-
-
Save atallo/4b9f66b0424af9a9accca913fb3e6485 to your computer and use it in GitHub Desktop.
Decrypting Remote Desktop Connection Manager Passwords from settings file with PowerShell (passwords with certificate)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# author: josef lahmer | |
# thanks to https://smsagent.blog/2017/01/26/decrypting-remote-desktop-connection-manager-passwords-with-powershell/ | |
# Path to RDCMan.exe | |
#$RDCMan = "C:\Program Files (x86)\Microsoft\Remote Desktop Connection Manager\RDCMan.exe" | |
# Path to RDG file | |
$RDGFile = "C:\TEMP\file.rdg" | |
#$RDGFile = "$env:LOCALAPPDATA\Microsoft\Remote Desktop Connection Manager\RDCMan.settings" | |
$TempLocation = "C:\temp" | |
#Copy-Item $RDCMan "$TempLocation\RDCMan.dll" | |
Import-Module "$TempLocation\RDCMan.dll" | |
$EncryptionSettings = New-Object -TypeName RdcMan.EncryptionSettings | |
$EncryptionSettings.EncryptionMethod.Value = [RdcMan.EncryptionMethod]::Certificate | |
# Get Thumbprint with | |
# Get-ChildItem -Path Cert:currentUser\MY | |
$EncryptionSettings.CredentialData.Value = Select-XML -Xml $XML -XPath '//credentialData' | |
$XML = New-Object -TypeName XML | |
$XML.Load($RDGFile) | |
# for settings file | |
#$logonCredentials = Select-XML -Xml $XML -XPath '//credentialsProfile' | |
# for rdg file | |
$logonCredentials = Select-XML -Xml $XML -XPath '//logonCredentials' | |
$Credentials = New-Object System.Collections.Arraylist | |
$logonCredentials | foreach { | |
[void]$Credentials.Add([pscustomobject]@{ | |
Username = $_.Node.userName | |
Password = $(Try{[RdcMan.Encryption]::DecryptString($_.Node.password, $EncryptionSettings)}Catch{$_.Exception.InnerException.Message}) | |
Domain = $_.Node.domain | |
}) | |
} | Sort Username | |
$Credentials | Sort Username |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment