Decrypt-RDCManPasswords.ps1
<#PSScriptInfo
.VERSION 1.0 .GUID 2849f977-ec2e-4727-a6f0-542e7f789cc6 .AUTHOR Aaron Guilmette .COMPANYNAME Microsoft .COPYRIGHT 2020 .TAGS .LICENSEURI .PROJECTURI .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES .DESCRIPTION Decrypt passwords in RDG files. .PRIVATEDATA #> <# .SYNOPSIS Decrypt passwords in RDG files. .PARAMETER RDGFile Saved Remote Desktop Manager (.rdg) file. .EXAMPLE .\Decrypt-RDCManPasswords.ps1 -RDGFile <path to RDGFile> .NOTES 2020-01-28 Added -Force parameter to overwrite destination files. 2019-07-12 Initial release. #> param($RDGFile, $PasswordString, $RDCManSource ) If (!$RDCManSource) { $RDCManSource = (Get-ChildItem -Path @('C:\Program Files\Microsoft', 'C:\Program Files (x86)\Microsoft') -File "RDCMan.exe" -Recurse -ErrorAction SilentlyContinue)[0] } If (!$RDCManSource) { Write-Error "Remote Desktop Manager must be installed. If it is installed, use the -RDCManSource parameter to specify the executable's location." Exit } else { try { $Assembly = [Reflection.Assembly]::LoadFile($RDCManSource.FullName) } catch { $_.Exception.Message.ToString(); Write-Host "Catch"; Exit } try { Import-Module $Assembly } catch { $_.Exception.Message.ToString(); Write-Host "Import Exception"; exit } } If ($RDGFile) { [xml]$Data = Get-Content $RDGFile $CredentialValues = $Data.SelectNodes("*//logonCredentials") $global:Output = @() foreach ($obj in $CredentialValues) { try { $EncryptionSettings = New-Object -TypeName RdcMan.EncryptionSettings $Password = [RdcMan.Encryption]::DecryptString($obj.password, $EncryptionSettings) } catch { $_.Exception.Message.ToString(); continue } If ($Password -and ($Password -notcontains 'Failed to decrypt')) { $CredObject = New-Object PSObject $CredObject | Add-Member -Type NoteProperty -Name "ProfileName" -Value $obj.ProfileName -ea SilentlyContinue -Force $CredObject | Add-Member -Type NoteProperty -Name "UserName" -Value $obj.username -ea SilentlyContinue -Force $CredObject | Add-Member -Type NoteProperty -Name "Password" -Value $Password $CredObject | Add-Member -Type NoteProperty -Name "Domain" -Value $obj.domain $global:Output += $CredObject } } If ($Output) { $Output } Else { Write-Host "Nothing to show." } } else { If ($PasswordString) { $EncryptionSettings = New-Object -TypeName RdcMan.EncryptionSettings $Password = [RdcMan.Encryption]::DecryptString($PasswordString, $EncryptionSettings) Write-Host "Cleartext password: $($Password)" } } |