Created
October 25, 2019 06:30
-
-
Save josy1024/e88c496645fdc168f6fc9698efb19900 to your computer and use it in GitHub Desktop.
Decrypting Remote Desktop Connection Manager Passwords from settings file with PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # author: josef lahmer | |
| # thanks to https://smsagent.blog/2017/01/26/decrypting-remote-desktop-connection-manager-passwords-with-powershell/ | |
| # Path to RDCMan.exe | |
| $RDCMan = "C:\Program Files (x86)\Microsoft\Remote Desktop Connection Manager\RDCMan.exe" | |
| # Path to RDG file | |
| # $RDGFile = "$env:USERPROFILE\Documents\RDPConnections.rdg" | |
| $RDGFile = "$env:LOCALAPPDATA\Microsoft\Remote Desktop Connection Manager\RDCMan.settings" | |
| $TempLocation = "C:\temp" | |
| Copy-Item $RDCMan "$TempLocation\RDCMan.dll" | |
| Import-Module "$TempLocation\RDCMan.dll" | |
| $EncryptionSettings = New-Object -TypeName RdcMan.EncryptionSettings | |
| $XML = New-Object -TypeName XML | |
| $XML.Load($RDGFile) | |
| # for settings file | |
| $logonCredentials = Select-XML -Xml $XML -XPath '//credentialsProfile' | |
| # for rdg file | |
| #$logonCredentials = Select-XML -Xml $XML -XPath '//logonCredentials' | |
| $Credentials = New-Object System.Collections.Arraylist | |
| $logonCredentials | foreach { | |
| [void]$Credentials.Add([pscustomobject]@{ | |
| Username = $_.Node.userName | |
| Password = $(Try{[RdcMan.Encryption]::DecryptString($_.Node.password, $EncryptionSettings)}Catch{$_.Exception.InnerException.Message}) | |
| Domain = $_.Node.domain | |
| }) | |
| } | Sort Username | |
| $Credentials | Sort Username |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Be good to extend this for certificates as well, not just logon credentials.