Solved

secure text string in form using powershell

Posted on 2011-02-15
13
2,808 Views
Last Modified: 2012-08-13
I want to secure the string rather than it come across as plain text. This is what I have so far

 
#Pop up box for username and Password###############################################################
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 

$objForm = New-Object System.Windows.Forms.Form 
$objForm.Text = "Set Attribute Information for User"
$objForm.Size = New-Object System.Drawing.Size(300,180) 
$objForm.StartPosition = "CenterScreen"

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter") 
    {$User=$objTextBox.Text;$objForm.Close()}
	{$pw=$objTextBox2.text;$ObjForm.close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape") 
    {$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,125)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.Add_Click({$user=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,125)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20) 
$objLabel.Size = New-Object System.Drawing.Size(280,20) 
$objLabel.Text = "Enter Username: (Domain\Username)"
$objForm.Controls.Add($objLabel) 
$objTextBox = New-Object System.Windows.Forms.TextBox 
$objTextBox.Location = New-Object System.Drawing.Size(10,40) 
$objTextBox.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox) 
$objLabel2 = New-Object System.Windows.Forms.Label
$objLabel2.Location = New-Object System.Drawing.Size(10,70) 
$objLabel2.Size = New-Object System.Drawing.Size(280,20) 
$objLabel2.Text = "Enter Password"
$objForm.Controls.Add($objLabel2)
$objTextBox2 = New-Object System.Windows.Forms.TextBox 
$objTextBox2.Location = New-Object System.Drawing.Size(10,90) 
$objTextBox2.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox2) 

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

[void] $user
[void] $pw

Open in new window


Any Ideas?
0
Comment
Question by:ntr2def
  • 8
  • 3
  • 2
13 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 167 total points
ID: 34902003

What are you going to do with $pw?

You can't implicitly return a SecureString from a TextBox, the return types aren't compatible. There are third-party assemblies that can make a TextBox that will return a SecureString, but that's not quite the same or as easy as native support.

An example of an assembly to do that would be this:

http://weblogs.asp.net/pglavich/archive/2006/02/26/securepasswordtextbox-a-textbox-that-uses-the-securestring-class.aspx

Bit tricky because you have to make sure it works with Windows.System.Forms, not System.Web.UI.

If all you need do is convert a plain text string from the TextBox into a SecureString then you can do this after you've read it:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902038
im using my $pw to store what input the password box, however when i type my password in that box i want it to read ***** rather than "test1"
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902067
I figured it out
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902078
Simply adding

$objTextBox2.UseSystemPasswordChar = $True

after :
$objTextBox2 = New-Object System.Windows.Forms.TextBox
$objTextBox2.Location = New-Object System.Drawing.Size(10,90)
$objTextBox2.Size = New-Object System.Drawing.Size(260,20)

Did the job
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902100
but maybe you can help me with storing that password and using it in

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

it seems not to like the connectionPassword as $pw
0
 

Assisted Solution

by:someOne2010
someOne2010 earned 83 total points
ID: 34902109
you mean you need to Encrypt the password or just display the pass input as *

this will display the pass as *
$objTextBox2.PasswordChar = "*"

and this post can help you to Encrypt and Decrypt

http://poshcode.org/116
and if you need any other help let me know
[Reflection.Assembly]::LoadWithPartialName("System.Security")
 
function Encrypt-String($String, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key", [switch]$arrayOutput)
{
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
   
   $c = $r.CreateEncryptor()
   $ms = new-Object IO.MemoryStream
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
   $sw = new-Object IO.StreamWriter $cs
   $sw.Write($String)
   $sw.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
   [byte[]]$result = $ms.ToArray()
   if($arrayOutput) {
      return $result
   } else {
      return [Convert]::ToBase64String($result)
   }
}
 
function Decrypt-String($Encrypted, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key")
{
   if($Encrypted -is [string]){
      $Encrypted = [Convert]::FromBase64String($Encrypted)
   }
 
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
   $d = $r.CreateDecryptor()
   $ms = new-Object IO.MemoryStream @(,$Encrypted)
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
   $sr = new-Object IO.StreamReader $cs
   Write-Output $sr.ReadToEnd()
   $sr.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
}

Open in new window

0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 1

Author Comment

by:ntr2def
ID: 34902335
That works as well but my issue comes to this line:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

its not accepting my password, states that the password is empty or null
0
 

Expert Comment

by:someOne2010
ID: 34902397
you forget to pass the password from the text box
you should

do at line 54
$pw=$objTextBox2.text
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902571
after i input the syntax i get a new error:

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert
 the "" value of type "System.String" to type "System.Security.SecureString".
At
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], Param
   eterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles
   .ArsPowerShellSnapIn.Cmdlets.ConnectCmdlet
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902586
can you look at lines 10-15 could that be the problem?
0
 

Expert Comment

by:someOne2010
ID: 34902649
from the error i think you need to convert the password to secure string

you can do that as fallwoing

$secure_string_pwd = convertto-securestring $pw -asplaintext -force
and try to pass the $secure_string_pwd variable instead of  $pw


This command converts the plain text string
into a secure string and stores the result in the $secure_string_pwd variable
i hope this will help
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34907755
now i get

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert the "Test" value of type "System.String" to type "System.Security.SecureString".
At G:\Scripts\AccountActivity\Scripts\PowershellScripts\SetSingleUserServiceAttribute.ps1:61 char:64
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles.ArsPowerShellSnapIn.Cmdlets.
   ConnectCmdlet
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 167 total points
ID: 34908117
You should not reuse the variable name in this instance, strong-typing will kill it.

$pw : The thing you read from the text box
$SecurePW : $pw converted into a secure string

Then:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $SecurePW

It's why I used a different variable name in my first example:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Why would I want to create a function for tracking messages? I am glad you asked. As with most monotonous/routine tasks, human error tends to creep in after doing the same task over and over again. By creating a function, you load the function once…
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now