将密码保存到.rdp文件的问题 [英] problem with saving password to .rdp file
问题描述
我创建了ASP.Net页面,该页面创建.rdp文件,然后按如下所示打开它:
I created ASP.Net page which create .rdp file and then open it as below:
public static void Rdc(String server, String UserName, String password, out String filename)
{
String ss= Environment.UserName;
filename = @"c:\temp.rdp";
if(File.Exists(filename))
File.Delete(filename);
if (!File.Exists(filename))
{
using (FileStream fs = File.Create(filename))
using (StreamWriter sw = new StreamWriter(fs))
{
sw.WriteLine("screen mode id:i:2");
sw.WriteLine("desktopwidth:i:1440");
sw.WriteLine("desktopheight:i:900");
sw.WriteLine("session bpp:i:32");
sw.WriteLine("winposstr:s:0,1,4,12,1440,864");
sw.WriteLine("compression:i:1");
sw.WriteLine("keyboardhook:i:2");
sw.WriteLine("administrative session:i:1");
sw.WriteLine("displayconnectionbar:i:1");
sw.WriteLine("disable wallpaper:i:1");
sw.WriteLine("disable full window drag:i:1");
sw.WriteLine("allow desktop composition:i:0");
sw.WriteLine("allow font smoothing:i:0");
sw.WriteLine("disable menu anims:i:1");
sw.WriteLine("disable themes:i:0");
sw.WriteLine("disable cursor setting:i:0");
sw.WriteLine("bitmapcachepersistenable:i:1");
sw.WriteLine("full address:s:" + server);
sw.WriteLine("username:s:" + UserName);
sw.WriteLine("password 51:b:" + rdpEncrypt(password));
sw.WriteLine("audiomode:i:0");
sw.WriteLine("redirectprinters:i:1");
sw.WriteLine("redirectcomports:i:0");
sw.WriteLine("redirectsmartcards:i:1");
sw.WriteLine("redirectclipboard:i:1");
sw.WriteLine("redirectposdevices:i:0");
sw.WriteLine("autoreconnection enabled:i:1");
sw.WriteLine("authentication level:i:0");
sw.WriteLine("prompt for credentials:i:0");
sw.WriteLine("negotiate security layer:i:1");
sw.WriteLine("remoteapplicationmode:i:0");
}
}
}
,然后从网页上调用它:
and then call it from the web page :
public static Boolean openrdp(string path)
{
// Get the physical Path of the file
string filepath = path;
// Create New instance of FileInfo class to get the properties of the file being downloaded
FileInfo file = new FileInfo(filepath);
// Checking if file exists
if (file.Exists)
{
// Clear the content of the response
HttpContext.Current.Response.ClearContent();
// LINE1: Add the file name and attachment, which will force the open/cance/save dialog to show, to the header
//Response.AddHeader("Content-Disposition", "attachment; filename=" + file.Name);
HttpContext.Current.Response.AddHeader("Content-Disposition", "inline; filename=" + file.Name);
// Add the file size into the response header
HttpContext.Current.Response.AddHeader("Content-Length", file.Length.ToString());
// Set the ContentType
HttpContext.Current.Response.ContentType = ReturnExtension(file.Extension.ToLower());
// Write the file into the response (TransmitFile is for ASP.NET 2.0. In ASP.NET 1.1 you have to use WriteFile instead)
HttpContext.Current.Response.TransmitFile(file.FullName);
// End the response
HttpContext.Current.Response.End();
return true;
}
else
return false;
}
public static string ReturnExtension(string fileExtension)
{
switch (fileExtension)
{
case ".htm":
case ".html":
case ".log":
return "text/HTML";
case ".txt":
return "text/plain";
case ".docx":
return "application/vnd.openxmlformats-officedocument.wordprocessingml.document";
case ".doc":
return "application/msword";
case ".tiff":
case ".tif":
return "image/tiff";
case ".asf":
return "video/x-ms-asf";
case ".avi":
return "video/avi";
case ".zip":
return "application/zip";
case ".xls":
case ".csv":
return "application/vnd.ms-excel";
case ".gif":
return "image/gif";
case ".jpg":
case "jpeg":
return "image/jpeg";
case ".bmp":
return "image/bmp";
case ".wav":
return "audio/wav";
case ".mp3":
return "audio/mpeg3";
case ".mpg":
case "mpeg":
return "video/mpeg";
case ".rtf":
return "application/rtf";
case ".asp":
return "text/asp";
case ".pdf":
return "application/pdf";
case ".fdf":
return "application/vnd.fdf";
case ".ppt":
return "application/mspowerpoint";
case ".dwg":
return "image/vnd.dwg";
case ".msg":
return "application/msoutlook";
case ".xml":
case ".sdxl":
return "application/xml";
case ".xdp":
return "application/vnd.adobe.xdp+xml";
case ".rdp":
return "application/x-rdp";
default:
return "application/octet-stream";
}
}
远程连接打开的问题ID,但仅具有用户名而没有密码.注意:我将密码输入.rdp文件
the problem id that remote connection opened but with user name only without password. Note: i encypt the password in .rdp file
有什么主意吗?
推荐答案
我猜RDP文件中的密码是由保存它的用户(即Web应用程序池用户)加密的.并在打开时即时解密.
I'm guessing that the passwords in the RDP file are encrypted by the user who saves it (i.e. the web application pool user). And decrypted on the fly when opened.
因此,如果另一个用户尝试打开它(即用户正在下载文件),则无法读取加密的密码.
So if another user tries to open it (i.e. the user downloading the file), then the encrypted password cannot be read.
编辑
请参阅此有关生成RDP的文章文件
似乎CryptProtectData函数用于加密信息.根据有关CyptProtectData的MSDN ,只有具有相同的用户凭据,并且通常在同一台计算机上执行加密.msdn文章确实提到了使用漫游配置文件在其他计算机上解密.
It looks as though the CryptProtectData function is used to encrypt the information. According to MSDN about CyptProtectData this can only be decrypted by the person with the same user credentials and typically on the same computer the encryption was performed. The msdn article does mention the use of roaming profiles to decrypt on other computers.
因此,也许您可以通过Active Directory对ASP.net进行身份验证,并在进行加密时模拟用户,然后他们便可以在其本地计算机上进行解密.
So perhaps you can authenticate your ASP.net with Active Directory and impersonate the user whilst doing the encryption and then they might be able to decrypt on their local machine.
我看到的另一件事是"Juniper"上的终端服务启动了看起来像是远程桌面的设备并自动登录.因此,也许对此进行研究可能会给您另一个选择.您也许可以在serverfault.com上获得有关瞻博网络的更多详细信息
Another thing I have seen is that terminal services on "Juniper" launches what appears to be remote desktop and logs you in automatically. So perhaps researching this may give you another option. You may be able to get more detail about Juniper on serverfault.com
这篇关于将密码保存到.rdp文件的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
