Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

secure text string in form using powershell

Posted on 2011-02-15
13
Medium Priority
?
3,063 Views
Last Modified: 2012-08-13
I want to secure the string rather than it come across as plain text. This is what I have so far

 
#Pop up box for username and Password###############################################################
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 

$objForm = New-Object System.Windows.Forms.Form 
$objForm.Text = "Set Attribute Information for User"
$objForm.Size = New-Object System.Drawing.Size(300,180) 
$objForm.StartPosition = "CenterScreen"

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter") 
    {$User=$objTextBox.Text;$objForm.Close()}
	{$pw=$objTextBox2.text;$ObjForm.close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape") 
    {$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,125)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.Add_Click({$user=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,125)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20) 
$objLabel.Size = New-Object System.Drawing.Size(280,20) 
$objLabel.Text = "Enter Username: (Domain\Username)"
$objForm.Controls.Add($objLabel) 
$objTextBox = New-Object System.Windows.Forms.TextBox 
$objTextBox.Location = New-Object System.Drawing.Size(10,40) 
$objTextBox.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox) 
$objLabel2 = New-Object System.Windows.Forms.Label
$objLabel2.Location = New-Object System.Drawing.Size(10,70) 
$objLabel2.Size = New-Object System.Drawing.Size(280,20) 
$objLabel2.Text = "Enter Password"
$objForm.Controls.Add($objLabel2)
$objTextBox2 = New-Object System.Windows.Forms.TextBox 
$objTextBox2.Location = New-Object System.Drawing.Size(10,90) 
$objTextBox2.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox2) 

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

[void] $user
[void] $pw

Open in new window


Any Ideas?
0
Comment
Question by:ntr2def
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
  • 2
13 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 668 total points
ID: 34902003

What are you going to do with $pw?

You can't implicitly return a SecureString from a TextBox, the return types aren't compatible. There are third-party assemblies that can make a TextBox that will return a SecureString, but that's not quite the same or as easy as native support.

An example of an assembly to do that would be this:

http://weblogs.asp.net/pglavich/archive/2006/02/26/securepasswordtextbox-a-textbox-that-uses-the-securestring-class.aspx

Bit tricky because you have to make sure it works with Windows.System.Forms, not System.Web.UI.

If all you need do is convert a plain text string from the TextBox into a SecureString then you can do this after you've read it:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902038
im using my $pw to store what input the password box, however when i type my password in that box i want it to read ***** rather than "test1"
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902067
I figured it out
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 1

Author Comment

by:ntr2def
ID: 34902078
Simply adding

$objTextBox2.UseSystemPasswordChar = $True

after :
$objTextBox2 = New-Object System.Windows.Forms.TextBox
$objTextBox2.Location = New-Object System.Drawing.Size(10,90)
$objTextBox2.Size = New-Object System.Drawing.Size(260,20)

Did the job
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902100
but maybe you can help me with storing that password and using it in

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

it seems not to like the connectionPassword as $pw
0
 

Assisted Solution

by:someOne2010
someOne2010 earned 332 total points
ID: 34902109
you mean you need to Encrypt the password or just display the pass input as *

this will display the pass as *
$objTextBox2.PasswordChar = "*"

and this post can help you to Encrypt and Decrypt

http://poshcode.org/116
and if you need any other help let me know
[Reflection.Assembly]::LoadWithPartialName("System.Security")
 
function Encrypt-String($String, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key", [switch]$arrayOutput)
{
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
   
   $c = $r.CreateEncryptor()
   $ms = new-Object IO.MemoryStream
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
   $sw = new-Object IO.StreamWriter $cs
   $sw.Write($String)
   $sw.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
   [byte[]]$result = $ms.ToArray()
   if($arrayOutput) {
      return $result
   } else {
      return [Convert]::ToBase64String($result)
   }
}
 
function Decrypt-String($Encrypted, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key")
{
   if($Encrypted -is [string]){
      $Encrypted = [Convert]::FromBase64String($Encrypted)
   }
 
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
   $d = $r.CreateDecryptor()
   $ms = new-Object IO.MemoryStream @(,$Encrypted)
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
   $sr = new-Object IO.StreamReader $cs
   Write-Output $sr.ReadToEnd()
   $sr.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
}

Open in new window

0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902335
That works as well but my issue comes to this line:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

its not accepting my password, states that the password is empty or null
0
 

Expert Comment

by:someOne2010
ID: 34902397
you forget to pass the password from the text box
you should

do at line 54
$pw=$objTextBox2.text
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902571
after i input the syntax i get a new error:

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert
 the "" value of type "System.String" to type "System.Security.SecureString".
At
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], Param
   eterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles
   .ArsPowerShellSnapIn.Cmdlets.ConnectCmdlet
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902586
can you look at lines 10-15 could that be the problem?
0
 

Expert Comment

by:someOne2010
ID: 34902649
from the error i think you need to convert the password to secure string

you can do that as fallwoing

$secure_string_pwd = convertto-securestring $pw -asplaintext -force
and try to pass the $secure_string_pwd variable instead of  $pw


This command converts the plain text string
into a secure string and stores the result in the $secure_string_pwd variable
i hope this will help
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34907755
now i get

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert the "Test" value of type "System.String" to type "System.Security.SecureString".
At G:\Scripts\AccountActivity\Scripts\PowershellScripts\SetSingleUserServiceAttribute.ps1:61 char:64
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles.ArsPowerShellSnapIn.Cmdlets.
   ConnectCmdlet
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 668 total points
ID: 34908117
You should not reuse the variable name in this instance, strong-typing will kill it.

$pw : The thing you read from the text box
$SecurePW : $pw converted into a secure string

Then:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $SecurePW

It's why I used a different variable name in my first example:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question