Escape all possible special characters for do shell script passwords

Hello All,

I am creating a script that allows users to change AD passwords using the smbpasswd command. This is proving quite difficult as I am a beginner at this. Originally I was telling the terminal app to run do script and using system event keystrokes to input the passwords but this created too many issues. I switched to do shell script and added the silent flag to the command because I really do want it to run in the background. I am attempting to echo the user passwords which I think I am doing correctly but now I believe that the complexity of the passwords are causing issues because they may require escapes. How can I automatically escape any password that a user can ditch out? Can I set something to convert the output of a users input before it gets injected into the command? Imagine a user with the password ft6gy7 HU*JI(. Note that the password includes a space, lowercase letters, uppercase letters, numbers, and various special characters. Here is what I have so far. Feel free to let me know if there are other things you would change about this. Thanks so much!!!


tell application “System Events”
set shortName to name of current user
end tell

try
tell application “System Events” to display dialog “” hidden answer “true” default answer “” with title “Please Type Old Password”
set the_result to the result
set pword1 to text returned of the_result
end try

try
tell application “System Events” to display dialog “” hidden answer “true” default answer “” with title “Please Type New Password”
set the_result to the result
set pword2 to text returned of the_result
end try

try
tell application “System Events” to display dialog “” hidden answer “true” default answer “” with title “Please Retype New Password”
set the_result to the result
set pword3 to text returned of the_result
end try

try
do shell script “echo '” & pword1 & “\” & pword2 & “\” & pword3 & “’ | smbpasswd -s -U " & shortName & " -r” & " 192.168.1.45"
end try

Hi, HimageN. Welcome to MacScripter.

I’m afraid I’ve no direct knowledge of “smbpasswd” and what characters need to be escaped for it. But while researching its -s parameter on the Web, I noticed that people were putting linefeed sequences (backslash-n) between the passwords in their “echo” commands rather than just backslashes as you’ve done. To pass the backslash character to “echo” from AppleScript, it has to be escaped itself with another backslash, so that the sequence looks like this in the script: “\n”.

do shell script "echo " & quoted form of (pword1 & "\\n" & pword2 & "\\n" & pword3 & "\\c') & " | smbpasswd -s -U " & shortName & " -r" & " 192.168.1.45"

To reduce the chance of the dialogs popping up behind something else, it’s probably better to leave out ‘tell application “System Events” to’ in the ‘display dialog’ lines.

Hope this turns out to be useful.