Powershell, Windows
Powershell encryption decryption
Deux méthodes pour encrypter/decrypter une variable: $MyPswd = « password1234 » ConvertTo-SecureString $MyPswd -AsPlainText -Force | ConvertFrom-SecureString | Out-File -FilePath « $chemin\pass.txt » $password = Get-Content « $chemin\pass.txt » | ConvertTo-SecureString $bPswd = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password) $pswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bPswd) Write-Host $pswd rm « $chemin\pass.txt » Add-Type -assembly System.Security $passwordBytes = [System.Text.Encoding]::Unicode.GetBytes(« Open Sesame ») $entropy = [byte[]](1,2,3,4,5) $encrytpedData = [System.Security.Cryptography.ProtectedData]::Protect($passwordBytes, $entropy, ‘CurrentUser’) $encrytpedData | Set-Content -enc byte .\password.bin $encrytpedData = Get-Content -enc byte .\password.bin $unencrytpedData = [System.Security.Cryptography.ProtectedData]::Unprotect( $encrytpedData, $entropy, ‘CurrentUser’) $password = [System.Text.Encoding]::Unicode.GetString($unencrytpedData) $password function Set-Key { param([string]$string) $length = $string.length $pad = 32-$length if (($length -lt 16) -or ($length -gt 32)) {Throw « String must be between 16 and 32 characters »} $encoding = New-Object System.Text.ASCIIEncoding $bytes = $encoding.GetBytes($string + « 0 » * $pad) return $bytes } function Set-EncryptedData { param($key,[string]$plainText) $securestring = new-object System.Security.SecureString $chars = $plainText.toCharArray() foreach ($char in $chars) {$secureString.AppendChar($char)} $encryptedData = ConvertFrom-SecureString -SecureString $secureString -Key $key return $encryptedData } function Get-EncryptedData { param($key,$data) $data | ConvertTo-SecureString -key $key | ForEach-Object {[Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($_))} } #Encrypt $plainText = « Some Super Secret Password » $key = Set-Key « AGoodKeyThatNoOneElseWillKnow » $encryptedTextThatIcouldSaveToFile = Set-EncryptedData -key $key -plainText $plaintext $encryptedTextThatIcouldSaveToFile #Decrypt $DecryptedText = Get-EncryptedData -data $encryptedTextThatIcouldSaveToFile -key $key $DecryptedText Voilà vous pouvez encrypter vos données sensibles…
Read MoreAdministration système, Powershell, Windows
Encryption des mots de passe
Première méthode : $MyPswd = « password1234 » $chemin = « C:\ » ConvertTo-SecureString $MyPswd -AsPlainText -Force | ConvertFrom-SecureString | Out-File -FilePath « $chemin\pass.txt » $password = Get-Content « $chemin\pass.txt » | ConvertTo-SecureString $bPswd = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password) $pswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bPswd) Write-Host $pswd rm « $chemin\pass.txt » Deuxième méthode: # Stick password into DPAPI storage once – accessible only by current user Add-Type -assembly System.Security $passwordBytes = [System.Text.Encoding]::Unicode.GetBytes(« Open Sesame ») $entropy = [byte[]](1,2,3,4,5) $encrytpedData = [System.Security.Cryptography.ProtectedData]::Protect($passwordBytes, $entropy, ‘CurrentUser’) $encrytpedData | Set-Content -enc byte .\password.bin # Retrieve and decrypted password $encrytpedData = Get-Content -enc byte .\password.bin $unencrytpedData = [System.Security.Cryptography.ProtectedData]::Unprotect( $encrytpedData, $entropy, ‘CurrentUser’) $password = [System.Text.Encoding]::Unicode.GetString($unencrytpedData) $password Troisième méthode: function Set-Key { param([string]$string) $length = $string.length $pad = 32-$length if (($length -lt 16) -or ($length -gt 32)) {Throw « String must be between 16 and 32 characters »} $encoding = New-Object System.Text.ASCIIEncoding $bytes = $encoding.GetBytes($string + « 0 » * $pad) return $bytes } function Set-EncryptedData { param($key,[string]$plainText) $securestring = new-object System.Security.SecureString $chars = $plainText.toCharArray() foreach ($char in $chars) {$secureString.AppendChar($char)} $encryptedData = ConvertFrom-SecureString -SecureString $secureString -Key $key return $encryptedData } function Get-EncryptedData { param($key,$data) $data | ConvertTo-SecureString -key $key | ForEach-Object {[Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($_))} } #Encrypt $plainText = « Some Super Secret Password » $key = Set-Key « AGoodKeyThatNoOneElseWillKnow » $encryptedTextThatIcouldSaveToFile = Set-EncryptedData -key $key -plainText $plaintext $encryptedTextThatIcouldSaveToFile #Decrypt $DecryptedText = Get-EncryptedData -data $encryptedTextThatIcouldSaveToFile -key…
Read More