Windows
Analysis Report
convergedlogin_ppassword_4d39c0367444c533fcd7[1].js
Overview
General Information
Detection
Score: | 22 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
wscript.exe (PID: 6784 cmdline:
C:\Windows \System32\ WScript.ex e "C:\User s\user\Des ktop\conve rgedlogin_ ppassword_ 4d39c03674 44c533fcd7 [1].js" MD5: A47CBE969EA935BDD3AB568BB126BC80)
- cleanup
System Summary |
---|
Source: | Author: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: |
Source: | Author: Michael Haag: |
Click to jump to signature section
Source: | String found in binary or memory: |
Source: | Initial sample: |
Source: | Classification label: |
Source: | Key opened: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Window found: | Jump to behavior |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Key value queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 2 Scripting | Valid Accounts | Windows Management Instrumentation | 2 Scripting | 1 DLL Side-Loading | 1 DLL Side-Loading | OS Credential Dumping | 2 System Information Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 DLL Side-Loading | Boot or Logon Initialization Scripts | 1 Obfuscated Files or Information | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs | |||
0% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Virustotal | Browse |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1457922 |
Start date and time: | 2024-06-16 05:00:15 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 1m 58s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 1 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | convergedlogin_ppassword_4d39c0367444c533fcd7[1].js |
Detection: | SUS |
Classification: | sus22.winJS@1/0@0/0 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
File type: | |
Entropy (8bit): | 5.188618753384868 |
TrID: |
|
File name: | convergedlogin_ppassword_4d39c0367444c533fcd7[1].js |
File size: | 26'667 bytes |
MD5: | dddfcd955825de1baf18c77ffebe280f |
SHA1: | 02e4095fcf24fd7ab7961243b54cdd507d278c5b |
SHA256: | 81438c263daeca888080d42b1fd6e0acb218619bfb0032c70af0275a98d6b1f9 |
SHA512: | 7770981ac96e1f0f0be88685a9391aa6e8d3db4262b2f459e62dd31b1b23e3979fe70fe8b88d3469b94f76b1f074d720296c71e6393337f802cc395186dcc5fa |
SSDEEP: | 384:D0pbpqfnhai/BhyCl3ows8ecLfonLiylcURq0/A3bFphX/S5g:0t68ClfVecLQnrblg |
TLSH: | 2DC2E851BC91083002DAC1B6D6328D08F139FAC6945F8C90BA7DD6CB1B63D16ED2F86B |
File Content Preview: | /*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice a |
Icon Hash: | 68d69b8bb6aa9a86 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Target ID: | 0 |
Start time: | 23:01:06 |
Start date: | 15/06/2024 |
Path: | C:\Windows\System32\wscript.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff77b420000 |
File size: | 170'496 bytes |
MD5 hash: | A47CBE969EA935BDD3AB568BB126BC80 |
Has elevated privileges: | false |
Has administrator privileges: | false |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Call Graph
Graph
- Executed
- Not Executed
Script: |
---|
Code | ||
---|---|---|
0 | ( window.webpackJsonp = window.webpackJsonp || [] ).push ( [ [ 26 ], | |
1 | { | |
2 | 492 : function (e, n, t) { | |
3 | var o = t ( 2 ), r = t ( 0 ), i = t ( 1 ), s = t ( 4 ), a = t ( 650 ), d = t ( 3 ), c = t ( 33 ), l = t ( 35 ), u = t ( 11 ).getInstance ( window.ServerData ), p = t ( 8 ), w = t ( 7 ), v = t ( 14 ), f = t ( 5 ), x = t ( 9 ), h = t ( 16 ), _ = t ( 20 ); | |
4 | var k = window, b = d.String, T = r.PaginatedState, g = r.LoginMode, P = r.CredentialType, C = r.EstsError, m = i.Helper, S = a.GrctResultAction; | |
5 | function R(e) { | |
