Secure parameters with powershell exec

Question

I have a Powershell app that retrieves some secret data- then needs to execute a .NET exe (locally) passing that data. It appears that passing the data as a raw param could expose it to users on the machine, so I'm looking for a way to keep it secure.

Possible solutions-

Get the data directly from the C# app (possible, but not ideal)
Put the data in an EFS encrypted file and pass the file location
Encrypt the param with a shared key (something built into windows?)

Any tips/guidance would be appreciated.

Could you please provide more information about "some secret data"? — meziantou, Feb 16 '14 at 14:54

score 1 · Accepted Answer · answered Feb 17 '14 at 00:50

1

Please see this Microsoft Technet article:

Working With Passwords and Secure Strings in Windows Powershell

The gist of the above article:

Basic example of encrypting a string:

$PlainParam = "param you want to encrypt"
$SecureParam = $PlainParam | ConvertTo-SecureString -AsPlainText -Force

Cmdlets to look into:

ConvertTo-SecureString
ConvertFrom-SecureString

answered Feb 17 '14 at 00:50

Vasili Syrakis

9,321
1
39
56

Seems right. Unfortunately I'm locked to PS2 for the moment, so I'm back at the EFS file. Thanks. – therealsix Feb 24 '14 at 20:32

Secure parameters with powershell exec

1 Answers1

Please see this Microsoft Technet article:

The gist of the above article: