-1

We have a number of Lanier MFPs that use the scan-to-folder option to allow people to get their documents, and we are starting to implement more security measures on the AD passwords they use by forcing a password reset.

Unfortunately, the Laniers use a proprietary encryption for the passwords. I've managed to get a functional Java command that will encrypt passwords into this format. The problem I've been encountering is that I then have to get this encoded password into PowerShell to pass it to the scanner.

I can run the Java command through a command line, but can't pass the encrypted password back into PowerShell as a string that the printer will accept (it needs to be in Base64). If I do pass the encoded password back into PowerShell, then run it through PowerShell's Base64 creation process, it is, obviously, changed too much for the scanner to use it.

What I need to determine is whether there's a way for me to take the following command line command, and get it to run in PowerShell, then provide me its output so I can pass this to the printer.

java -cp ./commons-codec-1.10.jar;. cdm.GwpwesCharacterEncoding %pass% "gwpwes002"

The Java command outputs a Base64 string based on the following line:

return new String(Base64.encodeBase64((byte[])encrypt));

As an example, if I pass the text 'Test' into that, I get the string "HVhcmtla25meHVncHQ=="

This is useless to me, though, as I can't then get this back into PowerShell to pass through to the printer, and if I encode it as Base64 with PowerShell, it comes out as "MgBoAHMAWgBtADkAegBjADIAQgBxAGUAMABKAHgAWgBYAGgAbgBiAG0AMAB3AD0A".

Can anyone help?

Revised code after some assistance:

$pass1 = "test"
$path = "c:\Test\printercreds"
$encode = "gwpwes002"

cd $path

$pinfo = New-Object System.Diagnostics.ProcessStartInfo
$pInfo.FileName = 'java'
$pInfo.Arguments = "-jar .\commons-codec-1.10.jar cdm.GwpwesCharacterEncoding $pass1 $encode"
$pInfo.UseShellExecute = $false
$pInfo.RedirectStandardOutput = $true
$pInfo.RedirectStandardError = $true
$process = New-Object System.Diagnostics.Process
$process.StartInfo = $pInfo
[void]$process.Start()
$passsec = $process.StandardOutput.ReadtoEnd()
$process.WaitforExit()

write-host $passsec
JCovalt
  • 13
  • 2
  • 1
    HVhcmtla25meHVncHQ== is already Base64 encoded – Zlatin Zlatev Aug 23 '17 at 17:53
  • Yeah, it sure seems that way, but when I pull that string back into PowerShell (the only way I was able to do so was to have the batch file output this to a text, then read that text file from PowerShell), the command that feeds it to the printer complains. The exact error it gives is: Cannot set "propVal" because only strings can be used as values to set XmlNode properties – JCovalt Aug 23 '17 at 18:03
  • Java is not a scripting language, and a Java program is not a script. Passwords should be hashed, not encrypted. – user207421 Aug 23 '17 at 18:23
  • The original code to make the passwords usable came in a .Java file, which was why I had to work with a developer on our staff in order to get it functional. Regardless, even if my wording is incorrect, it returns password strings that these scanners can use, but I cannot get them to pass back without some way to collect the script's output directly in PowerShell. Is there any way to accomplish this? – JCovalt Aug 23 '17 at 18:47
  • Yes run as a process in powershell and get its output [StackOverflow Example](https://stackoverflow.com/questions/8761888/capturing-standard-out-and-error-with-start-process) – ArcSet Aug 23 '17 at 19:00
  • @ArcSet I got this partly working; it runs. However, it returns no output at all when I run it. Can you see anything I'm doing wrong? $pass1 = "test" $encode = "gwpwes002" $p = New-Object System.Diagnostics.ProcessStartInfo $p.FileName = 'java' $p.Arguments = "-jar .\commons-codec-1.10.jar cdm.GwpwesCharacterEncoding $pass1 $encode" $p.UseShellExecute = $false $p.RedirectStandardOutput = $true $p.RedirectStandardError = $true $proc = New-Object System.Diagnostics.Process $proc.StartInfo = $p [void]$proc.Start() $passsec = $proc.StandardOutput.ReadtoEnd() $proc.WaitforExit() – JCovalt Aug 23 '17 at 19:20
  • You said it runs in CMD and outputs correctly....right? – ArcSet Aug 23 '17 at 19:22
  • @ArcSet Yes, but I am unable to return the output into PowerShell as anything but plain-text, sadly, and then I can't feed it back to the printer. – JCovalt Aug 23 '17 at 19:24
  • post what you have done into your ticket above – ArcSet Aug 23 '17 at 19:27
  • @ArcSet I've posted the code above. The write-host line just returns a blank string. – JCovalt Aug 23 '17 at 19:30
  • where did you find info on gwpwes002 – ArcSet Aug 23 '17 at 19:42
  • Found it and trying to write it in C# then ill see if i cant do anything for powershell with it – ArcSet Aug 23 '17 at 19:46
  • when you do the hash for the word TEST what do you get back – ArcSet Aug 24 '17 at 14:17
  • So, it actually gives a different result every time, but one example was that this gave back the string 'HVhcmtla25meHVncHQ==' – JCovalt Aug 24 '17 at 16:55
  • When you use a capital on the end like TesT what do you get? – ArcSet Aug 24 '17 at 17:33
  • Does it end with VncFQ== – ArcSet Aug 24 '17 at 17:40
  • yeah i figured it out and wrote it in powershell – ArcSet Aug 24 '17 at 17:46

