calling all PoSh gurus encrypt question..?
Hey PoSh gurus,
with the encryption on a PoSh file to run them, does the encryption on the file hide all the code and text from anything but the Posh Environment? or to what extent....I have some programs/scripts I have built that I would like to change to PoSh so it can hide the passwords that I have used in some of my scripts...vs text only file easily readable by spyware. Is this possible with PoSh?
with the encryption on a PoSh file to run them, does the encryption on the file hide all the code and text from anything but the Posh Environment? or to what extent....I have some programs/scripts I have built that I would like to change to PoSh so it can hide the passwords that I have used in some of my scripts...vs text only file easily readable by spyware. Is this possible with PoSh?
Comments
-
HeroPsycho
Inactive Imported Users Posts: 1,940
It is possible with Posh to encrypt the credentials natively, but it is security through obscurity level encryption, not industrial strength. If someone got ahold of the encrypted blob, they would easily be able to get the passwords out.
http://www.leeholmes.com/blog/ImportingAndExportingCredentialsInPowerShell.aspxGood luck to all! -
itdaddy
Member Posts: 2,089 ■■■■□□□□□□
HeryPsycho
hey thanks for the article.I appreciate your insight. You would think they would have a file that is shared by many scripts (i like that idea) that is decrypted for the password each time say program required it as a norm..that is cool if I can encrypt it with something. I wish some of my commands could just run on a the machine as admin but they don't...they need that dam n password that is senstive..hum!?
I guess some encryption is better than none...thanks man!
-
HeroPsycho
Inactive Imported Users Posts: 1,940
Might consider invoking the script with a scheduled task using a bat file that invokes Powershell.exe and the script.Good luck to all!
-
itdaddy
Member Posts: 2,089 ■■■■□□□□□□
Rob Costello : Powershell Tip - Storing and Using Password Credentials
Master-PowerShell | With Dr. Tobias Weltner - PowerShell.com
dude found this link..and your idea of running it from a scheduled task is good tooo..for the encryption good idea...
yeah what sucks is nowadays sha1 2 and md5 can be cracked haha
I am sure you have seen it like I have in some CeH snippet courses hee hee...I was hoping PoSh would use SSL to encrypt its credentials.;( -
tiersten
Member Posts: 4,505
I wouldn't rely on that to secure any important passwords.Rob Costello : Powershell Tip - Storing and Using Password Credentials
SHA-1 and MD5 have both been shown to be vulnerable to collisions with examples. SHA-2 is only mathematically proven to be vulnerable to similar techniques used on SHA-1.yeah what sucks is nowadays sha1 2 and md5 can be cracked haha
They're hash functions anyway. They're not used to encrypt.
SSL and TLS are protocols to handle encryption of network connections. They're not encryption algorithms themselves.I was hoping PoSh would use SSL to encrypt its credentials. -
itdaddy
Member Posts: 2,089 ■■■■□□□□□□
tiersten
what would you suggest? I thought powershell was suppose to be this super secure CLI???
thanks..I need to do some looking into what each does sha1, sha2, md5 ssl /tls etc.... I just know when I was watching Winstructor videos he used SHA1 for something ? in power shell scripts along with the makecert.exe program...
need to brush up on all this Sec+ .. I know enough to be dangerous hee hee
thanks
