Thursday, July 21, 2016

Decode AsSecureString into cleartext

I needed a way to enter a password from the console. This is done by typing:

$pwd = Read-Host

It works, but I didn't want this text to be visible on the screen while I'm typing it:

$pwd = Read-Host -AsSecureString

Success! Now let's see the password in action:

PS C:\Users\Akos> $pwd

.. Hmm, not quite what I had hoped for. But there is hope yet:

$cleartextpwd = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($pwd))

Decodes the secure string into cleartext! Now you can type a password securely and use it. Be sure to remove the variable once you're done ;-)