6 | var n = this, r = e.serverData, i = e.serverError, d = e.isInitialView, c = e.username, k = e.displayName || "", R = e.hipRequiredForUsername, y = e.passwordBrowserPrefill, D = e.availableCreds || [], L = e.evictedCreds || [], E = e.defaultKmsiValue, I = e.userTenantBranding, F = e.sessions, B = e.callMetadata, A = e.flowToken, U = e.useEvictedCredentials, V = e.showCredViewBrandingDesc, W = e.supportsNativeCredentialRecovery, O = e.forgotPasswordText, H = e.accessRecoveryLink, N = e.boilerPlateText, M = e.hideAccountResetCredentials, q = r.str, K = r.iLoginMode, G = r.urlHIPScript, Z = r.sRemoteConnectAppName, j = r.fAllowCancel, J = r.urlSwitch, z = r.urlSkipZtd, $ = r.fLockUsername, X = r.fShowSwitchUser, Y = r.fPOST_ForceSignin, Q = r.sZtdFriendlyName, ee = r.sZtdTenantName, ne = r.sZtdUpnHint, te = r.fShowButtons, oe = r.sErrorCode, re = r.fShowHipOnNewView, ie = ( r.fLogSkipToOfflineAccountAction, r.fHideOfflineAccountWithNoSkipString, r.sUnauthSessionID ), se = r.iRequestLCID, ae = r.sSiteId, de = r.sClientId, ce = r.sForwardedClientId, le = r.sNoPaBubbleVersion, ue = r.fShouldSupportTargetCredentialForRecovery, pe = r.urlResetPassword, we = r.fFixUrlResetPassword, ve = r.fEnableLivePreview, fe = ! ! r.fDeprecateHipLockout, xe = ! 1, he = null, _e = ! 1, ke = ! 1, | |
7 | be = { | |
8 | }, Te = null, | |
9 | ge = { | |
10 | }, Pe = ! 1, Ce = o.observable ( ! 1 ), me = o.observable ( ); | |
11 | function Se() { | |
12 | n.onSubmitReady ( ); | |
13 | } | |
14 | function Re(e) { | |
15 | n.isBackButtonVisible ( e ), n.onSetBackButtonState ( te && e ); | |
16 | } | |
17 | function ye(e) { | |
18 | return e.getResponseJson && ( e = e.getResponseJson ( ) ), | |
19 | { | |
20 | success : ! 0, | |
21 | userCode : e.UserCode, | |
22 | deviceCode : e.SessionLookupKey | |
23 | }; | |
24 | } | |
25 | function De() { | |
26 | return n.setDefaultFocus ( ), | |
27 | { | |
28 | success : ! 1 | |
29 | }; | |
30 | } | |
31 | n.onSwitchView = s.create ( ), n.onSubmitReady = s.create ( ), n.onResetPassword = s.create ( u.getDefaultEventTracingOptions ( w.ClientTracingEventIds.ComponentEvent_LoginPaginatedPasswordView_onResetPassword, ! 0 ) ), n.onRedirect = s.create ( ), n.onSetBackButtonState = s.create ( ), n.onSetPendingRequest = s.create ( ), n.onUpdateFlowToken = s.create ( ), n.onRestoreIsRecoveryAttemptPost = s.create ( ), | |
32 | n.passwordTextbox = new l ( o.pureComputed ( | |
33 | ( function () { | |
34 | var e; | |
35 | if ( me ( ) ) | |
36 | return me ( ); | |
37 | if ( ! Ce ( ) ) | |
38 | return e = i || null, i = null, e; | |
39 | return n.passwordTextbox.value ( ) ? null : q.CT_PWD_STR_Error_MissingPassword; | |
40 | } ) ) , y ) , | |
41 | n.passwordTextbox.value.extend ( | |
42 | { | |
43 | logValue : u.getPasswordTextBoxPropertyLogOption ( n, | |
44 | { | |
45 | eventId : w.ClientTracingEventIds.PropertyValue_LoginPaginatedPasswordView_Password | |
46 | } ) | |
47 | } ) , | |
48 | n.passwordTextbox.error.extend ( | |
49 | { | |
50 | logValue : u.getPropertyLogOption ( n, | |
51 | { | |
52 | eventId : w.ClientTracingEventIds.PropertyValue_LoginPaginatedPasswordView_ClientError | |
53 | } ) | |
54 | } ) , n.hipInterface = o.observable ( ), | |
55 | n.isKmsiChecked = o.observable ( E ).extend ( | |
56 | { | |
57 | logValue : u.getPropertyLogOption ( n, | |
58 | { | |
59 | eventId : w.ClientTracingEventIds.PropertyValue_LoginPaginatedPasswordView_KMSI | |
60 | } ) | |
61 | } ) , n.isRequestPending = o.observable ( ! 1 ), n.unsafe_username = o.observable ( ), n.showTileLogo = o.observable ( ! 1 ), n.isBackButtonVisible = o.observable ( ! 1 ), n.secondaryButtonText = o.observable ( ), n.useEvictedCredentials = o.observable ( U ), n.showPassword = o.observable ( ! 1 ), n.shouldHipInit = o.observable ( ! 1 ), n.tenantBranding = null, n.unsafe_displayName = null, n.username = c, n.unsafe_passwordAriaLabel = null, n.hasRemoteNgc = ! 1, n.availableCreds = D, n.evictedCreds = L, n.allowPhoneDisambiguation = ! 1, n.unsafe_pageDescription = null, n.unsafe_pageTitle = null, n.unsafe_skipZTDLinkText = null, n.isInitialView = d, n.showHipOnPasswordView = ! 1, n.showChangeUserLink = ! 1, n.callMetadata = B, n.flowToken = A, n.showCredViewBrandingDesc = V, n.supportsNativeCredentialRecovery = W, n.hideForgotMyPassword = ! 1, n.unsafe_forgotPasswordText = q.STR_SSSU_ForgotPassword || q.CT_PWD_STR_ForgotPwdLink_Text, n.hidePasswordReset = ! 1, n.accessRecoveryLink = null, n.resetPasswordUrl = null, n.boilerPlateText = null, | |
62 | u.attachViewLoadClientTracingOptions ( n, | |
