From cc42786833022a44f7cbd1e11e0d3e2a66be3bb6 Mon Sep 17 00:00:00 2001
From: blue <playbynumbers@gmail.com>
Date: Thu, 15 Aug 2019 21:29:27 +0100
Subject: [PATCH 1/5] Use a PSCredential to run remote console

Stop credentials appearing on the command line.
---
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
index 8bfac75..1d712e4 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
@@ -810,13 +810,23 @@ private void btOpenPSConsole_Click(object sender, RoutedEventArgs e)
                 string sPS = string.Format(Properties.Settings.Default.OpenPSConsoleCommand, oAgent.TargetHostname, tb_wsmanport.Text);
                 if (!string.IsNullOrEmpty(tb_Username.Text))
                 {
-                    sCred = string.Format("$creds = New-Object System.Management.Automation.PSCredential ('{0}', (ConvertTo-SecureString '{1}' -AsPlainText -Force))", tb_Username.Text, common.Decrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name)) + ";";
+                    System.Security.SecureString passwordString = new System.Security.SecureString();
+                    foreach (char c in common.Decrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name).ToCharArray())
+                    {
+                        passwordString.AppendChar(c);
+                    }
+                    System.Management.Automation.PSCredential credential = new System.Management.Automation.PSCredential(tb_Username.Text, passwordString);
+                    sCred = System.Management.Automation.PSSerializer.Serialize(credential);
+                    string filename = System.IO.Path.GetTempFileName();
+                    File.WriteAllText(filename, sCred);
+                    string creds = "(Import-Clixml " + filename + ")";
+                    //creds += "; rm " + filename;
 
 
                     if ((bool)cb_ssl.IsChecked)
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sCred + sPS + " -UseSSL -Credential $creds)";
+                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS + " -UseSSL -Credential " + creds;
                     else
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sCred + sPS + " -Credential $creds";
+                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS + " -Credential " + creds;
 
                 }
                 else

From d967248f2cc05517d2dab3ac7cdee2410a84a0b6 Mon Sep 17 00:00:00 2001
From: blue <playbynumbers@gmail.com>
Date: Sat, 17 Aug 2019 00:07:42 +0100
Subject: [PATCH 2/5] Use only SecureStrings for passwords internally

`new SCCMAgent()` still requires a string, so one is present there.
This needs to be resolved in sccmclictrlib first.
---
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs | 21 ++++++++------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
index 1d712e4..e1e3703 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
@@ -265,9 +265,6 @@ public MainPage()
             }
             catch { }
 
-            pb_Password.Password = Properties.Settings.Default.Password;
-            tb_Username.Text = Properties.Settings.Default.Username;
-
             Common.Hostname = tb_TargetComputer.Text.Trim();
 
             try
@@ -319,7 +316,9 @@ public MainPage()
                         if (!string.IsNullOrEmpty(sUser) && !string.IsNullOrEmpty(sPW))
                         {
                             tb_Username.Text = sUser;
-                            pb_Password.Password = common.Encrypt(sPW, Application.ResourceAssembly.ManifestModule.Name);
+                            Properties.Settings.Default.Username = tb_Username.Text;    //Binding is not yet syncing these, so do it manually.
+                            pb_Password.Password = sPW; //Not ideal but works
+                            //pb_Password.SecurePassword is read-only so another variable with one-way binding is required.
                             sUser = "";
                             sPW = "";
                         }
@@ -477,7 +476,7 @@ private void bt_Connect_Click(object sender, RoutedEventArgs e)
                 {
                     Properties.Settings.Default.Password = common.Encrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name);
                     Properties.Settings.Default.Save();
-                    pb_Password.Password = Properties.Settings.Default.Password;
+                    //pb_Password.Password = Properties.Settings.Default.Password;
                     bPasswordChanged = false;
                 }
 
