Convert Secure String to Plain text

This topic contains 1 reply, has 1 voice, and was last updated by Profile photo of Brian Bourque Brian Bourque 1 year, 4 months ago.

  • Author
  • #25891

    I am working on a script to install software on computers in our network remotely. to do this i am using PSEXEC .
    the script is as follows

    Function Start-Install

    $pass = read-host "enter Password" -AssecureString

    Foreach ($C in $Comp){

    PSesec -p $pass \\$C -u Domain\$AgentID c:\Path_to_installer_application – nogui -path \\Path_to_install_script

    now when I try to run the above get the following error

    Logon Failure: unknown user name or bad password

    I have checked to make sure i was not mistyping these several times so i am confident that it is not a Type-o

    if I remove the -p $Password from the script PSEXEC asks for a password and will run normally.

    I know PSEXEC passes the info via plain Text so I believe the issue is that it is not sure how to process the password variable as a secure string.

    What i am trying to do is find a way to Prompt for the password and not have it show on the screen when being typed ( so be entered as a secure string) then be converted to a Plain text string all in the shell.
    I am not able to store the password in a text doc even if it is just for conversion and delete it a moment later as if powershell should crash that would leave the password exposed.

    I have tried the following to accomplish this

    – $pass = read-host "enter Password" -AssecureString

    – [Runtime.interopServices.marshal]::prtToStringAuto({runtime.Interservices.Marshal]::SecureStringtoBSTR($pass))

    (this will work if I so this in a live shell session but when placed into the script it again seems like it is not passing the password out in plain text.

    I am not sure if it is possible to change the text from secure string to Plain text for PSEXEC to read correctly using only Powershell, but if any one has any ideas I would love to hear them.

    also Please note I am only able to use Powershell 2.0 at this time.

  • #25893

    I have actually found the solution to my problem.
    after playing around a bit with the script I realized I was not actual passing the unsecured text to a variable to be used by the rest of the script

    here is what I had to do.

    $pass = read-host "enter Password" -AssecureString
    $NSPW = [Runtime.interopServices.marshal]::prtToStringAuto({runtime.Interservices.Marshal]::SecurestringToBstr($pass)

    I would have removed this thread if I was able to since I solved it so quick, but I guess maybe some one else could use it to learn from.

You must be logged in to reply to this topic.