63 | { | |
64 | eventId : w.ClientTracingEventIds.Event_LoginPaginatedPasswordView_onLoad | |
65 | } ) , | |
66 | n.saveSharedData = | |
67 | function (e) { | |
68 | var t = be.result; | |
69 | e.remoteNgcParams.requestSent = ! 1, e.useEvictedCredentials = _e || n.useEvictedCredentials ( ), e.password = n.passwordTextbox.value ( ), e.showCredViewBrandingDesc = ! 1, e.remoteLoginUserCode = t ? t.userCode : null, e.remoteLoginDeviceCode = t ? t.deviceCode : null, ue ? e.targetCredentialForRecovery = Pe ? P.Password : P.None : e.isRecoveryAttemptPost = Pe, he && ( e.otcCredential = he ), Pe && ( e.recoveryCredentialsData = ge ); | |
70 | }, | |
71 | n.getState = | |
72 | function () { | |
73 | return { | |
74 | isKmsiChecked : n.isKmsiChecked ( ), | |
75 | useEvictedCredentials : n.useEvictedCredentials ( ), | |
76 | grctRequestHelperState : W ? Te.getState ( ) : null | |
77 | }; | |
78 | }, | |
79 | n.restoreState = | |
80 | function (e) { | |
81 | e && ( n.isKmsiChecked ( e.isKmsiChecked ), n.useEvictedCredentials ( e.useEvictedCredentials ), W && Te.restoreState ( e.grctRequestHelperState ) ); | |
82 | }, | |
83 | n.setDefaultFocus = | |
84 | function () { | |
85 | n.passwordTextbox.focused ( ! 0 ); | |
86 | }, | |
87 | n.primaryButton_onClick = | |
88 | function () { | |
89 | var e = n.hipInterface ( ); | |
90 | if ( ! xe && ! n.isRequestPending ( ) ) | |
91 | if ( Ce ( ! 0 ), e && e.enableValidation ( ), null === n.passwordTextbox.error ( ) ) | |
92 | if ( e ) | |
93 | { | |
94 | if ( null !== e.getError ( ) ) | |
95 | return void e.focus ( ); | |
96 | xe = ! 0, | |
97 | e.verify ( | |
98 | ( function () { | |
99 | xe = ! 1, Se ( ); | |
100 | } ) ) ; | |
101 | } | |
102 | else | |
103 | ke && re ? n.onSwitchView ( T.Hip ) : Se ( ); | |
104 | else | |
105 | n.setDefaultFocus ( ); | |
106 | }, | |
107 | n.secondaryButton_onClick = | |
108 | function () { | |
109 | n.onSwitchView ( T.Previous ); | |
110 | }, | |
111 | n.phoneDisambiguation_onClick = | |
112 | function () { | |
113 | n.onSwitchView ( T.PhoneDisambiguation ); | |
114 | }, | |
115 | n.resetPassword_onClick = | |
116 | function () { | |
117 | if ( W ) | |
118 | { | |
119 | var e = m.htmlUnescape ( k ); | |
120 | n.isRequestPending ( ! 0 ), n.onSetPendingRequest ( ! 0 ), | |
121 | x.throwUnhandledExceptionOnRejection ( Te.sendAsync ( e, A, P.Password ).then ( | |
122 | ( function (e) { | |
123 | switch ( n.isRequestPending ( ! 1 ) , n.onSetPendingRequest ( ! 1 ) , e.flowToken && ( A = e.flowToken, n.onUpdateFlowToken ( e.flowToken ) ), e.action ) { | |
124 | case S.ShowError : | |
125 | me ( e.error ), n.setDefaultFocus ( ); | |
126 | break ; | |
127 | case S.SwitchView : | |
128 | ge = o.utils.extend ( e.sharedData, | |
129 | e.viewParams || { | |
130 | } ) , Pe = ! 0, n.onSwitchView ( e.viewId ); | |
131 | } | |
132 | } ) ) ) ; | |
133 | } | |
134 | else | |
135 | n.onResetPassword ( k ); | |
136 | }, | |
137 | n.selectAccount_onClick = | |
138 | function () { | |
139 | $ && J ? n.onRedirect ( | |
140 | { | |
141 | url : J, | |
142 | eventOptions : { | |
143 | eventId : p.EventIds.Redriect_SwitchUser | |
144 | } | |
145 | } ) : n.onSwitchView ( F.length ? T.Tiles : T.Username ); | |
146 | }, | |
147 | n.hip_onHipLoad = | |
148 | function () { | |
149 | n.isRequestPending ( ! 1 ), null !== n.passwordTextbox.error ( ) && n.setDefaultFocus ( ); | |
150 | }, | |
151 | n.skip_onClick = | |
152 | function () { | |
153 | null; | |
154 | }, | |
155 | n.switchToRemoteNGC_onClick = | |
156 | function () { | |
157 | n.onSwitchView ( T.RemoteNGC ); | |
158 | }, | |
159 | n.skipZtd_onClick = | |
160 | function () { | |
161 | n.onRedirect ( | |
162 | { | |
163 | url : z, | |
164 | eventOptions : { | |
165 | eventId : p.EventIds.Redirect_SkipZeroTouch | |
166 | } | |
167 | } ) ; | |
168 | }, | |
169 | n.privacy_onClick = | |
170 | function () { | |
171 | n.onSwitchView ( T.ViewAgreement ); | |
172 | }, | |
173 | n.tileLogo_onLoad = | |
174 | function () { | |
175 | n.showTileLogo ( ! 0 ); | |
176 | }, | |
