Powershell:`GetNetworkCredential().Password` 没有在 `AppendChar()` 之后显示密码的所有字符
Powershell: `GetNetworkCredential().Password` is not displaying all the characters of the password after `AppendChar()`
我有一个 cmdlet Append-SecureString.ps1,它可以将所需的 length/size 填充到具有特定字符的 SecureString('o' 只是为了演示)。我正在使用另一个从 SecureString 获取明文的 cmdlet Decode-SecureString.ps1。
cmdlet Decode-SecureString.ps1
#Decode-SecureString.ps1
param([SecureString]$SecureString)
Write-Information -MessageData "Retrieving string..." -Verbose -InformationAction Continue
try{
$bstr = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString)
$length = [Runtime.InteropServices.Marshal]::ReadInt32($bstr, -4)
[Runtime.InteropServices.Marshal]::PtrToStringBSTR($bstr)
}
finally{
if ( $bstr -ne [IntPtr]::Zero ) {
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr)
}
}
cmdlet Append-SecureString.ps1
#Append-SecureString.ps1
param(
[Parameter(mandatory=$true)]
[System.Management.Automation.PSCredential]$Credential,
[Parameter(mandatory=$false)]
[int]$Length
)
while($Credential.Password.Length -lt $Length){
$Credential.Password.AppendChar('o')
}
$Credential.Password.Length
$Credential.GetNetworkCredential().Password
.\Decode-SecureString.ps1 -SecureString $Credential.Password #Custom cmdlet provided above.
结果是:
$cred=Get-Credential -Message "Enter the credentials."
$cred.UserName
picachu
$cred.Password.Length
14
$cred.GetNetworkCredential().Password
THISISPASSWORD
.\AppendTo-SecureString.ps1 -Credential $cred -Length 64
64
THISISPASSWORD
Retrieving string...
THISISPASSWORDoooooooooooooooooooooooooooooooooooooooooooooooooo
因此,如我们所见,$Credential.GetNetworkCredential().Password 没有显示 $Credential.Password 的完整字符串,顺便说一句,它是一个 SecureString。但是我的自定义 cmdlet Decode-SecureString 成功地从 $Credential.Password 中获得了完整的填充字符串,即 SecureString.
所以,有人能找出为什么 GetNetworkCredential().Password 没有显示完整的字符串吗?如果可能的话,你如何让 GetNetworkCredential().Password 在不使用我的情况下显示 $Credential.Password 后面的字符串自定义 cmdlet Decode-SecureString.ps1 ?
我已编辑 cmdlet AppendTo-SecureString.ps1 以解决以下问题。它不再需要 Decode-SecureString.ps1 来显示字符。问题是正如@PetSerAl 指出的那样,GetNetworkCredential() 不会为已经存在的 PSCredential 对象重建缓存。所以我决定使用新的 SecureString 和 return 构建另一个凭证。
param(
[Parameter(mandatory=$true)]
[System.Management.Automation.PSCredential]$Credential,
[Parameter(mandatory=$false)]
[int]$Length
)
$secureString=$Credential.Password
while($secureString.Length -lt $Length){
$secureString.AppendChar('@')
}
$tempCred=New-Object System.Management.Automation.PSCredential -ArgumentList $Credential.UserName,$secureString
#Comment out below for returning the new credential.
$tempCred.Password.Length
#Comment out below for returning the new credential.
$tempCred.GetNetworkCredential().Password
#UnComment out below for returning the new credential.
###Return $tempCred
或者,您可以跳过重建新的 PSCredential 对象并使用 NetworkCredential,如下所示:
$tempCred=([System.Net.NetworkCredential]::new($Credential.UserName,$secureString))
#Comment out below for returning the new credential.
$tempCred.Password.Length
#Comment out below for returning the new credential.
$tempCred.Password
#UnComment out below for returning the new credential.
###Return $tempCred
我有一个 cmdlet Append-SecureString.ps1,它可以将所需的 length/size 填充到具有特定字符的 SecureString('o' 只是为了演示)。我正在使用另一个从 SecureString 获取明文的 cmdlet Decode-SecureString.ps1。
cmdlet Decode-SecureString.ps1
#Decode-SecureString.ps1
param([SecureString]$SecureString)
Write-Information -MessageData "Retrieving string..." -Verbose -InformationAction Continue
try{
$bstr = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString)
$length = [Runtime.InteropServices.Marshal]::ReadInt32($bstr, -4)
[Runtime.InteropServices.Marshal]::PtrToStringBSTR($bstr)
}
finally{
if ( $bstr -ne [IntPtr]::Zero ) {
[Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr)
}
}
cmdlet Append-SecureString.ps1
#Append-SecureString.ps1
param(
[Parameter(mandatory=$true)]
[System.Management.Automation.PSCredential]$Credential,
[Parameter(mandatory=$false)]
[int]$Length
)
while($Credential.Password.Length -lt $Length){
$Credential.Password.AppendChar('o')
}
$Credential.Password.Length
$Credential.GetNetworkCredential().Password
.\Decode-SecureString.ps1 -SecureString $Credential.Password #Custom cmdlet provided above.
结果是:
$cred=Get-Credential -Message "Enter the credentials."
$cred.UserName
picachu
$cred.Password.Length
14
$cred.GetNetworkCredential().Password
THISISPASSWORD
.\AppendTo-SecureString.ps1 -Credential $cred -Length 64
64
THISISPASSWORD
Retrieving string...
THISISPASSWORDoooooooooooooooooooooooooooooooooooooooooooooooooo
因此,如我们所见,$Credential.GetNetworkCredential().Password 没有显示 $Credential.Password 的完整字符串,顺便说一句,它是一个 SecureString。但是我的自定义 cmdlet Decode-SecureString 成功地从 $Credential.Password 中获得了完整的填充字符串,即 SecureString.
所以,有人能找出为什么 GetNetworkCredential().Password 没有显示完整的字符串吗?如果可能的话,你如何让 GetNetworkCredential().Password 在不使用我的情况下显示 $Credential.Password 后面的字符串自定义 cmdlet Decode-SecureString.ps1 ?
我已编辑 cmdlet AppendTo-SecureString.ps1 以解决以下问题。它不再需要 Decode-SecureString.ps1 来显示字符。问题是正如@PetSerAl 指出的那样,GetNetworkCredential() 不会为已经存在的 PSCredential 对象重建缓存。所以我决定使用新的 SecureString 和 return 构建另一个凭证。
param(
[Parameter(mandatory=$true)]
[System.Management.Automation.PSCredential]$Credential,
[Parameter(mandatory=$false)]
[int]$Length
)
$secureString=$Credential.Password
while($secureString.Length -lt $Length){
$secureString.AppendChar('@')
}
$tempCred=New-Object System.Management.Automation.PSCredential -ArgumentList $Credential.UserName,$secureString
#Comment out below for returning the new credential.
$tempCred.Password.Length
#Comment out below for returning the new credential.
$tempCred.GetNetworkCredential().Password
#UnComment out below for returning the new credential.
###Return $tempCred
或者,您可以跳过重建新的 PSCredential 对象并使用 NetworkCredential,如下所示:
$tempCred=([System.Net.NetworkCredential]::new($Credential.UserName,$secureString))
#Comment out below for returning the new credential.
$tempCred.Password.Length
#Comment out below for returning the new credential.
$tempCred.Password
#UnComment out below for returning the new credential.
###Return $tempCred