@@ -506,7 +505,7 @@ private void bt_Connect_Click(object sender, RoutedEventArgs e)
                     {
                         if (sTarget != "127.0.0.1")
                         {
-                            if (string.IsNullOrEmpty(tb_Username.Text) | string.IsNullOrEmpty(pb_Password.Password))
+                            if (string.IsNullOrEmpty(tb_Username.Text) | pb_Password.SecurePassword.Length == 0)
                             {
                                 MessageBox.Show("connecting an IP Address requires Username and Password", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning);
                             }
@@ -527,7 +526,8 @@ private void bt_Connect_Click(object sender, RoutedEventArgs e)
                         {
                             tb_Username.Text = Environment.UserDomainName + @"\" + tb_Username.Text;
                         }
-                        string sPW = common.Decrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name);
+                        //Hack to handle switing over to securestrings while sccmclictrlib only takes strings. Obviously this defeats the point of SecureStrings.
+                        string sPW = new System.Net.NetworkCredential(string.Empty, pb_Password.SecurePassword).Password;
                         oAgent = new SCCMAgent(sTarget, tb_Username.Text, sPW, int.Parse(tb_wsmanport.Text), false, cb_ssl.IsChecked ?? false);
                         sPW = "";
                     }
@@ -810,12 +810,7 @@ private void btOpenPSConsole_Click(object sender, RoutedEventArgs e)
                 string sPS = string.Format(Properties.Settings.Default.OpenPSConsoleCommand, oAgent.TargetHostname, tb_wsmanport.Text);
                 if (!string.IsNullOrEmpty(tb_Username.Text))
                 {
-                    System.Security.SecureString passwordString = new System.Security.SecureString();
-                    foreach (char c in common.Decrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name).ToCharArray())
-                    {
-                        passwordString.AppendChar(c);
-                    }
-                    System.Management.Automation.PSCredential credential = new System.Management.Automation.PSCredential(tb_Username.Text, passwordString);
+                    System.Management.Automation.PSCredential credential = new System.Management.Automation.PSCredential(tb_Username.Text, pb_Password.SecurePassword);
                     sCred = System.Management.Automation.PSSerializer.Serialize(credential);
                     string filename = System.IO.Path.GetTempFileName();
                     File.WriteAllText(filename, sCred);

From d2db2b5f4e1c31837c59ea8187463f2b1822aa34 Mon Sep 17 00:00:00 2001
From: blue <playbynumbers@gmail.com>
Date: Sat, 17 Aug 2019 02:30:01 +0100
Subject: [PATCH 3/5] Remove manual password change tracking

WPF is now doing the important bits automatically.
---
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml    |  2 +-
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs | 16 +---------------
 2 files changed, 2 insertions(+), 16 deletions(-)

diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
index 3a45a0c..af4fe76 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
@@ -51,7 +51,7 @@
                                         </StackPanel>
                                         <StackPanel Orientation="Horizontal">
                                             <Label Content="Password:" Height="28" HorizontalAlignment="Left" VerticalAlignment="Top" Width="70" />
-                                            <PasswordBox Height="23" HorizontalAlignment="Left" Name="pb_Password" VerticalAlignment="Top" Width="140" KeyDown="pb_Password_KeyDown" />
+                                            <PasswordBox Height="23" HorizontalAlignment="Left" Name="pb_Password" VerticalAlignment="Top" Width="140"/>
                                         </StackPanel>
                                         <StackPanel Orientation="Horizontal">
                                             <Label Content="Port:" Height="28" HorizontalAlignment="Left" VerticalAlignment="Top" Width="80" />
diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
index e1e3703..f2ef120 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
@@ -27,7 +27,6 @@ public partial class MainPage : Window
     {
         public SCCMAgent oAgent;
         public MyTraceListener myTrace;
-        private bool bPasswordChanged = false;
         delegate void AnonymousDelegate();
 
         public MainPage()
@@ -471,15 +470,7 @@ private void bt_Connect_Click(object sender, RoutedEventArgs e)
                     PageReset();
 