177 | n.desktopSso_onSuccess = | |
178 | function () { | |
179 | n.onSubmitReady ( ); | |
180 | }, | |
181 | n.switchToEvictedCredPicker_onClick = | |
182 | function () { | |
183 | _e = ! 0, n.onSwitchView ( T.CredentialPicker ); | |
184 | }, | |
185 | n.credSwitchLink_onSwitchView = | |
186 | function (e, t, o) { | |
187 | o && ( he = o ), n.onSwitchView ( e, t ); | |
188 | }, | |
189 | n.credSwitchLink_onSetPendingRequest = | |
190 | function (e) { | |
191 | n.onSetPendingRequest ( e ), n.isRequestPending ( e ); | |
192 | }, | |
193 | n.credSwitchLink_onUpdateFlowToken = | |
194 | function (e) { | |
195 | e && ( A = e, n.onUpdateFlowToken ( e ) ); | |
196 | }, | |
197 | n.remoteLogin_onClick = | |
198 | function () { | |
199 | var e; | |
200 | x.throwUnhandledExceptionOnRejection ( ( e = h.Purpose.XboxRemoteConnect, | |
201 | function (e) { | |
202 | return new f ( | |
203 | ( function (n, t) { | |
204 | new _ ( | |
205 | { | |
206 | purpose : e, | |
207 | flowToken : A, | |
208 | unauthSessionId : ie, | |
209 | lcid : se, | |
210 | siteId : ae, | |
211 | clientId : de, | |
212 | forwardedClientId : ce, | |
213 | noPaBubbleVersion : le, | |
214 | successCallback : n, | |
215 | failureCallback : t | |
216 | } ) .sendRequest ( ); | |
217 | } ) ) ; | |
218 | } ( e ).then ( ye, De ) ).then ( | |
219 | ( function (e) { | |
220 | e.success && ( be.result = e, n.onSwitchView ( T.RemoteLoginPolling ) ); | |
221 | } ) ) ) ; | |
222 | }, | |
223 | function () { | |
224 | var e = m.htmlUnescape ( k ); | |
225 | if ( n.unsafe_username ( m.htmlUnescape ( c ) ), | |
226 | n.unsafe_displayName = o.observable ( e ).extend ( | |
227 | { | |
228 | preventExternalWrite : null | |
229 | } ) , n.allowPhoneDisambiguation = ! $ && ! b.isEmailAddress ( k ) && ! b.isSkypeName ( k ) && b.isPhoneNumber ( k ), | |
230 | n.hasRemoteNgc = ! ! o.utils.arrayFirst ( D, | |
231 | ( function (e) { | |
232 | return e.credType === P.RemoteNGC; | |
233 | } ) ) , ke = ! ! G && c === R, n.showHipOnPasswordView = ke && ! re && ! fe, n.showChangeUserLink = X && ( $ && J || d ), n.tenantBranding = I, | |
234 | Z && d ? n.unsafe_pageDescription = b.format ( q.CT_PWD_STR_RemoteConnect_PasswordPage_Desc, Z, e ) : K === g.ForceSignin || K === g.ForceSigninMobile || K === g.ForceSigninHost || Y ? n.unsafe_pageDescription = | |
235 | function (e, n) { | |
236 | switch ( e ) { | |
237 | case C.SsoArtifactExpiredDueToConditionalAccess : | |
238 | return q.WF_STR_ASLP_Info; | |
239 | case C.SsoArtifactExpiredDueToConditionalAccessReAuth : | |
240 | return q.WF_STR_ReAuth_Info; | |
241 | default : | |
242 | return b.format ( q.WF_STR_ForceSI_Info, n ); | |
243 | } | |
244 | } ( oe, e ) : q.CT_PWD_STR_EnterPassword_Desc && ( n.unsafe_pageDescription = b.format ( q.CT_PWD_STR_EnterPassword_Desc, e ) ), ne && ee ) | |
245 | { | |
246 | var i = m.htmlUnescape ( ee ); | |
247 | n.unsafe_pageTitle = Q ? b.format ( q.CT_Win10_PwdWithOrgDomain_AndFriendlyName, m.htmlUnescape ( Q ), i ) : b.format ( q.CT_Win10_STR_Pwd_Title_WithOrgDomain, i ), n.unsafe_skipZTDLinkText = b.format ( q.CT_Win10_STR_Pwd_StartOver_WithOrgDomain, i ); | |
248 | } | |
249 | else | |
250 | n.unsafe_pageTitle = q.CT_PWD_STR_EnterYourPassword_Title, n.unsafe_skipZTDLinkText = q.CT_Win10_STR_StartOver; | |
251 | if ( n.unsafe_passwordAriaLabel = b.format ( q.CT_PWD_STR_PwdTB_AriaLabel, e ), n.showHipOnPasswordView && n.isRequestPending ( ! 0 ), | |
252 | n.unsafe_displayName.subscribe ( | |
253 | ( function () { | |
254 | setTimeout ( | |
255 | ( function () { | |
256 | n.passwordTextbox.value ( null ); | |
257 | } ), 0 ) ; | |
258 | } ) ) , d ? j && Re ( ! 0 ) : Re ( ! 0 ), G && n.showHipOnPasswordView && t.e ( 1 ) .then ( function () {
t ( 865 ) , n.shouldHipInit ( ! 0 ) ;}.bind ( null, t ) ) ["catch"] ( t.oe ), I ) | |
259 | { | |
260 | var s = v.getLayoutTemplateConfig ( I ); | |
261 | I.ForgotPasswordText && ( n.unsafe_forgotPasswordText = m.htmlUnescape ( I.ForgotPasswordText ) ), n.accessRecoveryLink = I.AccessRecoveryLink, n.hideForgotMyPassword = s.hideAccountResetCredentials, n.hidePasswordReset = s.hideAccountResetCredentials; | |
