Solved

secure text string in form using powershell

Posted on 2011-02-15
13
2,856 Views
Last Modified: 2012-08-13
I want to secure the string rather than it come across as plain text. This is what I have so far

 
#Pop up box for username and Password###############################################################
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") 
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") 

$objForm = New-Object System.Windows.Forms.Form 
$objForm.Text = "Set Attribute Information for User"
$objForm.Size = New-Object System.Drawing.Size(300,180) 
$objForm.StartPosition = "CenterScreen"

$objForm.KeyPreview = $True
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter") 
    {$User=$objTextBox.Text;$objForm.Close()}
	{$pw=$objTextBox2.text;$ObjForm.close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape") 
    {$objForm.Close()}})

$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Size(75,125)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.Add_Click({$user=$objTextBox.Text;$objForm.Close()})
$objForm.Controls.Add($OKButton)

$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Size(150,125)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.Add_Click({$objForm.Close()})
$objForm.Controls.Add($CancelButton)

$objLabel = New-Object System.Windows.Forms.Label
$objLabel.Location = New-Object System.Drawing.Size(10,20) 
$objLabel.Size = New-Object System.Drawing.Size(280,20) 
$objLabel.Text = "Enter Username: (Domain\Username)"
$objForm.Controls.Add($objLabel) 
$objTextBox = New-Object System.Windows.Forms.TextBox 
$objTextBox.Location = New-Object System.Drawing.Size(10,40) 
$objTextBox.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox) 
$objLabel2 = New-Object System.Windows.Forms.Label
$objLabel2.Location = New-Object System.Drawing.Size(10,70) 
$objLabel2.Size = New-Object System.Drawing.Size(280,20) 
$objLabel2.Text = "Enter Password"
$objForm.Controls.Add($objLabel2)
$objTextBox2 = New-Object System.Windows.Forms.TextBox 
$objTextBox2.Location = New-Object System.Drawing.Size(10,90) 
$objTextBox2.Size = New-Object System.Drawing.Size(260,20) 
$objForm.Controls.Add($objTextBox2) 

$objForm.Topmost = $True

$objForm.Add_Shown({$objForm.Activate()})
[void] $objForm.ShowDialog()

[void] $user
[void] $pw

Open in new window


Any Ideas?
0
Comment
Question by:ntr2def
  • 8
  • 3
  • 2
13 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 167 total points
ID: 34902003

What are you going to do with $pw?

You can't implicitly return a SecureString from a TextBox, the return types aren't compatible. There are third-party assemblies that can make a TextBox that will return a SecureString, but that's not quite the same or as easy as native support.

An example of an assembly to do that would be this:

http://weblogs.asp.net/pglavich/archive/2006/02/26/securepasswordtextbox-a-textbox-that-uses-the-securestring-class.aspx

Bit tricky because you have to make sure it works with Windows.System.Forms, not System.Web.UI.

If all you need do is convert a plain text string from the TextBox into a SecureString then you can do this after you've read it:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902038
im using my $pw to store what input the password box, however when i type my password in that box i want it to read ***** rather than "test1"
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902067
I figured it out
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 1

Author Comment

by:ntr2def
ID: 34902078
Simply adding

$objTextBox2.UseSystemPasswordChar = $True

after :
$objTextBox2 = New-Object System.Windows.Forms.TextBox
$objTextBox2.Location = New-Object System.Drawing.Size(10,90)
$objTextBox2.Size = New-Object System.Drawing.Size(260,20)

Did the job
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902100
but maybe you can help me with storing that password and using it in

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

it seems not to like the connectionPassword as $pw
0
 

Assisted Solution

by:someOne2010
someOne2010 earned 83 total points
ID: 34902109
you mean you need to Encrypt the password or just display the pass input as *

this will display the pass as *
$objTextBox2.PasswordChar = "*"

and this post can help you to Encrypt and Decrypt

http://poshcode.org/116
and if you need any other help let me know
[Reflection.Assembly]::LoadWithPartialName("System.Security")
 
function Encrypt-String($String, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key", [switch]$arrayOutput)
{
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
   
   $c = $r.CreateEncryptor()
   $ms = new-Object IO.MemoryStream
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
   $sw = new-Object IO.StreamWriter $cs
   $sw.Write($String)
   $sw.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
   [byte[]]$result = $ms.ToArray()
   if($arrayOutput) {
      return $result
   } else {
      return [Convert]::ToBase64String($result)
   }
}
 
function Decrypt-String($Encrypted, $Passphrase, $salt="My Voice is my P455W0RD!", $init="Yet another key")
{
   if($Encrypted -is [string]){
      $Encrypted = [Convert]::FromBase64String($Encrypted)
   }
 
   $r = new-Object System.Security.Cryptography.RijndaelManaged
   $pass = [System.Text.Encoding]::UTF8.GetBytes($Passphrase)
   $salt = [System.Text.Encoding]::UTF8.GetBytes($salt)
 
   $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32) #256/8
   $r.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
 
   $d = $r.CreateDecryptor()
   $ms = new-Object IO.MemoryStream @(,$Encrypted)
   $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
   $sr = new-Object IO.StreamReader $cs
   Write-Output $sr.ReadToEnd()
   $sr.Close()
   $cs.Close()
   $ms.Close()
   $r.Clear()
}

Open in new window

0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902335
That works as well but my issue comes to this line:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $pw

its not accepting my password, states that the password is empty or null
0
 

Expert Comment

by:someOne2010
ID: 34902397
you forget to pass the password from the text box
you should

do at line 54
$pw=$objTextBox2.text
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902571
after i input the syntax i get a new error:

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert
 the "" value of type "System.String" to type "System.Security.SecureString".
At
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], Param
   eterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles
   .ArsPowerShellSnapIn.Cmdlets.ConnectCmdlet
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34902586
can you look at lines 10-15 could that be the problem?
0
 

Expert Comment

by:someOne2010
ID: 34902649
from the error i think you need to convert the password to secure string

you can do that as fallwoing

$secure_string_pwd = convertto-securestring $pw -asplaintext -force
and try to pass the $secure_string_pwd variable instead of  $pw


This command converts the plain text string
into a secure string and stores the result in the $secure_string_pwd variable
i hope this will help
0
 
LVL 1

Author Comment

by:ntr2def
ID: 34907755
now i get

Connect-QADService : Cannot bind parameter 'ConnectionPassword'. Cannot convert the "Test" value of type "System.String" to type "System.Security.SecureString".
At G:\Scripts\AccountActivity\Scripts\PowershellScripts\SetSingleUserServiceAttribute.ps1:61 char:64
+ Connect-QADService -ConnectionAccount $User -ConnectionPassword <<<<  $pw
    + CategoryInfo          : InvalidArgument: (:) [Connect-QADService], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Quest.ActiveRoles.ArsPowerShellSnapIn.Cmdlets.
   ConnectCmdlet
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 167 total points
ID: 34908117
You should not reuse the variable name in this instance, strong-typing will kill it.

$pw : The thing you read from the text box
$SecurePW : $pw converted into a secure string

Then:

Connect-QADService -ConnectionAccount $User -ConnectionPassword $SecurePW

It's why I used a different variable name in my first example:

$SecurePW = $pw | ConvertTo-SecureString -AsPlainText -Force

Chris
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
This is a PowerShell web interface I use to manage some task as a network administrator. Clicking an action button on the left frame will display a form in the middle frame to input some data in textboxes, process this data in PowerShell and display…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question