Encrypting the password value used to send an email via a bat file?

windows batch email batch-file gmail

Solution 1:

Obfuscate Sensitive Strings with PowerShell to Send an Email via a Batch Script

You can use a strategic variation of the PowerShell code mentioned in the "Simple Obfuscation with PowerShell using Base64 Encoding" post to...

  1. Encode the sensitive string(s) you wish to obfuscate to make those not so easily decipherable to anyone without a lot of technical know-how which could potentially see or copy the script logic at runtime

  2. Setup the process to cleanup and remove the batch script, and the dynamically generated PowerShell script, after both are executed and run the necessary logic

Get Encoded String Values

Whatever value you want to obfuscate, you will put that value enclosed within double quotes in the $SensitiveString per the below logic and then execute $OString to get the encoded value.

These will be the values you hard code into the below Batch Script rather than using the sensitive values themselves in a plain text format.

$SensitiveString = "ARealDumbPassword" ## -- Put sensitive string value to encode here
$OString         = [Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes($SensitiveString))
$ConvertedString = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($OString))
$OString ## -- Get encoded string value

enter image description here

You can use the existing batch script with a few adjustments so the encoded values can be passed in or set in the batch script logic and have the other logic within the PowerShell script to decode those values for use. Once done, the PowerShell script and the batch script will be deleted.

Batch Script

@ECHO OFF

:: -- Set senvitive values and file attachment path
SET "GmailAccount=RwBtAGEAaQBsAEEAYwBjAG8AdQBuAHQAVQBzAGUAcgBuAGEAbQBlAF8AXwBCAGkAdABjAGgA"
SET "GmailPassword=QQBSAGUAYQBsAEQAdQBtAGIAQQBzAHMAUABhAHMAcwB3AG8AcgBkAA=="
SET "Attachment=<FullAttachmentPath>"

:: -- Set other email values
SET "[email protected]"
SET "EmailSubject=This is the subject of the email"
SET "EmailBody=This is the body of the email"

CALL :PowerShell
CD /D "%PowerShellDir%"
Powershell -ExecutionPolicy Bypass -Command "& '%PSScript%' '%GmailAccount%' '%GmailPassword%' '%Attachment%'"
IF EXIST "%PSScript%" DEL /Q /F "%PSScript%"
IF EXIST "%~FN0" DEL /Q /F "%~FN0"
IF EXIST "%PSScript%" DEL /Q /F "%PSScript%"
EXIT

:PowerShell
SET PowerShellDir=C:\Windows\System32\WindowsPowerShell\v1.0
SET PSScript=%temp%\~tmpSendeMail.ps1
IF EXIST "%PSScript%" DEL /Q /F "%PSScript%"

ECHO $Username      = $args[0]                                                                                     >> "%PSScript%"
ECHO $Username      = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($Username))     >> "%PSScript%"
ECHO $EmailPassword = $args[1]                                                                                     >> "%PSScript%"
ECHO $EmailPassword = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($EmailPassword))>> "%PSScript%"
ECHO $Attachment    = $args[2]                                                                                     >> "%PSScript%"
ECHO $Attachment    = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($Attachment))   >> "%PSScript%"
ECHO                                          >> "%PSScript%"
ECHO $Username    = $Username                 >> "%PSScript%"
ECHO $EmailTo     = "%EmailTo%"               >> "%PSScript%"
ECHO $EmailFrom   = "[email protected]" >> "%PSScript%"
ECHO $Subject     = "%EmailSubject%"          >> "%PSScript%"
ECHO $Body        = "%EmailBody%"             >> "%PSScript%"
ECHO $SMTPServer  = "smtp.gmail.com"          >> "%PSScript%"
ECHO $SMTPMessage = New-Object System.Net.Mail.MailMessage($EmailFrom, $EmailTo, $Subject, $Body) >> "%PSScript%"
ECHO $Attachment  = New-Object System.Net.Mail.Attachment($Attachment)                            >> "%PSScript%"
ECHO $SMTPMessage.Attachments.Add($Attachment)                                                    >> "%PSScript%"
ECHO $SMTPClient  = New-Object Net.Mail.SmtpClient($SmtpServer, 587)                              >> "%PSScript%"
ECHO $SMTPClient.EnableSsl = $true                                                                >> "%PSScript%"
ECHO $SMTPClient.Credentials = New-Object System.Net.NetworkCredential($Username, $EmailPassword) >> "%PSScript%"
ECHO $SMTPClient.Send($SMTPMessage)                                                               >> "%PSScript%"
GOTO :EOF

Supporting Resources

  • Simple Obfuscation with PowerShell using Base64 Encoding
  • Convert.ToBase64String Method
  • Encoding Class
  • UnicodeEncoding.GetString(Byte[], Int32, Int32) Method
  • System.Convert Methods
  • Convert.FromBase64String(String) Method

Related

is VGA to HDMI cable is same as HDMI to VGA cable?
Isolating cause of 0x124 WHEA_UNCORRECTABLE_ERROR consistently at address ntoskrnl.exe+4b314c
File copy tools that will preserve hard links at destination
OpenVPN client to use local DNS server and VPN provider's DNS server
Run Windows and Ubuntu at the same time and access them via remote desktop
Communication between Docker containers on differents hosts in the same local network
How to add search engine using Firefox's address bar?
Windows 10 unconditional startup BSOD; can't read file system(?)
Does "DDR4L" memory exist?
Is windows partition manager reading ubuntu partition correctly?
Windows 10 1809 cannot search for emoji
Find out how long ago the windows computer woke up