User Profile
calvinrafael
Copper Contributor
Joined Aug 12, 2022
User Widgets
Recent Discussions
Re: Powershell masking password
LainRobertson I really appreciate your help and response. Thanks for your code. Adding below code works for me. $password = (Read-Host -Prompt "Please type the password" -AsSecureString) $Ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToCoTaskMemUnicode($password) $result = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($Ptr) [System.Runtime.InteropServices.Marshal]::ZeroFreeCoTaskMemUnicode($Ptr) #$result $UserPass = "username:$($result)" [string]$stringToEncode=$UserPass $encodedString=[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($stringToEncode)) [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("content-type", "application/json") $headers.Add("accept", "application/json") $headers.Add("Authorization", "Basic " + $encodedString)452Views0likes0CommentsPowershell masking password
Hello Everyone, I have the script (API POST) below which is working fine. $UserPass = "username:password" [string]$stringToEncode=$UserPass $encodedString=[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($stringToEncode)) [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("content-type", "application/json") $headers.Add("accept", "application/json") $headers.Add("Authorization", "Basic " + $encodedString) Invoke-RestMethod -Uri "https://api_base_url/session" -Headers $headers -Method POST I want to mask the password instead of plain text. So modified it to below which will ask to enter the masked password. $UserPass = "username:$(Read-Host -Prompt "Please type the password" -AsSecureString)" But the whole script is not working anymore. When I troubleshoot, there is a difference in encoding/decoding. I ran an online base64 decode and encode, the result is different. Plain text password - username:password dXNlcm5hbWU6cGFzc3dvcmQ= ---> username:password Masked password - username:$(Read-Host -Prompt "Please type the password" -AsSecureString) dXNlcm5hbWU6U3lzdGVtLlNlY3VyaXR5LlNlY3VyZVN0cmluZw== ---> username:System.Security.SecureString How can I mask the password but able to read the System.Security.SecureString as the actual password? Thank you in advanced.875Views0likes2CommentsRe: Get-Acl | Group Names and Permissions
farismalaeb Thank you for sharing the link. Unfortunately, I found it not helpful. I already have the script that gives the output that I want except for the formatting. I would prefer it to be in a table format rather than in list format. This is the actual output. Domain\ADM_HOU_DataOp Domain\G HOU GOMDW Dev Admin Domain\G GOM Resource Data Management RW Domain\G GoM Resource AREA RO ; FullControl FullControl Modify, Synchronize ReadAndExecute, Synchronize This is the intended output. Domain\ADM_HOU_DataOp FullControl Domain\G HOU GOMDW Dev Admin FullControl Domain\G GOM Resource Data Management RW Modify, Synchronize Domain\G GoM Resource AREA RO ReadAndExecute, Synchronize Cheers3.2KViews0likes0CommentsGet-Acl | Group Names and Permissions
Dear Friends, I want to query groups and permissions on certain file share path using the powershell script below. It is currently working and giving the correct output. [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] $FullPath, [Parameter(Mandatory = $false)] $Base64Encoded = $false ) # Change path to the script location $ScriptPath = $MyInvocation.MyCommand.Path $CurrentDir = Split-Path $ScriptPath Push-Location $CurrentDir If ($Base64Encoded) { $FullPath = [Text.Encoding]::Utf8.GetString([Convert]::FromBase64String($FullPath)) } "$([System.Datetime]::Now.ToString("dd/MM/yy HH:mm:ss")) I am run" | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt" $Output = "" Write-Verbose "Querying permissions applied on $FullPath ..." Try { $env:UserName | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt" $FullPath | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt" $Acl = (Get-Acl -Path $FullPath).Access | Select IdentityReference,FileSystemRights | Where-Object {($_.IdentityReference -ne "BUILTIN\Administrators") -and ($_.IdentityReference -ne "NT AUTHORITY\Authenticated Users") -and ($_.IdentityReference -ne "BUILTIN\Power Users") -and ($_.IdentityReference -ne "BUILTIN\Backup Operators")} If ($Acl -ne $null) { $Groups = $Acl.IdentityReference,$Acl.FileSystemRights Write-Verbose "Groups found: $($Groups -join ';')" Foreach ($Group in $Groups) { If (($Group -ne "BUILTIN\Administrators") -or ($Group -ne "NT AUTHORITY\Authenticated Users") -or ($Group -ne "BUILTIN\Power Users") -or ($Group -ne "BUILTIN\Backup Operators")) { If ($Output -eq "") { $Output = $Group -replace "\\D","\G" } Else { $Output = $Output + ";" + ($Group -replace "\\D","\G") } } } } } Catch { Write-Host "An error occurred while querying file share permissions." Write-Host ($_ | ConvertTo-Json) } Write-Output $Output $Output | Add-Content "C:\Users\3998nt\OneDrive - 3998nt\Documents\Query\Log.txt" This is the actual output. Domain\ADM_HOU_DataOp Domain\G HOU GOMDW Dev Admin Domain\G GOM Resource Data Management RW Domain\G GoM Resource AREA RO ; FullControl FullControl Modify, Synchronize ReadAndExecute, Synchronize This is the intended output. Domain\ADM_HOU_DataOp FullControl Domain\G HOU GOMDW Dev Admin FullControl Domain\G GOM Resource Data Management RW Modify, Synchronize Domain\G GoM Resource AREA RO ReadAndExecute, Synchronize Any help provided will be much appreciated. Thank you in advanced.3.4KViews0likes2Comments
Recent Blog Articles
No content to show