Versions Compared

Old Version 7

changes.mady.by.user Morgan Mackeson-Ellis

Saved on

compared with

New Version Current

changes.mady.by.user Morgan Mackeson-Ellis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The fields labelled "Session .." are never stored in the metadata and only persist, in-memory, for the duration of the user's session of RED. 

Additionally the users and passwords entered in the Scheduler Configuration screen in RED are never stored in the metadata and only persist, in-memory, for the duration of the user's session of RED. 

...

Code Block
languagepowershell
titleDPAPI Encrypt
linenumberstrue
collapsetrue
Add-Type -AssemblyName System.Security

$myPass = "myp@ssw0rd!"

# Convert the pwd string to a byte array.
$bytes = [System.Text.Encoding]::Unicode.GetBytes($myPass)

# Encrypt the byte array.
$encryptedBytes = [System.Security.Cryptography.ProtectedData]::Protect(
        $bytes, 
        $null, 
        [System.Security.Cryptography.DataProtectionScope]::CurrentUser)

# This is the equivalent form stored in the Profile files for RED
$encryptedProfilePassword=[System.Convert]::ToBase64String($encryptedBytes)

Write-Output $encryptedProfilePassword

If

...

for

...

some

...

reason

...

you

...

need

...

to

...

decrypt

...

the

...

profile

...

file

...

passwords

...

in

...

a

...

script

...

the

...

below

...

method

...

shows

...

how

...

to

...

do

...

this.

...

Note

...

that

...

only

...

the

...

same

...

Windows

...

User

...

that

...

encrypted

...

the

...

password

...

in

...

the

...

first

...

place

...

will

...

be

...

able

...

to

...

decrypt

...

it.

Example PowerShell script to decrypt Windows DPAPI encrypted base64 Unicode string:

Code Block
languagepowershell
titleDPAPI Decrypt
linenumberstrue
collapsetrue
Add-Type -AssemblyName System.Security

# set this to an encrypted string taken from the Profile file
$encryptedProfilePassword=”<YOUR ENCRYPTED STRING>”

# first convert the extracted RED Profile string FromBase64String to Byte array
$encryptedBytes = [System.Convert]::FromBase64String($encryptedProfilePassword)

Write-Host "Encrypted Bytes" -ForegroundColor Cyan
Write-Host ([string] $encryptedBytes) -ForegroundColor DarkGreen

# Unencrypt the data.
$bytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
        $encryptedBytes, 
        $null, 
        [System.Security.Cryptography.DataProtectionScope]::CurrentUser)

$plainTextPwd = [System.Text.Encoding]::Unicode.GetString($bytes)

Write-Host "Decrypted Data" -ForegroundColor Cyan
Write-Host $plainTextPwd -ForegroundColor Red

Example Profile fileProfile file

The Profile file profile file is a .JSON file which makes it easy to programmatically update any connection attributes it contains.

...