262 | } | |
263 | W ? ( Te = new a ( r ), n.onRestoreIsRecoveryAttemptPost ( ), we && ( n.resetPasswordUrl = n.accessRecoveryLink ) ) : we && ( n.resetPasswordUrl = n.accessRecoveryLink || pe ), ve && ( n.unsafe_forgotPasswordText = m.htmlUnescape ( O ( ) ), n.accessRecoveryLink = H, n.hideForgotMyPassword = M, n.boilerPlateText = m.htmlUnescape ( N ( ) ) ); | |
264 | } ( ); | |
265 | } | |
266 | c.applyExtenders ( o ), | |
267 | o.components.register ( "login-paginated-password-view", | |
268 | { | |
269 | viewModel : R, | |
270 | template : t ( 651 ), | |
271 | synchronous : ! k.ServerData.iMaxStackForKnockoutAsyncComponents || i.Helper.isStackSizeGreaterThan ( k.ServerData.iMaxStackForKnockoutAsyncComponents ), | |
272 | enableExtensions : ! 0 | |
273 | } ) , e.exports = R; | |
274 | }, | |
275 | 650 : function (e, n, t) { | |
276 | var o = t ( 0 ), r = t ( 5 ), i = t ( 3 ), s = t ( 12 ), a = t ( 8 ), d = i.String, c = i.Object, l = o.CredentialType, u = o.ApiErrorCodes, p = o.EstsError, w = o.PaginatedState, | |
277 | v = x.GrctResultAction = | |
278 | { | |
279 | ShowError : 1, | |
280 | SwitchView : 2 | |
281 | }, | |
282 | f = x.GrctRequestHelperFlags = | |
283 | { | |
284 | DisableAutoSend : 1 | |
285 | }; | |
286 | function x(e, n) { | |
287 | var t = this, | |
288 | x = { | |
289 | }, h = e, _ = 0 != ( n & f.DisableAutoSend ), k = h.str, b = h.fCheckApiCanary, T = h.urlGetRecoveryCredentialType, | |
290 | g = h.arrProofData || { | |
291 | }, P = h.fIsRestrictedWsi; | |
292 | function C(e) { | |
293 | e.proof.str = | |
294 | { | |
295 | }, | |
296 | c.extend ( e.proof.str, | |
297 | g[e.proof.type] || { | |
298 | } ) ; | |
299 | } | |
300 | function m(e) { | |
301 | var n = { | |
302 | }; | |
303 | if ( e && e.error ) | |
304 | switch ( e.error.code ) { | |
305 | case u.AuthFailure : | |
306 | n = y ( k.CT_PWD_STR_Error_FlowTokenExpired ); | |
307 | break ; | |
308 | case p.TenantDoesNotSupportNativeCredentialRecovery : | |
309 | case p.UserDoesNotSupportNativeCredentialRecovery : | |
310 | case p.CredentialDoesNotSupportNativeRecovery : | |
311 | n = y ( k.CT_PWD_STR_Error_CredentialDoesNotSupportNativeRecovery ); | |
312 | break ; | |
313 | default : | |
314 | n = y ( k.CT_PWD_STR_Error_GetRecoveryCredentialTypeError ); | |
315 | } | |
316 | else | |
317 | n = y ( k.CT_PWD_STR_Error_GetRecoveryCredentialTypeError ); | |
318 | return n.flowToken = e.FlowToken || null, n; | |
319 | } | |
320 | function S(e) { | |
321 | var n = e.Credentials, t = null; | |
322 | return n && ( t = n.PrefCredential ), t; | |
323 | } | |
324 | function R(e, n) { | |
325 | return { | |
326 | action : v.SwitchView, | |
327 | viewId : e, | |
328 | viewParams : n | |
329 | }; | |
330 | } | |
331 | function y(e, n, t) { | |
332 | return { | |
333 | action : v.ShowError, | |
334 | error : e, | |
335 | isBlockingError : n, | |
336 | bypassCache : t | |
337 | }; | |
338 | } | |
339 | t.sendAsync = | |
340 | function (e, n, i) { | |
341 | var c = d.cleanseUsername ( e, ! 0 ), u = x[c] ? x[c] : null, | |
342 | p = u || function (e, n) { | |
343 | return new r ( | |
344 | ( function (t, r) { | |
345 | new s ( | |
346 | { | |
347 | checkApiCanary : b | |
348 | } ) .Json ( | |
349 | { | |
350 | url : T, | |
351 | eventId : a.EventIds.Api_GetRecoveryCredentialType | |
352 | }, | |
353 | { | |
354 | targetCredential : e, | |
355 | flowToken : n | |
356 | }, t, r, o.DefaultRequestTimeout ) ; | |
357 | } ) ) ; | |
358 | } ( i, n ); | |
359 | return r.all ( [ p ] ).then ( | |
360 | ( function (e) { | |
361 | var n = e[0]; | |
362 | return function (e, n) { | |
363 | var o = { | |
364 | }, r = t.getGrctSharedData ( e, n ); | |
365 | ( o = | |
366 | function (e) { | |
367 | var n = S ( e ); | |
368 | if ( P && ! ( e.Credentials.HasPassword || e.Credentials.HasGoogleFed || e.Credentials.HasCertAuth || e.Credentials.HasFido || e.Credentials.HasRemoteNGC || e.Credentials.HasPhone || e.Credentials.HasFacebookFed ) && n !== l.AccessPass ) | |
369 | return R ( w.MoreInfo ); | |
