0

So I got a code which creates and connect VPN in Windows 10 using PowerShell and radial.

Everything works just fine.

But when I want to dial VPN with user input credentials I'm getting an error.

This is my code:

Console.WriteLine("VPN Created.");
Console.WriteLine("Do you wanna connect? y/n");
string key = Console.ReadLine();

if (key == "y") {
    Console.WriteLine("Input username:");
    string username = Console.ReadLine();

    Console.WriteLine("Input password:");
    string password = Console.ReadLine();

    Console.WriteLine("Executing rasdial...");
    System.Diagnostics.Process.Start("rasdial.exe", "VPN_Arta {0} {1}", username, password);
}

The error I'm getting is:

Cannot convert string to System.Security.SecureString on line with starting rasdial.exe.

Do you guys have any idea how to solve this?

Lin Du
  • 88,126
  • 95
  • 281
  • 483
Johny Corbie
  • 63
  • 10
  • 1
    https://stackoverflow.com/questions/1570422/convert-string-to-securestring – Kory Gill Apr 15 '19 at 19:47
  • Hmm what i read and found but if i convert it it means anybody can scan memory of this app and read the password from it. Is there any another way how to keep this as secure string? But i dont know why it even wants username as securestring. – Johny Corbie Apr 15 '19 at 19:54
  • @JohnynCorbie - It doesn't want username as a `SecureString`. You're not using `Process.Start` correctly. With your current code, you're passing "VPN_Arta {0} {1}" as the username, `username` is in the passwords spot, and `password` is being passed for the domain. Check out the docs: https://learn.microsoft.com/en-us/dotnet/api/system.diagnostics.process.start?view=netframework-4.7.2 – Broots Waymb Apr 15 '19 at 20:05
  • 2
    Possible duplicate of [Convert String to SecureString](https://stackoverflow.com/questions/1570422/convert-string-to-securestring) – Wai Ha Lee Apr 15 '19 at 21:00

1 Answers1

0

So I got it working with normal string but now I need to do it in securestring with masking password.

My code looks like this:

Console.WriteLine("Input username:");
            string username = Console.ReadLine();

            Console.WriteLine("Input password:");

            SecureString password = new SecureString();
            password = Classes.Functions.GetPassword();

            Classes.Functions.runProcRasdial("VPN_Arta", username, password);

            Console.Clear();
            Console.WriteLine("VPN Connected.");

Method for calling rasdial:

public static Process runProcRasdial(string VPNName, string username, SecureString password)
    {

        ProcessStartInfo psi = new ProcessStartInfo("cmd")
        {
            RedirectStandardInput = true,
            RedirectStandardOutput = false,
            UseShellExecute = false
        };
        var proc = new Process()
        {
            StartInfo = psi,
            EnableRaisingEvents = true,
        };
        proc.Start();
        proc.StandardInput.WriteLine("rasdial {0} {1} {2}", VPNName, username, password);
        proc.StandardInput.WriteLine("exit");
        proc.WaitForExit();
        return proc;

    }

Method for masking password:

//mask password
    public static SecureString GetPassword()
    {
        var pwd = new SecureString();
        while (true)
        {
            ConsoleKeyInfo i = Console.ReadKey(true);
            if (i.Key == ConsoleKey.Enter)
            {
                break;
            }
            else if (i.Key == ConsoleKey.Backspace)
            {
                if (pwd.Length > 0)
                {
                    pwd.RemoveAt(pwd.Length - 1);
                    Console.Write("\b \b");
                }
            }
            else if (i.KeyChar != '\u0000' ) // KeyChar == '\u0000' if the key pressed does not correspond to a printable character, e.g. F1, Pause-Break, etc
            {
                pwd.AppendChar(i.KeyChar);
                Console.Write("*");
            }
            }
        return pwd;
    }

Problem is Im not getting any error everything looks just fine. But I think there gonna be problem with masking password function because it doesn't accept right password and I dont know.

Do you guys any ideas?

Thanks,

John

recnac
  • 3,744
  • 6
  • 24
  • 46
Johny Corbie
  • 63
  • 10