I have a Powershell script that I am successfully using to get the decrypted OpenVPN Password stored in Registry.
This is the script that successfully fetches the stored OpenVPN Password from registry that too as decrypted string:
Add-Type -AssemblyName System.Core
Add-Type -AssemblyName System.Security
$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}
foreach ($item in $items)
{
$encryptedbytes=$item.'auth-data'
$entropy=$item.'entropy'
$entropy=$entropy[0..(($entropy.Length)-2)]
$decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
$encryptedBytes,
$entropy,
[System.Security.Cryptography.DataProtectionScope]::CurrentUser)
Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}
But if I do some modification to this for fetching the decrypted username from the same OpenVPN Registry section and using the correct key username like below, it doesn't fetch the decrypted Username:
Add-Type -AssemblyName System.Core
Add-Type -AssemblyName System.Security
$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}
foreach ($item in $items)
{
$entropy=$item.'entropy'
$username=$item.'username'
$encryptedbytes=$item.'auth-data'
$entropy=$entropy[0..(($entropy.Length)-2)]
$username=$username[0..(($username.Length)-2)]
$decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
$encryptedBytes,
$username,
[System.Security.Cryptography.DataProtectionScope]::CurrentUser)
Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}
Can anyone help out in knowing what am I doing wrong here and fix this ?
Currently the username is stored unencrypted. Just decode it as Unicode. This may change in future versions. For encrypted data, the call to Unprotect() would take $entropy as the second argument, not $username.