Reputation: 69
Encrypted command line
I have a situation where I need to give a bunch of administrators a command to run from a Windows command line that contains a password. There is no workaround for this application to avoid having a password on the command line.
For example:
c:>mycommand -P mypassword
I just want to give them an encrypted string that decrypts to "mycommand -P mypassword" and executes that command with its parameters without displaying the unencrypted text.
Say like this:
c:>mycommanddecoder efouhpefibhusdvn,iu3r3ksjdfdfbpisiegf
I've googled but results tend to come up with PGP command line utilities and the like.
I could just write a custom executable to do the job but that wouldn't stop a savvy operator from viewing the object code. I could encrypt it internally but then there would still be a visible key unless I used a certificate ... and you get the idea. It quickly becomes a mission!
Any thoughts?
Thanks,
Mark
Upvotes: 0
Views: 209
Answers (1)
Reputation: 13240
Your problem is that in the end you want the script / program / command line to result in a system call that spawns the mycommand executive with the password as a parameter. And this syscall can be observed. Whatever you do beforehand you will not get around this attack point. You probably should look for a solution where the password never needs to be stored on the computer at all, maybe outsource the functionality into a service running somewhere else.
Upvotes: 3
Related Questions
- Command Prompt - Batch File - BAT File
- Encrypt String with the Machine Key in Powershell?
- use encrypted password as parameter for CMD in Powershell
- How do I encrypt a password using command line arguments?
- How to seperate lines of .bat when encrypted from powershell
- Run a C# class in command line
- See command line arguments being passed to a program
- Playing around with C# encryption
- cmd line app for encryption via std in/out/error?
- Encrypting powershell passwords