1 Answers1

0

Please try this. Its the encoding for GWPWES002. I found a old java version here. https://www.dropbox.com/s/3324g84x0l4bnon/GwpwesCharacterEncoding.java?dl=0

There is a weakness in this "encoding". The front part of the encoding is just random padding. the pack part is where the actual string is stored. Running the script on the same string just a few times points out this error.

encodeGwpwes002 -code "a"

generated this hashes

np6eWFieWJ6eWA==

np6eWJ5YWFieWA==

WFienlhYnlieWA==

nlhYnp5Ynp6eWA==

nlieWFieWJ6eWA==

everything up until eWA== is just random padding mean "eWA==" == "a"

same for "aaaaaaaa"

np5YWJ5YnlieWFhYWFhYWFg=

np5Ynp6eWJ6eWFhYWFhYWFg=

nlienp6eWJ6eWFhYWFhYWFg=

WJ5YWJ6enlieWFhYWFhYWFg=

Meaning that

"eWFhYWFhYWFg=" Is "aaaaaaaa".

the password you provided as "test", A example of manipulation would be :

HVhcmtla25meHVncHQ== IS "test" :: 29 88 92 154 217 90 219 153 158 29 89 220 29

HVhcmtla25meFVncHQ== IS "Test" :: 29 88 92 154 217 90 219 153 158 21 89 220 29

Here is the powershell I have translated below

#private static String encodeGwpwes002(String code, int codeSize) {
function encodeGwpwes002([string]$code, [int]$codeSize = 0){
    #byte[] protectCode;
    [byte]$protectCode | Out-Null
    #try {
    try{
        #protectCode = code.getBytes("UTF-8");
        $protectCode = [System.Text.Encoding]::UTF8.GetBytes($code)
    #}catch (Throwable e) {
    }catch{
        #return null;
        return $null
    #}
    }
    #int encodeSize = codeSize;
    [int]$encodeSize = $codeSize
    #if (protectCode.length >= codeSize) {
    if(($protectCode.length) -ge $codeSize){
        #encodeSize = protectCode.length + 9;
        $encodeSize = ($protectCode.length) + 9
    #}
    }
    #byte[] simple = new byte[encodeSize];
    [byte[]]$simple = New-Object byte[] $encodeSize
    #int diffuseCnt = 0;
    [int]$diffuseCnt = 0
    #int simpleCnt = 0;
    [int]$simpleCnt = 0
    #if (protectCode.length < encodeSize - 1) {
    if(($protectCode.length) -lt ($encodeSize - 1)){
        #for (diffuseCnt = 0; diffuseCnt < encodeSize - 1 - protectCode.length; ++diffuseCnt) {
        for($diffuseCnt = 0; $diffuseCnt -lt ($encodeSize - 1 - ($protectCode.length)); $diffuseCnt++){
            #simple[diffuseCnt] = (byte)(Math.random() * 25.0 + 97.0);
            $simple[$diffuseCnt] = [byte] (Get-Random -Maximum 0.9 -Minimum 0.1) * 25.0 + 97.0
        #}
        }
    #}
    }
    #simple[diffuseCnt++] = 122;
    $simple[$diffuseCnt++] = 122
    #for (simpleCnt = diffuseCnt; simpleCnt < protectCode.length + diffuseCnt; ++simpleCnt) {
    for($simpleCnt = $diffuseCnt; $simpleCnt -lt ($protectCode.length) + $diffuseCnt; $simpleCnt++){
        #simple[simpleCnt] = protectCode[simpleCnt - diffuseCnt];
        $simple[$simpleCnt] = $protectCode[$simpleCnt - $diffuseCnt];
    #}
    }
    #byte[] encrypt = new byte[simpleCnt];
    [byte[]] $encrypt = New-Object byte[] $simpleCnt
    #for (int i = 0; i < simpleCnt; ++i) {
    for([int]$i=0; $i -lt $simpleCnt; $i++)  {  
        #byte work = 0;
        [byte]$work = 0
        #work = (byte)((simple[i] & 192) >>> 6 | (simple[i] & 63) << 2);
        $work = [byte](($simple[$i] -band 192) -shr 6 -bor ($simple[$i] -band 63) -shl 2)
        #encrypt[i] = (byte)((work & 240) >>> 4 | (work & 15) << 4);
        $encrypt[$i] = [byte](($work -band 240) -shr 4 -bor ($work -band 15) -shl 4)
    #}
    }
    #return new String(Base64.encodeBase64((byte[])encrypt));
    return [string]([System.Convert]::ToBase64String([byte[]]$encrypt))
#}
}

encodeGwpwes002TEST -code "Test"
Community
  • 1
  • 1
ArcSet
  • 6,518
  • 1
  • 20
  • 34