1

I have a tool I'm working on in vb.net that essentially lets IT users in my org trigger a number of remote GUI processes on PCs. I call PSEXEC from within my application and pass it the user and password of a service account I have set up.

I want to be as security conscious as possible and am looking at using the SecureString class to store the user and password. My question is this: If I store my service acct. user and password using Secure String, then pass these to PSEXEC when I call it, does PSEXEC transmit an obfuscated password over the network or does it transmit the plain string?

Any help would be appreciated as this is a little new to me!

Thanks!

EDIT:

Code I use to call PSEXEC:

Private Sub startProcess(ByVal remotePC As String, ByVal remotePC_URL As String, ByVal remoteUser As String, ByVal password As String)
    Dim proc As New System.Diagnostics.Process
    proc.StartInfo = New ProcessStartInfo("CMD")
    proc.StartInfo.Arguments = "/k psexec \\" & remotePC & " -u " & remoteUser & " -p " & password & " -i -d ""C:\Program Files (x86)\Internet Explorer\iexplore.exe"" -k " & remotePC_URL & ""
    proc.StartInfo.CreateNoWindow = True
    proc.StartInfo.UseShellExecute = False
    proc.Start()
End Sub 'startProcess
Oryx
  • 302
  • 9
  • 21

1 Answers1

1

Is it user account / login information you use to authenticate to the remote server? If so, it's usually secured (same as login popup you get). Otherwise it depends on the protocol being used. For HTTP, as an example, everything is sent in plain text. Please provide some code for us to better understand your need.

Victor Zakharov
  • 25,801
  • 18
  • 85
  • 151
  • Added the sub I use to call PSEXEC right now. It works, but I don't know how it transmits the data I pass it. I have looked on the SysInternals PSEXEC page but it's not clear to me there either. – Oryx Oct 24 '14 at 15:18
  • @Oryx: see [this link](http://www.experts-exchange.com/Programming/Languages/Scripting/Shell/Batch/Q_22653238.html), it suggests that PsExec indeed submits a password in plain test. Also [more research here](http://digital-forensics.sans.org/blog/2010/06/01/protecting-admin-passwords-remote-response-forensics/), and a `net use` solution. What are trying to do, again? Start IE on remote server? – Victor Zakharov Oct 24 '14 at 15:49
  • @Oryx: Also check [How to start remotely process in PowerShell](http://stackoverflow.com/questions/18182690/how-to-start-remotely-process-in-powershell) and [Start-RemoteProcess cmdlet](http://www.vexasoft.com/pages/start-remoteprocess) (this one is paid, but you may find it worthwhile for your corporate needs - no affiliation with them whatsoever). [Password hash is your other option](http://www.windowsecurity.com/articles-tutorials/misc_network_security/PsExec-Nasty-Things-It-Can-Do.html), if you insist on using PsExec (look for `Figure 5: Using a password hash to execute a file remotely`). – Victor Zakharov Oct 24 '14 at 15:53
  • 1
    So I was actually able to find a newer version of PSEXEC that encrypts the password and command during transmit. http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx I think that'll work! – Oryx Oct 28 '14 at 13:53
  • @Oryx: Just make it's indeed encrypted, use a sniffer or something. Yes, if you are passing a user name only, it will prompt you for a password, and that's probably gonna get encrypted. But the article does not say anything about the password that is being passed clearly in plain text. You may need to throw in a password hash instead. – Victor Zakharov Oct 28 '14 at 14:57