Created
August 15, 2023 11:44
-
-
Save jborean93/6168da85e5b3742d943300dd1176a63d to your computer and use it in GitHub Desktop.
Code that can encrypt or decrypt TightVNC server passwords
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function ConvertTo-EncryptedVNCPassword { | |
| [OutputType([byte[]])] | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [SecureString] | |
| $Password | |
| ) | |
| # This is hardcoded in VNC applications like TightVNC. | |
| $magicKey = [byte[]]@(0xE8, 0x4A, 0xD6, 0x60, 0xC4, 0x72, 0x1A, 0xE0) | |
| $ansi = [System.Text.Encoding]::GetEncoding( | |
| [System.Globalization.CultureInfo]::CurrentCulture.TextInfo.ANSICodePage) | |
| $pass = [System.Net.NetworkCredential]::new('', $Password).Password | |
| $byteCount = $ansi.GetByteCount($pass) | |
| if ($byteCount -gt 8) { | |
| $err = [System.Management.Automation.ErrorRecord]::new( | |
| [ArgumentException]'Password must not exceed 8 characters', | |
| 'PasswordTooLong', | |
| [System.Management.Automation.ErrorCategory]::InvalidArgument, | |
| $null) | |
| $PSCmdlet.WriteError($err) | |
| return | |
| } | |
| $toEncrypt = [byte[]]::new(8) | |
| $null = $ansi.GetBytes($pass, 0, $pass.Length, $toEncrypt, 0) | |
| $des = $encryptor = $null | |
| try { | |
| $des = [System.Security.Cryptography.DES]::Create() | |
| $des.Padding = 'None' | |
| $encryptor = $des.CreateEncryptor($magicKey, [byte[]]::new(8)) | |
| $data = [byte[]]::new(8) | |
| $null = $encryptor.TransformBlock($toEncrypt, 0, $toEncrypt.Length, $data, 0) | |
| , $data | |
| } | |
| finally { | |
| if ($encryptor) { $encryptor.Dispose() } | |
| if ($des) { $des.Dispose() } | |
| } | |
| } | |
| Function ConvertFrom-EncryptedVNCPassword { | |
| [OutputType([string])] | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [byte[]] | |
| $EncryptedData | |
| ) | |
| # This is hardcoded in VNC applications like TightVNC. | |
| $magicKey = [byte[]]@(0xE8, 0x4A, 0xD6, 0x60, 0xC4, 0x72, 0x1A, 0xE0) | |
| $ansi = [System.Text.Encoding]::GetEncoding( | |
| [System.Globalization.CultureInfo]::CurrentCulture.TextInfo.ANSICodePage) | |
| if ($EncryptedData.Length -ne 8) { | |
| $err = [System.Management.Automation.ErrorRecord]::new( | |
| [ArgumentException]'Encrypted data must be 8 bytes long', | |
| 'InvalidEncryptedLength', | |
| [System.Management.Automation.ErrorCategory]::InvalidArgument, | |
| $null) | |
| $PSCmdlet.WriteError($err) | |
| return | |
| } | |
| $des = $decryptor = $null | |
| try { | |
| $des = [System.Security.Cryptography.DES]::Create() | |
| $des.Padding = 'None' | |
| $decryptor = $des.CreateDecryptor($magicKey, [byte[]]::new(8)) | |
| $data = [byte[]]::new(8) | |
| $null = $decryptor.TransformBlock($EncryptedData, 0, $EncryptedData.Length, $data, 0) | |
| $ansi.GetString($data).TrimEnd("`0") | |
| } | |
| finally { | |
| if ($decryptor) { $decryptor.Dispose() } | |
| if ($des) { $des.Dispose() } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment