Skip to content

Instantly share code, notes, and snippets.

@inebritov

inebritov/copypass.bat

Last active March 14, 2022 07:21
Show Gist options
  • Save inebritov/b83d34d34e762f9af6c6135696c2f359 to your computer and use it in GitHub Desktop.
Save inebritov/b83d34d34e762f9af6c6135696c2f359 to your computer and use it in GitHub Desktop.
Download ZIP
Simple passwords management command line tools based on OpenSSL AES encryption.
Raw
copypass.bat
@echo off
:: Simple Passwords Management.
:: The script sends first matching password (second word in line) to Windows clipboard.
:: First arument is AES-encrypted file.
:: Second argument is password line search string.
:: Changing backslashes to slashes and drives prefixes to Linux subsystem prefix (e.g. "C:\..." to "/mnt/c/...".
set FILE=%1
set FILE=%FILE:\=/%
set FILE=%FILE:C:=/mnt/c%
set FILE=%FILE:D:=/mnt/d%
set FILE=%FILE:F:=/mnt/e%
set FILE=%FILE:F:=/mnt/f%
:: Decrypt file, searching for given tokens inside it and copying them to clipboard.
:: Performing `read -s` because OpenSSL shows entering passphrase.
bash -c "read -sp 'Enter password: ' PASS;export PASS;openssl aes-256-cbc -d -a -in %FILE% -pass env:PASS|grep %2|head -1|awk '{print \$2}';unset PASS" | clip
set FILE=
Raw
findpass.bat
@echo off
:: Simple Passwords Management searcher.
:: The script outputs all first words of given encrypted file.
:: First arument is AES-encrypted file.
:: Second argument is password line search string.
:: Changing backslashes to slashes and drives prefixes to Linux subsystem prefix (e.g. "C:\..." to "/mnt/c/...".
set FILE=%1
set FILE=%FILE:\=/%
set FILE=%FILE:C:=/mnt/c%
set FILE=%FILE:D:=/mnt/d%
set FILE=%FILE:F:=/mnt/e%
set FILE=%FILE:F:=/mnt/f%
:: Decrypt file and search for given tokens inside it.
:: Performing `read -s` because OpenSSL shows entering passphrase.
bash -c "read -sp 'Enter password: ' PASS;echo;export PASS;openssl aes-256-cbc -d -a -pass env:PASS -in %FILE%|grep %2|awk '{print \$1}';unset PASS"
set FILE=
Raw
findpass.copypass.md

Simple Passwords Management

Command line tools for Windows 10 to manage passwords stored in AES encrypted files.

Storage

Files with passwords can store any additional information: comments, empty lines, logins. Only following rules must be observed:

  1. The line is divided into chunks using spaces
  2. First chunk is tag that describes password
  3. Second chunk is the password (so, it can't contain spaces)
  4. Other chunks can be used as you wish

Example passwords.txt:

# Social Networks passwords file.

## Google
google.me PASSWORD [email protected] // No comments
google.mom PASSWORD // Mom's password
google.dad PASSWORD [email protected]


## Facebook
....

This file should be encrypted using openssl as passwords.aes with some secret password

openssl aes-256-cbc -salt -in passwords.txt -out passwords.aes
enter aes-256-cbc decryption password:

Note: You can also make the file base64-encoded by adding -a switch to the command above, to be able copy and paste its text content.

Strongly recommended to check encrypted file before next steps.

openssl aes-256-cbc -d -in passwords.aes

After it passwords.txt can be removed.

Usage

  1. Create file with passwords as described in Storage section and encrypt it
  2. Download copypass.bat and findpass.bat
  3. Run following command, and enter secret password to output all tags, matching google substring:
C:\Users\user>findpass.bat passwords.aes google
google.me
google.mom
google.dad
  1. Copy password by tag to system clipboard:
C:\Users\user>copypass.bat passwords.aes google.me
  1. Paste it in form submit form and copy something else to reset clipboard value.

Note: this format can be used in Unix-based systems with aliases:

echo "alias findpass='function __findpass() { read -sp \"Enter password: \" PASS;echo;export PASS;openssl aes-256-cbc -d -in \$1 -pass env:PASS|grep \$2|awk \"{print \\\$1}\";unset PASS;unset -f __findpass; }; __findpass'" >> ~/.bashrc
echo "alias copypass='function __copypass() { read -sp \"Enter password: \" PASS;echo;export PASS;openssl aes-256-cbc -d -in \$1 -pass env:PASS|grep \$2|head -1|awk \"{print \\\$2}\"|xclip --clipboard;unset PASS;unset -f __copypass; }; __copypass'" >> ~/.bashrc

Management

Edit encrypted files using OpenSSL plugin for VIM.

Note: If your encrypted file is base64-encoded (openssl -a switch) you have to apply this patch to be able to edit the file using VIM:

$ sed -i -r -e 's/-([ed]) -salt/-\1 -a -salt/g' ~/.vim/plugged/openssl.vim/plugin/openssl.vim

Software versions

OpenSSL 1.0.1f 6 Jan 2014 Windows 10 Pro Version 10.0.15063 Linux Subsystem Ubuntu 14.04.5 LTS OpenSSL VIM plugin version 3.2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment