Is it possible to decrypt a string in C# which is encrypted via PowerShell and how?
The string is encrypted via PowerShell as below:
$pw = read-host "Enter Password" –AsSecureString
ConvertFrom-SecureString $pw | out-file "C:\file.txt"
To convert it back with PowerShell I can use these commands that call C# class System.Runtime.InteropServices.Marshal
.
$pwdSec = Get-Content "C:\file.txt" | ConvertTo-SecureString
$bPswd = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwdSec)
$pswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bPswd)
File contains the string that has been converted to an encrypted standard string("hello")
.
So if open the file.txt
file, it looks similar to:
01000000d08c9ddf0115d1118c7a00c04fc297eb0100000052ded6c2db80e748933432e19b9de8b10000
000002000000000003660000c00000001000000016dc35885d76d07bab289eb9927cfc1e000000000480
0000a0000000100000003106cde553f45b08d13d89d11336170b280000005cc865c1ee1b57e84ed3d1a2
d3f2d0ec0f189b532e61c18d1f31444d6f119a1e8368477fd2d81f54140000000cb0262e58b08ae14f37
22c14c69684841b6b21c
Decryption Approach:Find the length L of the string. Find the ceil and floor values of √Length and assign them to the variables. Create a 2D matrix and fill the matrix by characters of string column-wise. Read the matrix row-wise to get the decrypted string.
To decrypt a ciphertext C using an RSA public key we simply compute the plaintext M as: M = Cd mod N.
The output file from the ConvertFrom-SecureString
you have is a UTF-16 (password) string protected with the ProtectedData.Protect
stored as a hex dump.
To revert the encoding use:
// Read file to string
string exportedData = File.ReadAllText(@"file.txt");
// Remove all new-lines
exportedData = exportedData.Replace(Environment.NewLine, "");
// Convert the hex dump to byte array
int length = exportedData.Length / 2;
byte[] encryptedData = new byte[length];
for (int index = 0; index < length; ++index)
{
encryptedData[index] =
byte.Parse(
exportedData.Substring(2 * index, 2),
NumberStyles.HexNumber, CultureInfo.InvariantCulture);
}
// Decrypt the byte array to Unicode byte array
byte[] data = ProtectedData.Unprotect(
encryptedData, (byte[])null, DataProtectionScope.CurrentUser);
// Convert Unicode byte array to string
string password = Encoding.Unicode.GetString(data);
The above code works, when you do not specify the -Key
with the ConvertFrom-SecureString
. The secure string is then protected with Windows Data Protection API (DPAPI). As such the string has to be decoded on the same machine and account, as it was encoded.
I had a requirement to encrypt a string in power shell and decrypt in .Net Please find the following function to encrypt any string. here (1..16) is a byte array.
function EncriptStringData {
[CmdletBinding()]
param (
[string] $PlainText
)
$someSecureString = $PlainText | ConvertTo-SecureString -AsPlainText -Force
$encryptedTextThatIcouldSaveToFile = ConvertFrom-SecureString -key (1..16) -SecureString $someSecureString
return $encryptedTextThatIcouldSaveToFile
}
Now this encrypt string output i have used as a input for my .Net program and get the same PlainText back as an output of my .Net program. Please find the following function.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.IO;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Cryptography;
namespace MyNameSpace
{
public class DecryptStringData
{
public string GetDecryptString(string EncriptData)
{
try
{
byte[] key = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
byte[] asBytes = Convert.FromBase64String(EncriptData);
string[] strArray = Encoding.Unicode.GetString(asBytes).Split(new[] { '|' });
if (strArray.Length != 3) throw new InvalidDataException("input had incorrect format");
byte[] magicHeader = HexStringToByteArray(EncriptData.Substring(0, 32));
byte[] rgbIV = Convert.FromBase64String(strArray[1]);
byte[] cipherBytes = HexStringToByteArray(strArray[2]);
SecureString str = new SecureString();
SymmetricAlgorithm algorithm = SymmetricAlgorithm.Create(); //This for .Net 4.5
//Use this for .Net core // AesManaged algorithm = new AesManaged();
ICryptoTransform transform = algorithm.CreateDecryptor(key, rgbIV);
using (var stream = new CryptoStream(new MemoryStream(cipherBytes), transform, CryptoStreamMode.Read))
{
int numRed = 0;
byte[] buffer = new byte[2]; // two bytes per unicode char
while ((numRed = stream.Read(buffer, 0, buffer.Length)) > 0)
{
str.AppendChar(Encoding.Unicode.GetString(buffer).ToCharArray()[0]);
}
}
string secretvalue = convertToUNSecureString(str);
return secretvalue;
}
catch (Exception ex)
{
return ex.Message;
}
}
public static byte[] HexStringToByteArray(String hex)
{
int NumberChars = hex.Length;
byte[] bytes = new byte[NumberChars / 2];
for (int i = 0; i < NumberChars; i += 2) bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
return bytes;
}
public static string convertToUNSecureString(SecureString secstrPassword)
{
IntPtr unmanagedString = IntPtr.Zero;
try
{
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(secstrPassword);
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
}
}
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With