Jump to content
habskilla

Can WinAPI be used via a Linux shell script?

Recommended Posts

Hi Habskilla,

 

Sorry, the WinAPI (Windows API) can only be called from Windows Machines using PowerShell. With the use of PowerShell, you can execute the script under the identity of an Active Directory account, which then gives you the same level of access as if you were logged into Passwordstate.

For Linux machines, you will need to use the standard API, which used API Keys for authentication.

Regards

Click Studios

Share this post


Link to post
Share on other sites
On 8/22/2018 at 7:06 AM, support said:

Sorry, the WinAPI (Windows API) can only be called from Windows Machines using PowerShell.

 

Possibly. But I wouldn't suggest it in a production environment yet.

Powershell Core is GA on Linux and MacOS.

 

https://blogs.msdn.microsoft.com/powershell/2018/01/10/powershell-core-6-0-generally-available-ga-and-supported/

Share this post


Link to post
Share on other sites

Hi Guys,

 

Interesting - didn't know that was even in the works.
 

With PowerShell and our WinAPI, it is the parameter -UseDefaultCredentials which is used to pass the identity of the authenticated "Windows" account across to our API - basically it's impersonation. I'm not sure, but I don't think PowerShell Core can support this, as you're not logged on as a Windows User - unless there's a way to do this in Linux.

Regards

Click Studios

Share this post


Link to post
Share on other sites

You can also save your credentials in a variable ($credVariabke = Get-Credentials) and pass this to the Invoke-Rest Powershell command. So I assume, there could be a way.

I also can imagine, that you could pass your credential to a REST-call header from another system (e.g. bash script) to authenticate, but I'm not familiar with bash scripts. 

Share this post


Link to post
Share on other sites

Hi,

 

i would not say that you can use WinApi only from windows machines. We are using WinApi from Linux machines for quite some time and it works fine :) as simple as this:

curl  --ntlm  -u "user:pass" "https://passwordstate_url/winapi/passwords/XX"

 

Share this post


Link to post
Share on other sites

Hi Habskilla

 

To create the REST JSON Body I always go for the following approach: First create a PowerShell object and convert it then to a JSON-String. The big advantage of that is, that you don't have to care about any special characters, escaping and stuff like that.

$Body = @{
     FolderName = $Name
     Description = $Description
	 NestUnderFolderID = $ParentFolderID
	 APIKey = $global:PasswordStateSystemWideAPIKey
}
$jsonBody = $Body | ConvertTo-Json
$PasswordstateURLFull = "$($global:PasswordstateURL)/api/folders"
$result = Invoke-Restmethod -Method POST -Uri $PasswordstateURLFull -ContentType "application/json; charset=utf-8" -Body $jsonBody

The response I get is then stored in $result and can be accessed directly:

$output = $result.FolderID

If you have the answer as a string you also could use for the following approach:

$responseObject = $responseJsonString | ConvertFrom-Json

If you take a look the KeePassImport-Script you'll find some more examples.

 

All the best,

 

Fabian

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...