_flags(value): | |
| flags_table = set_user_account_control_value_table() | |
| sorted_flags = dict(sorted(flags_table.items(), key=lambda item: item[1])) | |
| return [name for name, bit in sorted_flags.items() if value & bit] | |
| def compute_user_account_control_value(flag_names): | |
| flags_table = set_user_account_control_value_table() | |
| value = 0 | |
| for name in flag_names: | |
| upper = name.strip().upper() | |
| if upper in flags_table: | |
| value |= flags_table[upper] | |
| else: | |
| raise ValueError(f"Invalid flag: {name}") | |
| return value | |
| def main(): | |
| parser = argparse.ArgumentParser( | |
| description="Decode or compute userAccountControl flags." | |
| ) | |
| group = parser.add_mutually_exclusive_group(required=True) | |
| group.add_argument( | |
| "-d", "--decode", type=int, | |
| help="Decode a userAccountControl integer value into flags." | |
| ) | |
| group.add_argument( | |
| "-c", "--compute", nargs="+", | |
| help="Compute userAccountControl integer value from a list of flags." | |
| ) | |
| args = parser.parse_args() | |
| if args.decode is not None: | |
| flags = get_user_account_control_flags(args.decode) | |
| print(f"Flags set for value {args.decode}:") | |
| for flag in flags: | |
| print(f"- {flag}") | |
| elif args.compute is not None: | |
| try: | |
| result = compute_user_account_control_value(args.compute) | |
| print(f"Bitmask value for flags {args.compute}: {result}") | |
| except ValueError as e: | |
| print(f"Error: {e}") | |
| if __name__ == "__main__": | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment