Decrypting SecureStrings (Once More!)

[PSCredentials] have some interesting methods.  Chief among them, at least for today, is GetNetworkCredential().  Well, what’s so special about this?  The returned object has the .Password property which is the plaintext of the password.  I’ll say it again: $PsCredential.GetNetworkCredential().Password is plaintext! This means we have an easier-to-remember way to decrypt a SecureString: (New-Object System.Management.Automation.PSCredential DoesNotMatter,…

0

Storing SecureStrings Machine-Independently

As part of a brown bag, I extracted out the logic CredLocker uses to store credentials.  Here’s the guts of the code. The short form is unchanged from the Credlocker post, but I’ve cleaned it up. – It prompts the user for a password if $Host.CredentialStoreCredential doesn’t exist, or if Get-CredentialStoreCredential –Force is called.  This…

0

Yet Another Password Generator

This must be freshman programming again.  I’m redoing CredLocker and want the way to parametrically generate passwords with minimum character set counts. This is also a good example of New-Object System.Random and [char[]]”Casting a string to char array”, as well as an interesting possible coding interview question: For a given number that is greater than…

0

CredLocker – Storing PSCredentials to File

  Summary CredLocker is tool to securely store PSCredentials to a file such that the file can be copied to multiple hosts and the PSCredentials can be retrieved from that file via processes running on those hosts. The function + the data store file together provide functionality similar to PasswordSafe: a password-secured data store for…

0

PowerShell for Non-N00bs: How Much is That Character in the Window? (Or, How to Change Your Password Without Really Trying)

I’m creating a slightly different track here.  PowerShell for Non-N00bs is for me to track some of the tidbits I’ve found along the way. This will be a two-fer article.  By this I mean I’m going to address two tangentially related subjects: how to find an ‘odd’ character that is visible, but not matching a…

2

Automated Logins with PuTTY, Pagent, ssh and ssh-agent

Passwords are a necessary evil, but they get in the way when we have to administer multiple Unix hosts via scripts.  Once we’ve set up so Unix hosts trust one another enough to log us in without passwords, then the next step is to extend the functionality to PuTTY, the ssh client of choice for…

0