370 | switch ( n ) { | |
371 | case l.OneTimeCode : | |
372 | var t = w.OneTimeCodeRecovery; | |
373 | return _ && ( t = w.ConfirmSend ), R ( t ); | |
374 | default : | |
375 | return y ( k.CT_PWD_STR_Error_GetRecoveryCredentialTypeError, ! 1, ! 0 ); | |
376 | } | |
377 | } ( n ) ).flowToken = n.FlowToken || null, o.bypassCache || ( x[e] = n, x[e].FlowToken = null ); | |
378 | return o.sharedData = r, o; | |
379 | } ( c, n ); | |
380 | } ), m ) ; | |
381 | }, | |
382 | t.getState = | |
383 | function () { | |
384 | return { | |
385 | cache : x | |
386 | }; | |
387 | }, | |
388 | t.restoreState = | |
389 | function (e) { | |
390 | e && ( x = e.cache || { | |
391 | } ); | |
392 | }, | |
393 | t.getGrctSharedData = | |
394 | function (e, n) { | |
395 | var t = { | |
396 | }, o = S ( n ); | |
397 | return t.preferredCredential = o, | |
398 | t.availableRecoveryCreds = | |
399 | function (e, n) { | |
400 | var t = []; | |
401 | if ( g[PROOF.Type.Email] ) | |
402 | { | |
403 | var o = function (e, n) { | |
404 | var t = []; | |
405 | if ( S ( n ) === l.OneTimeCode ) | |
406 | { | |
407 | var o = { | |
408 | credType : l.OneTimeCode, | |
409 | proof : { | |
410 | display : e, | |
411 | data : d.cleanseUsername ( e ), | |
412 | otcSent : ! 0, | |
413 | isEncrypted : ! 1, | |
414 | isDefault : ! 0, | |
415 | isNopa : ! 0, | |
416 | type : PROOF.Type.Email | |
417 | } | |
418 | }; | |
419 | t.push ( o ); | |
420 | } | |
421 | return t; | |
422 | } ( e, n ); | |
423 | o.length > 0 && ( i.Array.forEach ( o, C ), t = t.concat ( o ) ); | |
424 | } | |
425 | return t; | |
426 | } ( e, n ), | |
427 | o === l.OneTimeCode && ( t.otcCredential = i.Array.first ( t.availableRecoveryCreds, | |
428 | ( function (e) { | |
429 | return e.credType === l.OneTimeCode && e.proof.otcSent; | |
430 | } ) ) ), | |
431 | t.otcParams = | |
432 | { | |
433 | requestSent : o === l.OneTimeCode | |
434 | }, t; | |
435 | }; | |
436 | } | |
437 | e.exports = x; | |
438 | }, | |
439 | 651 : function (e, n, t) { | |
440 | e.exports = "\x3c!-- " + ( t ( 36 ), t ( 13 ), t ( 34 ), ' --\x3e\n\n\x3c!-- --\x3e\n\n<div aria-hidden="true">\n <input type="hidden" name="i13" data-bind="value: isKmsiChecked() ? 1 : 0" />\n\n \x3c!-- ko if: svr.fIsUpdatedAutocompleteEnabled --\x3e\n <input type="hidden" name="login" autocomplete="username" data-bind="value: unsafe_username" />\n \x3c!-- /ko --\x3e\n \x3c!-- ko ifnot: svr.fIsUpdatedAutocompleteEnabled --\x3e\n <input type="hidden" name="login" data-bind="value: unsafe_username" />\n \x3c!-- /ko --\x3e\n\n \x3c!-- The loginfmt input type is different as some password managers require it to be of type text.\n Since screen readers might not hide this input, a parent div with aria-hidden true has been added. --\x3e\n <input type="text" name="loginfmt" data-bind="moveOffScreen, value: unsafe_displayName" />\n <input type="hidden" name="type"\n data-bind="value: svr.fUseWizardBehavior ? ' ) + t ( 0 ).PostType.PasswordInline + " : " + t ( 0 ).PostType.Password + '" />\n <input type="hidden" name="LoginOptions"\n data-bind="value: isKmsiChecked() ? ' + t ( 7 ).LoginOption.RememberPWD + " : " + t ( 7 ).LoginOption.NothingChecked + '" />\n <input type="hidden" name="lrt" data-bind="value: callMetadata.IsLongRunningTransaction" />\n <input type="hidden" name="lrtPartition" data-bind="value: callMetadata.LongRunningTransactionPartition" />\n <input type="hidden" name="hisRegion" data-bind="value: callMetadata.HisRegion" />\n <input type="hidden" name="hisScaleUnit" data-bind="value: callMetadata.HisScaleUnit" />\n</div>\n\n<div id="loginHeader" class="row" data-bind="externalCss: { \'title\': true }">\n <div role="heading" aria-level="1" data-bind="text: str[\'CT_PWD_STR_EnterPassword_Title\']"></div>\n</div>\n\n\x3c!-- ko if: showCredViewBrandingDesc --\x3e\n<div class="row text-body">\n <div id="credViewBrandingDesc" class="wrap-content" data-bind="text: str[\'WF_STR_Default_Desc\']"></div>\n</div>\n\x3c!-- /ko --\x3e\n\n\x3c!