Solved

secure text string in form using powershell

Posted on 2011-02-15
13
3,004 Views
Last Modified: 2012-08-13
I want to secure the string rather than it come across as plain text. This is what I have so far

 
#Pop up box for username and Password###############################################################
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 

$objForm = New-Object System.Windows.Forms.Form 
$objForm.Text = "Set Attribute Information for User"
$objForm.Size = New-Object System.Drawing.Size(300,180) 
$objForm.StartPosition = "CenterScreen"

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter") 
    {$User=$objTextBox.Text;$objForm.Close()}
	{$pw=$objTextBox2.text;$ObjForm.close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape") 
    {$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,125)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.Add_Click({$user=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,125)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20) 
$objLabel.Size = New-Object System.Drawing.Size(280,20) 
$objLabel.Text = "Enter Username: (Domain\Username)"
$objForm.Controls.Add($objLabel) 
$objTextBox = New-Object System.Windows.Forms.TextBox 
$objTextBox.Location = New-Object System.Drawing.Size(10,40) 
$objTextBox.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox) 
$objLabel2 = New-Object System.Windows.Forms.Label
$objLabel2.Location = New-Object System.Drawing.Size(10,70) 
$objLabel2.Size = New-Object System.Drawing.Size(280,20) 
$objLabel2.Text = "Enter Password"
$objForm.Controls.Add($objLabel2)
$objTextBox2 = New-Object System.Windows.Forms.TextBox 
$objTextBox2.Location = New-Object System.Drawing.Size(10,90) 
$objTextBox2.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox2) 

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

[void] $user
[void] $pw

Open in new window


Any Ideas?
0
Comment
Question by:ntr2def
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
  • 2
13 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 167 total points
ID: 34902003

What are you going to do with $pw?

You can't implicitly return a SecureString from a TextBox, the return types aren't compatible. There are third-party assemblies that can make a TextBox that will return a SecureString, but that's not quite the same or as easy as native support.

An example of an assembly to do that would be this:

http://weblogs.asp.net/pglavich/archive/2006/02/26/securepasswordtextbox-a-textbox-that-uses-the-securestring-class.aspx

Bit tricky because you have to make sure it works with Windows.System.Forms, not System.Web.UI.

If all you need do is convert a plain text string from the TextBox into a SecureString then you can do this after you've read it:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902038
im using my $pw to store what input the password box, however when i type my password in that box i want it to read ***** rather than "test1"
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902067
I figured it out
0
IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

 
LVL 1

Author Comment

by:ntr2def
ID: 34902078
Simply adding

$objTextBox2.UseSystemPasswordChar = $True

after :
$objTextBox2 = New-Object System.Windows.Forms.TextBox
$objTextBox2.Location = New-Object System.Drawing.Size(10,90)
$objTextBox2.Size = New-Object System.Drawing.Size(260,20)

Did the job
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902100
but maybe you can help me with storing that password and using it in

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

it seems not to like the connectionPassword as $pw
0
 

Assisted Solution

by:someOne2010
someOne2010 earned 83 total points
ID: 34902109
you mean you need to Encrypt the password or just display the pass input as *

this will display the pass as *
$objTextBox2.PasswordChar = "*"

and this post can help you to Encrypt and Decrypt

http://poshcode.org/116
and if you need any other help let me know
[Reflection.Assembly]::LoadWithPartialName("System.Security")
 
function Encrypt-String($String, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key", [switch]$arrayOutput)
{
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
   
   $c = $r.CreateEncryptor()
   $ms = new-Object IO.MemoryStream
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
   $sw = new-Object IO.StreamWriter $cs
   $sw.Write($String)
   $sw.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
   [byte[]]$result = $ms.ToArray()
   if($arrayOutput) {
      return $result
   } else {
      return [Convert]::ToBase64String($result)
   }
}
 
function Decrypt-String($Encrypted, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key")
{
   if($Encrypted -is [string]){
      $Encrypted = [Convert]::FromBase64String($Encrypted)
   }
 
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
   $d = $r.CreateDecryptor()
   $ms = new-Object IO.MemoryStream @(,$Encrypted)
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
   $sr = new-Object IO.StreamReader $cs
   Write-Output $sr.ReadToEnd()
   $sr.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
}

Open in new window

0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902335
That works as well but my issue comes to this line:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

its not accepting my password, states that the password is empty or null
0
 

Expert Comment

by:someOne2010
ID: 34902397
you forget to pass the password from the text box
you should

do at line 54
$pw=$objTextBox2.text
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902571
after i input the syntax i get a new error:

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert
 the "" value of type "System.String" to type "System.Security.SecureString".
At
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], Param
   eterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles
   .ArsPowerShellSnapIn.Cmdlets.ConnectCmdlet
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902586
can you look at lines 10-15 could that be the problem?
0
 

Expert Comment

by:someOne2010
ID: 34902649
from the error i think you need to convert the password to secure string

you can do that as fallwoing

$secure_string_pwd = convertto-securestring $pw -asplaintext -force
and try to pass the $secure_string_pwd variable instead of  $pw


This command converts the plain text string
into a secure string and stores the result in the $secure_string_pwd variable
i hope this will help
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34907755
now i get

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert the "Test" value of type "System.String" to type "System.Security.SecureString".
At G:\Scripts\AccountActivity\Scripts\PowershellScripts\SetSingleUserServiceAttribute.ps1:61 char:64
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles.ArsPowerShellSnapIn.Cmdlets.
   ConnectCmdlet
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 167 total points
ID: 34908117
You should not reuse the variable name in this instance, strong-typing will kill it.

$pw : The thing you read from the text box
$SecurePW : $pw converted into a secure string

Then:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $SecurePW

It's why I used a different variable name in my first example:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
In previous parts of this Nano Server deployment series, we learned how to create, deploy and configure Nano Server as a Hyper-V host. In this part, we will look for a clustering option. We will create a Hyper-V cluster of 3 Nano Server host nodes w…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question