                 }
-
-                if (bPasswordChanged)
-                {
-                    Properties.Settings.Default.Password = common.Encrypt(pb_Password.Password, Application.ResourceAssembly.ManifestModule.Name);
-                    Properties.Settings.Default.Save();
-                    //pb_Password.Password = Properties.Settings.Default.Password;
-                    bPasswordChanged = false;
-                }
-
+                
                 tb_TargetComputer.Text = tb_TargetComputer.Text.Trim();
                 tb_TargetComputer2.Text = tb_TargetComputer2.Text.Trim();
 
@@ -874,11 +865,6 @@ private void tvSWDist_Loaded(object sender, RoutedEventArgs e)
             tviSWDistOverview.IsSelected = true;
         }
 
-        private void pb_Password_KeyDown(object sender, KeyEventArgs e)
-        {
-            bPasswordChanged = true;
-        }
-
         private void btClientMachineAuthentication_Click(object sender, RoutedEventArgs e)
         {
             Mouse.OverrideCursor = Cursors.Wait;

From c795fa8d966efb56d94bcad59eb592789b49e57f Mon Sep 17 00:00:00 2001
From: blue <playbynumbers@gmail.com>
Date: Sat, 17 Aug 2019 15:11:25 +0100
Subject: [PATCH 4/5] Refactor btOpenConsole_Click slightly

Slightly easier to debug
---
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs | 25 +++++++-------------
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
index f2ef120..26c9c87 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
@@ -797,31 +797,22 @@ private void btOpenPSConsole_Click(object sender, RoutedEventArgs e)
             {
                 Process Explorer = new Process();
                 Explorer.StartInfo.FileName = "powershell.exe";
-                string sCred = "";
                 string sPS = string.Format(Properties.Settings.Default.OpenPSConsoleCommand, oAgent.TargetHostname, tb_wsmanport.Text);
+                if ((bool)cb_ssl.IsChecked) sPS += " -UseSSL";
+                Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS;
+
                 if (!string.IsNullOrEmpty(tb_Username.Text))
                 {
                     System.Management.Automation.PSCredential credential = new System.Management.Automation.PSCredential(tb_Username.Text, pb_Password.SecurePassword);
-                    sCred = System.Management.Automation.PSSerializer.Serialize(credential);
+                    string serializedCred = System.Management.Automation.PSSerializer.Serialize(credential);
                     string filename = System.IO.Path.GetTempFileName();
-                    File.WriteAllText(filename, sCred);
+                    File.WriteAllText(filename, serializedCred);
                     string creds = "(Import-Clixml " + filename + ")";
                     //creds += "; rm " + filename;
-
-
-                    if ((bool)cb_ssl.IsChecked)
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS + " -UseSSL -Credential " + creds;
-                    else
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS + " -Credential " + creds;
-
-                }
-                else
-                {
-                    if ((bool)cb_ssl.IsChecked)
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS + " -UseSSL";
-                    else
-                        Explorer.StartInfo.Arguments = @"-NoExit -Command " + sPS;
+                    
+                    Explorer.StartInfo.Arguments += " -Credential " + creds;
                 }
+
                 Explorer.StartInfo.WindowStyle = ProcessWindowStyle.Normal;
                 
                 Explorer.Start();

From 9a8b459fd695afd3fe0da009a57cff140b06a553 Mon Sep 17 00:00:00 2001
From: blue <playbynumbers@gmail.com>
Date: Sun, 18 Aug 2019 09:01:23 +0100
Subject: [PATCH 5/5] Bind both target computer boxes to same variable

