WNOS AES Password Encryption

Oranion,

Try using Configuration Generator from www.Technicalhelp.de which includes not only a great WNOS.INI creator, but an updated Password Encoder.

Are you Sure?  I see that this has been recently added to the HELP section of ConfGen since 8.x was released.

=====================================================

How to encrypt strings in ThinOS?

　In the past ThinOS offered only some kind of "bit-shifting" as an encryption. Since ThinOS 8.x Dell also supports AES encryption.　

I am no longer allowed to include either way of encryption in ConfGen.

I have left all encryption fields/parameters in the tool. That way you know the correct syntax.

To use AES encryption you have to do the following steps:

- Enable AdminMode with Admin Name and Password for AES encryption

- Boot the ThinOS Thin Client and open AdminMode with these credentials

- You will now see a new button called "AES Encryption". Click it.

- Enter your to-be-encrypted string in this dialog

- Copy the generated encrypted string and either write it down or paste it in any open remote session

- You can use this string now for all purposes like, AdminMode, User, Passwords, VNC, 802.1x, etc.

You are right!

ConfGen stopped supporting encryption of Password.   Anyhow, if Dell Wyse support encryption parameters, they MUST provide any way to encrypt. Even is there is any 3rd party tool, the vendor is in charge - at least in my option.

So any suggestions how I now can encode a password which is accepted by current WNOS OS for auto-login ???

Oranion,

We support encrypted passwords, but as with regular password, the administrator must provide the password. You can use the window PWGen utility which is available at https://sourceforge.net/projects/pwgen-win/files/PWGen/2.9.0/

Hope this helps.

You mentioned "I downloaded Dell Wyse Password Encoder".  I'm curious about this tool, but cannot locate it on Dell's website.  My Google Fu has failed me.   Does anyone have a URL for this utility?

I was talking about  WyseINIKeyCrypt.exe which I found somewhere at Wyse Download Section.

appservices.wyse.com/.../downloads.asp

Anyhow, I now downloaded the external PWGen. Whats next?
How can i setup this to encode testest1 to encpassstring ?

Sample:
ActiveDirectory User:    TestUser 
AD Password:    testtest1

My MAC.ini:
SignOn=NTLM
DefaultUser=TestUser
Password=encpassstring encrypt=yes
DomainList="ourdomain.com"

OK. 

I found the Dell Wyse Password Encryption tool: 

https://appservices.wyse.com/supportdownload/5series/WyseINIKeyCrypt.exe

I am trying to find a utility to AES Encrypt Passwords from a command prompt, so that we can automate the provisioning of $MAC.ini files for ThinOS devices.  Our Security Team demands that each ThinOS device logs into wireless using separate AD accounts.

This utility is GUI only...and I have not validated that it works with ThinOS 8.3.x

The reason that we don't want to use the 'bit-shifting' method from the Configuration Generator Utility can be found in the following  Blog Post :

https://www.pentestpartners.com/blog/how-to-reverse-wyse-terminal-password-crypto-method-one/

If anyone has experience with this, please help me out.