-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCreateUser.ps1
More file actions
79 lines (58 loc) · 2.38 KB
/
CreateUser.ps1
File metadata and controls
79 lines (58 loc) · 2.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
function New-USBKey {
param (
[string]$prefix = "USBID",
[int]$GUIDLength = 8
)
if ($GUIDLength -lt 1) {
$GUIDLength = 8
}
if ($GUIDLength -gt 32) {
$GUIDLength = 32
}
$dateTime = Get-Date -Format "yyyyMMdd-HHmmss"
$guid = [System.Guid]::NewGuid().ToString().Replace("-", "").Substring(0, $GUIDLength).ToUpper()
$hashData = [System.Text.Encoding]::UTF8.GetBytes($prefix + $guid)
$sha256 = [System.Security.Cryptography.SHA256]::Create()
$hash = [BitConverter]::ToString($sha256.ComputeHash($hashData)).Replace("-", "").Substring(0, 10)
# Construct the key in the format: PREFIX-YYYYMMDD-HHMMSS-HASH-GUID
$key = "$prefix-$dateTime-$hash-$guid".ToUpper()
return $key
}
function New-EncryptedData {
param (
[string]$username,
[string]$password
)
# create aes key
$key = [byte[]](1..32 | ForEach-Object { Get-Random -Max 256 })
# convert to byte array
$credentialBytes = [System.Text.Encoding]::UTF8.GetBytes("$username`n$password")
# encrypt
$aes = [System.Security.Cryptography.Aes]::Create()
$aes.Key = $key
$aes.GenerateIV()
$encryptor = $aes.CreateEncryptor()
$encryptedCredentials = $encryptor.TransformFinalBlock($credentialBytes, 0, $credentialBytes.Length)
# convert to base64
$keyText = [System.Convert]::ToBase64String($key)
$ivText = [System.Convert]::ToBase64String($aes.IV)
$encryptedText = [System.Convert]::ToBase64String($encryptedCredentials)
return @{
Key = $keyText
IV = $ivText
EncryptedData = $encryptedText
}
}
#$USBKey = New-USBKey
$EncryptedData = New-EncryptedData -username "Admin" -password "zaq1@WSX"
# $USBLetter = "G:"
# $EncryptedData.Key | Out-File "$USBLetter\aes_key.bin"
# $EncryptedData.IV | Out-File "$USBLetter\aes_iv.bin"
# $EncryptedData.EncryptedData | Out-File "$USBLetter\credentials.enc"
# save to database
$SQLQuery = "INSERT INTO Users (USBKey, AESKey, AESIV, EncryptedData) VALUES ('$USBKey', '$($EncryptedData.Key)', '$($EncryptedData.IV)', '$($EncryptedData.EncryptedData)')"
Write-Host $SQLQuery
# create usb key file and hide it
#$USBLetter = "F:"
#$USBKey | Out-File "$USBLetter\.usbkeyfile"
#[System.IO.File]::SetAttributes("$USBLetter\.usbkeyfile", "Hidden, System")