El TecnoBaúl de Kiquenet

Kiquenet boring stories

Archive for the ‘Seguridad’ Category

Manage Credentials programmatically using C#

Posted by kiquenet en 2 enero 2015

Credential Manager

CredentialManagement
http://nuget.org/packages/CredentialManagement/

http://credentialmanagement.codeplex.com/SourceControl/latest

CredMan.ps1
https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Credentials-d44c3cde

        [TestMethod]
        public void Set_Credentials_for_older_domain_whe_migration_to_new_domain()
        {
            var accesos = new List<string> {
            "intranet",
            "intranet.xxxxx.net",
            "intranet.zzzzzzzz.com",
            "intranetescritorio.zzzzzzzz.net",
            "more…",
            };

            accesos.ForEach(acceso => SaveCredential(acceso));
        }

        private static Credential SaveCredential(string CredentialName)
        {
            var UserName = @"OLDERDOMAIN\user";
            var Password = "pass";

            var cm = new Credential { Target = CredentialName, Type = CredentialType.DomainPassword };
            if (cm.Exists())
            {
                cm.Load();
                Console.WriteLine("Credential " + cm.Target + ". Data: " + cm.Username + " " + cm.Password);

                //if (cm.Type == CredentialType.Generic)  cm.Delete();

                return cm;
            }

            cm = new Credential
            {
                Target = CredentialName,
                Type = CredentialType.DomainPassword,
                PersistanceType = PersistanceType.Enterprise,
                Username = UserName,
                Password = Password
            };
            cm.Save();
            return cm;
        }

Tools useful: PromptForCredentials Builder and Credential Set Manager by Kenny Kerr (Microsoft)

Windows 8 – New API Windows.Security
http://msdn.microsoft.com/en-us/library/windows/apps/windows.security.credentials.aspx
https://code.msdn.microsoft.com/windowsapps/PasswordVault-f01be74a

[void][Windows.Security.Credentials.PasswordVault,Windows.Security.Credentials,ContentType=WindowsRuntime]
(new-object Windows.Security.Credentials.PasswordVault).RetrieveAll() | % { $_.RetrievePassword(); $_ }

It only displays data from the Web Credentials store, not the Windows Credentials

The new api has no way to access the Windows Credentials

http://stackoverflow.com/questions/14813370/how-to-access-the-stored-credentials-passwordvault-on-win7-and-win8

Sources:

http://msdn.microsoft.com/en-us/library/aa480470.aspx#cred_topic5

http://stackoverflow.com/questions/9221245/how-do-i-store-and-retrieve-credentials-from-the-windows-vault-credential-manage

http://stackoverflow.com/questions/17741424/retrieve-credentials-from-windows-credentials-store-using-c-sharp

Posted in .NET, Security, Seguridad | Etiquetado: | Leave a Comment »

Using different credentials to connect to Team Foundation Server

Posted by kiquenet en 27 agosto 2014

TFS Cache
<system drive>\Users\<your profile>\AppData\Microsoft\Team Foundation

You can try clearing the cache manually here: C:\Users[USERNAME]\AppData\Local\Microsoft\Team Foundation\5.0\Cache

Control Panel->User Accounts –> Manage your credentials (CredentialManager)

You can also use the command line to open the credential manager.

control /name Microsoft.CredentialManager

This will open the credential manager.

Recently, I had to authenticate to Team Foundation Server using an account with greater permissions to perform some administrative tasks.  As you may know, this requires entering alternate credentials when you add the server to the list of TFS servers, or when you need to connect to the server.  Once you’ve connected once, you aren’t prompted again as the credentials are cached locally.

In the past, to remedy this, you could simply delete the local TFS cache, which is located in the following directory (Windows Vista and onwards):

<system drive>\Users\<your profile>\AppData\Microsoft\Team Foundation

image

However, in more recent versions this has changed somewhat, and the user’s credentials are no longer linked to the local TFS cache or configuration.

Where are the Credentials?

Good question.  After some digging about, it seems that the credentials are now stored in the user’s Credential Manager store within Windows.  If you aren’t familiar with this, it was introduced on the more recent versions of Windows, and it lives via the Control Panel, under the following path: Control Panel->User Accounts

image

Inside this location, you can view all the locally cached credentials, including Windows Credentials:

image

Note: that it appears that for TFS credentials used by Team Explorer and other applications, the credentials are the ones under “Generic Credentials” not under “Windows Credentials” (in case you have TFS entries in both).

Making Changes

To modify or remove the credentials you use to connect to TFS, simply expand the appropriate entry and click on “Edit”, or to delete the local credentials, click on “Remove”.  If you opt to remove the credentials, you’ll be prompted to enter new credentials next time you connect to the specified TFS server.

image

So that was a little out of the way. When I tested this, I made sure that I’d disconnected from TFS before changing/removing the credential configuration.

It would be nice if Team Explorer linked to the Credentials Manager so we didn’t have to go digging to work this out, wouldn’t it?

TFS credentials

When you connect TFS from Visual Studio you will be asked to give user credential to connect. If you checked the option Remember my credentials while connecting TFS, you won’t be asked credentials again to connect TFS. In that case, if you wanted to change different credentials to connect TFS. you need to follow below solution to force Visual Studio to ask new credentials to connect TFS.

Revert TFS credentials in Visual Studio

Force to change TFS credentials in Visual Studio

      You need to remove TFS credentials from Windows Vault to clear and force to ask new TFS credentials in Visual Studio
      1. Go to Control Panel (Start -> Control Panel).
      2. Click User Accounts ( or User Accounts and Family Safety->User Accounts in Windows 7 Machine)
      3. Click Credential Manager (or Manage your credentials)

Remove TFS user credentials in Visual Studio

     4. In Credential Manager page, you can see the two type of credentials
           i. Windows Credentials
           ii. Generic Credentials

     5. Click on two credential’s modify link,  click the link Remove from vault to remove stored TFS credentials.

Now, When you login into Visual Studio you will be asked to give credentials to connect TFS.

Note:
Don’t forgot to uncheck the option Remember my credentials to force to ask credentials for every TFS connections.

References:
http://sanderstechnology.com/2013/using-different-credentials-to-connect-to-team-foundation-server/11865/#.U-iskPl_vij
http://www.morgantechspace.com/2013/09/how-to-change-user-credentials-for-tfs.html

Posted in Seguridad, TFS | Etiquetado: , , | Leave a Comment »

Honeypots

Posted by kiquenet en 20 enero 2010

Se denomina Honeypot al software o conjunto de computadores cuya intención es atraer a atacantes, simulando ser sistemas vulnerables o débiles a los ataques. Es una herramienta de seguridad informática utilizada para recoger información sobre los atacantes y sus técnicas. Los Honeypots pueden distraer a los atacantes de las máquinas más importantes del sistema, y advertir rápidamente al administrador del sistema de un ataque, además de permitir un examen en profundidad del atacante, durante y después del ataque al honeypot.

Algunos honeypots son programas que se limitan a simular sistemas operativos no existentes en la realidad y se les conoce como honeypots de baja interacción y son usados fundamentalmente como medida de seguridad. Otros sin embargo trabajan sobre sistemas operativos reales y son capaces de reunir mucha más información; sus fines suelen ser de investigación y se los conoce como honeypots de alta interacción.

A un panal de rica miel
dos mil moscas acudieron
que por golosas murieron
presas de patas en él.

F. Samaniego

http://es.wikipedia.org/wiki/Honeypot

Forensic Computing – Forense CSI para Informáticos
http://bad-robot.blogspot.com/search/label/Forense

Posted in Seguridad | Etiquetado: | Leave a Comment »