Cannot decrypt Unicode password, passed from RDP (need plain password for credential provider)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 95%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
Alex Danilov
6
Reputation points
Just repeating question here - as suggested. Issue with CredIsProtected API
When RDP passes the password to destination PC it is in protected form, something like "@@D...."
We are using following code in order to get plain text password from it:
if (CredIsProtectedW(szPasswordFromRDP, &protectionType))
{
if(protectionType == CredProtected)
{
CredUnprotectW(FALSE, szPasswordFromRDP,...);
// use plain text password in our own Credential provider
}
}
That code works perfectly well when user has ASCII password.
But when there is Unicode password CredIsProtectedW returns CredUnprotected...
Even when we try to "force" conversion with CredUnprotectW by supplying correct plain text length (we know from original password) - it still doesn't work!
Is it some kind of limitation? Or bug? Or it doesn't support all Unicode characters?
Or destination PC should have language installed?
Internally, they look pretty much the same.
ASCII password in protected form: @@D�� gAAAAAnPAAAAAAAAAE1g99rdJVRbxrnfZUZt2eC#VpTLhcq1H
Unicode in protected form: @@D\x07\x08\x0c\n\roAAAAAnPAAAAAAAAgJtBMDyNE3hzbN0ZfPFpvgndNZinjVbLzxsosyvaRNeD
Just in case - specific Unicode plain text password I've used (Japanese Katakana) アセアセアセアセアセ
2 letters repeated 5 times: U+30A2 and U+30BB
Windows development | Windows API - Win32
-
Viorel 127K Reputation points2021-04-05T19:54:08.973+00:00 Maybe it has sense to execute an experimental call of CredProtectW on corresponding machine to check that it can protect such credentials.
Sign in to comment
Sign in to answer