 |
|
| Register | Practice Exams | TechNotes | Members List | Search | Today's Posts | Mark Forums Read |
| |||||||
 |
| | Thread Tools |
| Senior Member Registered Member  Join Date: Jan 2006
Posts: 1,106
Certifications: A+, CCNA, MCP  |
 calling all PoSh gurus encrypt question..? Hey PoSh gurus, with the encryption on a PoSh file to run them, does the encryption on the file hide all the code and text from anything but the Posh Environment? or to what extent....I have some programs/scripts I have built that I would like to change to PoSh so it can hide the passwords that I have used in some of my scripts...vs text only file easily readable by spyware. Is this possible with PoSh?  __________________ itdaddy  "...so many toys....so little time!" | ||
|  |
|
| Senior Member Registered Member  Join Date: Jan 2008
Posts: 1,813
Certifications: MCITP: EA, EMA; MCSE 2000/2003: M; MCSE 2000: S; MCSA 2000/2003: S; MCTS: ISA 2006; VCP3/4 |
It is possible with Posh to encrypt the credentials natively, but it is security through obscurity level encryption, not industrial strength. If someone got ahold of the encrypted blob, they would easily be able to get the passwords out. http://www.leeholmes.com/blog/Import...owerShell.aspx __________________ Next up, EMC storage! | ||
|
| |
| Senior Member Registered Member Join Date: Jan 2006
Posts: 1,106
Certifications: A+, CCNA, MCP |
HeryPsycho hey thanks for the article.I appreciate your insight. You would think they would have a file that is shared by many scripts (i like that idea) that is decrypted for the password each time say program required it as a norm..that is cool if I can encrypt it with something. I wish some of my commands could just run on a the machine as admin but they don't...they need that dam n password that is senstive..hum!? I guess some encryption is better than none...thanks man!  __________________ itdaddy "...so many toys....so little time!" | ||
|
| |
| Senior Member Registered Member Join Date: Jan 2008
Posts: 1,813
Certifications: MCITP: EA, EMA; MCSE 2000/2003: M; MCSE 2000: S; MCSA 2000/2003: S; MCTS: ISA 2006; VCP3/4 |
Might consider invoking the script with a scheduled task using a bat file that invokes Powershell.exe and the script. __________________ Next up, EMC storage! | ||
|
| |
| Senior Member Registered Member Join Date: Jan 2006
Posts: 1,106
Certifications: A+, CCNA, MCP |
Rob Costello : Powershell Tip - Storing and Using Password Credentials Master-PowerShell | With Dr. Tobias Weltner - PowerShell.com dude found this link..and your idea of running it from a scheduled task is good tooo..for the encryption good idea... yeah what sucks is nowadays sha1 2 and md5 can be cracked haha I am sure you have seen it like I have in some CeH snippet courses hee hee...I was hoping PoSh would use SSL to encrypt its credentials.;( __________________ itdaddy "...so many toys....so little time!" Last edited by itdaddy; 07-03-2009 at 04:41 PM. | ||
|
| |
| was here. Registered Member Join Date: Apr 2008 Location: UK
Posts: 2,805
|
Quote:
Quote:
They're hash functions anyway. They're not used to encrypt. Quote:
| |||||
| |
| Senior Member Registered Member Join Date: Jan 2006
Posts: 1,106
Certifications: A+, CCNA, MCP |
tiersten what would you suggest? I thought powershell was suppose to be this super secure CLI??? thanks..I need to do some looking into what each does sha1, sha2, md5 ssl /tls etc.... I just know when I was watching Winstructor videos he used SHA1 for something ? in power shell scripts along with the makecert.exe program... need to brush up on all this Sec+ .. I know enough to be dangerous hee hee thanks __________________ itdaddy "...so many toys....so little time!" | ||
|
| |
| Bookmarks |
 |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| |
All times are GMT. The time now is 05:07 PM.
