Prevent credentials from being exposed | Feature Requests

Mosh · 2020-01-30T16:32:37Z

At the moment, when a collector executes a PowerShell script, the command line of the PowerShell process will expose credentials (the <removed> parts below example). The better way to do this would be to save the strings to temporary files (this would be done by the collector agent), and the PowerShell scripts should read the content from the files and pass as arguments to the script cmdlet. The problem with passing them in the command line is they are exposed in memory and malware could steal the credentials. PowerShell.exe -NoLogo -NonInteractive -InputFormat text -OutputFormat text -Command "& {$Password = ConvertTo-SecureString '<removed>' -AsPlainText -Force;$Credential = New-Object System.Management.Automation.PsCredential '<removed>', $Password;Get-WmiObject -NameSpace "ROOT\CIMV2" -Class Win32_PerfRawData_PerfOS_Processor -ComputerName "10.61.2.142" -Credential $Credential -Filter name='''_Total''' | Format-List }"

MoreDiscussions

Prevent credentials from being exposed | Feature Requests | LogicMonitor Community