Get WPF to do the syncing rather than doing it manually.
---
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml    |  4 +--
 SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs | 31 --------------------
 2 files changed, 2 insertions(+), 33 deletions(-)

diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
index af4fe76..e4f9d44 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml
@@ -20,7 +20,7 @@
                     </LinearGradientBrush>
                 </DockPanel.Background>
                 <TextBlock Text="Target Computer: " VerticalAlignment="Center" Margin="15,0,0,0"></TextBlock>
-                <Controls:AutoCompleteBox Name="tb_TargetComputer2" Width="150" Height="25" Text="{Binding Source={x:Static p:Settings.Default}, Path=DefaultHostName, Mode=TwoWay}" KeyUp="tb_TargetComputer2_KeyUp" Populating="tb_TargetComputer2_Populating" TextChanged="tb_TargetComputer_TextChanged" />
+                <Controls:AutoCompleteBox Name="tb_TargetComputer2" Width="150" Height="25" Text="{Binding Source={x:Static p:Settings.Default}, Path=DefaultHostName, Mode=TwoWay}" Populating="tb_TargetComputer2_Populating" TextChanged="tb_TargetComputer_TextChanged" />
                 <Button Name="bt_Ping" Width="20" Height="20" Visibility="Hidden" Click="bt_Ping_Click" ToolTip="Ping the device...">
                     <StackPanel>
                         <Image Source="Images/Play.ico" />
@@ -68,7 +68,7 @@
 
                             <StackPanel Orientation="Horizontal" Height="30" VerticalAlignment="Center" Focusable="false">
                                 <TextBlock Text="Target Computer: " VerticalAlignment="Center"></TextBlock>
-                                <Controls:AutoCompleteBox Name="tb_TargetComputer" Text="127.0.0.1" Width="150" Height="25" Populating="tb_TargetComputer2_Populating" KeyUp="tb_TargetComputer_KeyUp" TextChanged="tb_TargetComputer2_TextChanged"/>
+                                <Controls:AutoCompleteBox Name="tb_TargetComputer" Width="150" Height="25" Populating="tb_TargetComputer2_Populating" TextChanged="tb_TargetComputer2_TextChanged"  Text="{Binding Source={x:Static p:Settings.Default}, Path=DefaultHostName, Mode=TwoWay}"/>
                                 <RibbonButton Name="bt_Connect" VerticalAlignment="Center" Label="Connect" Height="23" Click="bt_Connect_Click" />
                             </StackPanel>
                             <RibbonApplicationMenuItem Header="Console extensions..." StaysOpenOnClick="True" Focusable="false">
diff --git a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
index 26c9c87..ea5aa6c 100644
--- a/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
+++ b/SCCMCliCtrWPF/SCCMCliCtrWPF/MainPage.xaml.cs
@@ -1090,22 +1090,6 @@ private void tb_TargetComputer_TextChanged(object sender, RoutedEventArgs e)
             Common.Hostname = ((AutoCompleteBox)sender).Text;
         }
 
-        private void tb_TargetComputer2_KeyUp(object sender, KeyEventArgs e)
-        {
-            Mouse.OverrideCursor = Cursors.Wait;
-            if (e.Key == Key.Enter)
-            {
-                tb_TargetComputer2.Text = tb_TargetComputer2.Text.Trim();
-                tb_TargetComputer.Text = tb_TargetComputer2.Text;
-                bt_Connect_Click(sender, null);
-            }
-
-            Common.Hostname = ((AutoCompleteBox)sender).Text;
-
-            Mouse.OverrideCursor = Cursors.Arrow;
-
-        }
-
         private void tb_TargetComputer2_Populating(object sender, PopulatingEventArgs e)
         {
             try
@@ -1118,21 +1102,6 @@ private void tb_TargetComputer2_Populating(object sender, PopulatingEventArgs e)
             catch { }
         }
 
-        private void tb_TargetComputer_KeyUp(object sender, KeyEventArgs e)
-        {
-            Mouse.OverrideCursor = Cursors.Wait;
-            if (e.Key == Key.Enter)
-            {
-                tb_TargetComputer.Text = tb_TargetComputer.Text.Trim();
-                tb_TargetComputer2.Text = tb_TargetComputer.Text;
-                bt_Connect_Click(sender, null);
-            }
-
-            Common.Hostname = ((AutoCompleteBox)sender).Text;
-
-            Mouse.OverrideCursor = Cursors.Arrow;
-        }
-
         private void bt_Ping_Click(object sender, RoutedEventArgs e)
         {
             try