-- ko if: unsafe_pageDescription --\x3e\n<div class="row text-body">\n <div id="passwordDesc" class="wrap-content" data-bind="text: unsafe_pageDescription"></div>\n</div>\n\x3c!-- /ko --\x3e\n\n<div class="row">\n <div class="form-group col-md-24">\n <div role="alert" aria-live="assertive">\n \x3c!-- ko if: passwordTextbox.error --\x3e\n \x3c!-- ko if: svr.fFixUrlResetPassword --\x3e\n <div id="passwordError" data-bind="\n externalCss: { \'error\': true },\n htmlWithBindings: passwordTextbox.error,\n childBindings: {\n \'idA_IL_ForgotPassword0\': {\n href: resetPasswordUrl || \'#\',\n attr: {\n target: accessRecoveryLink && \'_blank\',\n role: resetPasswordUrl ? \'link\' : \'button\',\n },\n click: accessRecoveryLink ? null : resetPassword_onClick } }"></div>\n \x3c!-- /ko --\x3e\n \x3c!-- ko ifnot: svr.fFixUrlResetPassword --\x3e\n <div id="passwordError" data-bind="\n externalCss: { \'error\': true },\n htmlWithBindings: passwordTextbox.error,\n childBindings: {\n \'idA_IL_ForgotPassword0\': {\n href: accessRecoveryLink || svr.urlResetPassword,\n attr: {\n target: accessRecoveryLink && \'_blank\',\n role: supportsNativeCredentialRecovery ? \'button\' : \'link\'\n },\n click: accessRecoveryLink ? null : resetPassword_onClick } }"></div>\n \x3c!-- /ko --\x3e\n \x3c!-- /ko --\x3e\n </div>\n\n <div class="placeholderContainer" data-bind="component: { name: \'placeholder-textbox-field\',\n publicMethods: passwordTextbox.placeholderTextboxMethods,\n params: {\n serverData: svr,\n hintText: str[\'CT_PWD_STR_PwdTB_Label\'] },\n event: {\n updateFocus: passwordTextbox.textbox_onUpdateFocus } }">\n\n <input name="passwd" type="password" id="i0118" class="form-control" aria-required="true" data-bind="\n attr: { autocomplete: svr.fIsUpdatedAutocompleteEnabled ? \'current-password\' : \'off\'},\n textInput: passwordTextbox.value,\n ariaDescribedBy: [\n \'loginHeader passwordError\',\n showCredViewBrandingDesc ? \'credViewBrandingDesc\' : \'\',\n unsafe_pageDescription ? \'passwordDesc\' : \'\'].join(\' \'),\n hasFocusEx: passwordTextbox.focused() && !showPassword(),\n placeholder: $placeholderText,\n ariaLabel: unsafe_passwordAriaLabel,\n moveOffScreen: showPassword,\n externalCss: {\n \'input\': true,\n \'text-box\': true,\n \'has-error\': passwordTextbox.error }" />\n\n \x3c!-- ko if: svr.fUsePasswordPeek && showPassword() --\x3e\n <input type="text" autocomplete="off" class="form-control" aria-required="true" data-bind="\n textInput: passwordTextbox.value,\n ariaDescribedBy: [\n \'loginHeader\',\n showCredViewBrandingDesc ? \'credViewBrandingDesc\' : \'\',\n unsafe_pageDescription ? \'passwordDesc\' : \'\'].join(\' \'),\n hasFocusEx: true,\n placeholder: $placeholderText,\n ariaLabel: unsafe_passwordAriaLabel,\n externalCss: {\n \'input\': true,\n \'text-box\': true,\n \'has-error\': passwordTextbox.error }" />\n \x3c!-- /ko --\x3e\n </div>\n\n \x3c!-- ko if: svr.fUsePasswordPeek --\x3e\n <div class="checkbox no-margin-bottom">\n <label>\n <input id="ShowHidePasswordCheckbox" type="checkbox" data-bind="checked: showPassword, ariaLabel: str[\'CT_PWD_STR_ShowPasswordAriaLabel\']" />\n <span id="ShowHidePasswordLabel" data-bind="text: str[\'CT_PWD_STR_ShowPasswordLabel\']"></span>\n </label>\n </div>\n \x3c!-- /ko --\x3e\n </div>\n</div>\n\n\x3c!-- ko if: shouldHipInit --\x3e\n<div data-bind="component: { name: \'hip-field\',\n publicMethods: hipInterface,\n params: {\n str: str,\n onDemandVerify: true,\n hasServerError: svr.fHIPError,\n useFake: svr.fUseFakeHIP },\n event: {\n hipLoad: hip_onHipLoad } }">\n</div>\n\x3c!-- /ko --\x3e\n\n<div data-bind="css: { \'position-buttons\': !tenantBranding.BoilerPlateText && !boilerPlateText }, externalCss: { \'password-reset-links-container\': true }">\n <div>\n \x3c!-- ko if: svr.fShowPersistentCookiesWarning --\x3e\n <div class="row text-body">\n <div id="swv-warning" class="wrap-content" data-bind="text: str[\'CT_PWD_STR_PersistentCookies_Warning\']"></div>\n </div>\n \x3c!-- /ko --\x3e\n \x3c!-- ko if: svr.fKMSIEnabled !== false && !svr.fShowPersistentCookiesWarning && !tenantBranding.KeepMeSignedInDisabled --\x3e\n <div id="idTd_PWD_KMSI_Cb" class="form-group checkbox text-block-body no-margin-top" data-bind="visible: !svr.fLockUsername && !showHipOnPasswordView">\n <label id="idLbl_PWD_KMSI_Cb">\n <input name="KMSI" id="idChkBx_PWD_KMSI0Pwd" type="checkbox" data-bind="checked: isKmsiChecked, ariaLabel: str[\'CT_PWD_STR_KeepMeSignedInCB_Text\']" />\n <span data-bind="text: str[\'CT_PWD_STR_KeepMeSignedInCB_Text\']"></span>\n </label>\n </div>\n \x3c!-- /ko --\x3e\n\n <div class="row">\n <div class="col-md-24">\n <div class="text-13">\n \x3c!-- ko if: svr.urlSkipZtd && svr.sZtdUpnHint --\x3e\n <div class="form-group">\n <a id="idSkipZtdLink" name="switchToOfflineAccount" href="#" data-bind="\n text: unsafe_skipZTDLinkText,\n click: skipZtd_onClick"></a>\n </div>\n \x3c!-- /ko --\x3e\n \x3c!-- ko ifnot: hideForgotMyPassword --\x3e\n <div class="form-group">\n \x3c!-- ko if: svr.fFixUrlResetPassword --\x3e\n <a id="idA_PWD_ForgotPassword" data-bind="\n text: unsafe_forgotPasswordText,\n href: resetPasswordUrl || \'#\',\n attr: {\n target: accessRecoveryLink && \'_blank\',\n role: resetPasswordUrl ? \'link\' : \'button\'\n },\n click: accessRecoveryLink ? null : resetPassword_onClick"></a>\n \x3c!-- /ko --\x3e\n \x3c!-- ko ifnot: svr.fFixUrlResetPassword --\x3e\n <a id="idA_PWD_ForgotPassword" role="link" href="#" data-bind="\n text: unsafe_forgotPasswordText,\n href: accessRecoveryLink || svr.urlResetPassword,\n attr: { target: accessRecoveryLink && \'_blank\' },\n click: accessRecoveryLink ? null : resetPassword_onClick"></a>\n \x3c!-- /ko --\x3e\n </div>\n \x3c!-- /ko --\x3e\n \x3c!-- ko if: allowPhoneDisambiguation --\x3e\n <div class="form-group">\n <a id="switchToPhoneDisambiguation" href="#" data-bind="text: str[\'WF_STR_ThisIsntMyNumber_Text\'], click: phoneDisambiguation_onClick"></a>\n </div>\n \x3c!-- /ko --\x3e\n \x3c!-- ko ifnot: useEvictedCredentials --\x3e\n \x3c!-- ko component: { name: "cred-switch-link-control",\n params: {\n serverData: svr,\n username: username,\n availableCreds: availableCreds,\n flowToken: flowToken,\n currentCred: { credType: ' + t ( 0 ).CredentialType.Password + ' } },\n event: {\n switchView: credSwitchLink_onSwitchView,\n redirect: onRedirect,\n setPendingRequest: credSwitchLink_onSetPendingRequest,\n updateFlowToken: credSwitchLink_onUpdateFlowToken } } --\x3e\n \x3c!-- /ko --\x3e\n\n \x3c!-- ko if: evictedCreds.length > 0 --\x3e\n <div class="form-group">\n <a id="evictedAccount" href="#" data-bind="text: str[\'CT_PWD_STR_SwitchToCredPicker_Link_EvictedAcct\'], click: switchToEvictedCredPicker_onClick"></a>\n </div>\n \x3c!-- /ko --\x3e\n \x3c!-- /ko --\x3e\n \x3c!-- ko if: showChangeUserLink --\x3e\n <div class="form-group">\n <a id="i1668" href="#" data-bind="text: str[\'CT_FED_STR_ChangeUserLink_Text\'], click: selectAccount_onClick"></a>\n </div>\n \x3c!-- /ko --\x3e\n </div>\n </div>\n </div>\n </div>\n</div>\n\n<div class="win-button-pin-bottom" data-bind="css : { \'boilerplate-button-bottom\': tenantBranding.BoilerPlateText || boilerPlateText }">\n <div class="row" data-bind="css: { \'move-buttons\': tenantBranding.BoilerPlateText || boilerPlateText }">\n <div data-bind="component: { name: \'footer-buttons-field\',\n params: {\n serverData: svr,\n primaryButtonText: str[\'CT_PWD_STR_SignIn_Button\'],\n isPrimaryButtonEnabled: !isRequestPending(),\n isPrimaryButtonVisible: svr.fShowButtons,\n isSecondaryButtonEnabled: true,\n isSecondaryButtonVisible: false },\n event: {\n primaryButtonClick: primaryButton_onClick } }">\n </div>\n </div>\n</div>\n\n\x3c!-- ko if: tenantBranding.BoilerPlateText || boilerPlateText--\x3e\n<div id="idBoilerPlateText" class="wrap-content" data-bind="\n htmlWithMods: svr.fEnableLivePreview ? boilerPlateText : tenantBranding.BoilerPlateText,\n htmlMods: { filterLinks: svr.fIsHosted },\n css: { \'transparent-lightbox\': tenantBranding.UseTransparentLightBox },\n externalCss: { \'boilerplate-text\': true }"></div>\n\x3c!-- /ko --\x3e\n'; | |
441 | } | |
442 | } ] ) , window.__convergedlogin_ppassword_4d39c0367444c533fcd7 = ! 0; |