Question - Can this be done?

So I built an WPFGui in powershell which I have since converted to UD and LOOOVE it. So much easier to update instead up updating the wpf and compiling it for distribution. However my WPFGui had some functions to open the remote C$ admin share in explorer for the tech, connect to remote powershell sessions or computer management, all locally on the techs workstation. Is this something that can be done from UD? Where I click a button and the remote workstations C$ opens in explorer on my workstation? I know its probably not possible but I had to ask anyways.

1 Like

If you are distributing the UniversalDashboard to all the techs, then this will work:

$d = new-uddashboard -content {

new-udbutton -text “test” -onclick {
Start-Process "c:"
}
}

get-uddashboard | stop-uddashboard
start-uddashboard -dash $d

If you are trying to manage it centrally, then the following will work in the browser only after you have installed something like this to unblock file:// URIs

$d = new-uddashboard -content {

New-UDLink -Text “test” -Url “file://$env:computername/c$/”
}

get-uddashboard | stop-uddashboard
start-uddashboard -dash $d

yes the UD is hosted in IIS centrally so I will give this a go. What about starting a process like powershell.exe locally on the tech workstation?

I would look into psexec -i options first for this.

I am working on implementing something similar (optional) for my Dud Dashboard module.

To enable such a thing, you would need

  1. To create a small exe to handle the process
  2. To have users install it

The .exe role would be to:

  1. Install itself on the client machine
  2. Register a Custom protocol handler
  3. Handles requests made to it.
    .

From there, anytime someone would click an URL with a link corresponding to the new url protocol handler, the request would be sent to the exe, from which you can do anything you want.

If you wanted to allow running script or launching process, you just have to implement it.

For demonstration purpiose only,
here’s a way to register a new custom URL protocol handler on your machine right now.
You just need to save the code below as a *.reg file than run it to register a protocol called dud that will take any web links that match his protocol and run the following “C:\test\DudLauncher.exe” %1"

With that code and provided you have an exe called DudLauncher.exe at the designed location on your system, clicking the following link dud:dklfsdjklf3k42324 would send that information to your exe. The portion before the semi column is the protocol and after his the actual encrypted command.

Registering a custom URL protocol handler

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\dud]
    @="URL: SIP Protocol handler"
    "URL Protocol"=""
    [HKEY_CLASSES_ROOT\dud\DefaultIcon]
    @="C:\\\test\\sc-logo.ico"
    [HKEY_CLASSES_ROOT\dud\shell]
    [HKEY_CLASSES_ROOT\dud\shell\open]
    [HKEY_CLASSES_ROOT\dud\shell\open\command]
    @="\"C:\\test\\DudLauncher.exe\" %1"

Vb .net code for the exe :

Private Sub Application_Startup(sender As Object, e As StartupEventArgs) Handles Me.Startup

Dim command As String
If e.Args.Count > 0 Then
    If e.Args(0).StartsWith("dud:") Then
        Command = Command.Substring(4, Command.Length - 4)
    End If
End If
MessageBox.Show(command)

Application.Current.Shutdown()
End Sub

This example just actually display a message box with the command it received but you can do whatever processing you want (ie: open exe / scripts)

If you are familiar with torrents, that is exactly what does the magnet links.
Instead of saving the *.torrent file on your computer then loading it in your client, you click the magnet link, which your client torrent pick up (because it registered itself as a protocol handler) and launch itself with the torrent information loaded in your screen.

Take into consideration when doing this the security aspect of the thing.
If you want to be able to execute processes, run script or other, you should have some procedure in place to ensure that nobody can forge a malicious link by constraining what your handler can do.

On my implementation (work in progress), I implemented an encryption to prevent just any link to be crafted and the exe will need to validate against my server through an api call that the command is authorized.

2 Likes

You could potentially point your protocol handler (reg file) to powershell.exe to try it.

My main objective on my end is to have an “edit” link in my dashboard pages that when clicked, load the file corresponding to the page in vscode.

I also envision pushing it to my domain users so they can run Fix it action available through a specific dashboard that can do what it need (Collecting some informations / running a script or a exe present on a predefined share, etc)

Some references :
MSDN - Registering an Application to a URI Scheme

Installing and Registering Protocol handlers

1 Like

Thats a very inventive way to do that. I will give this a try tomorrow for sure.

1 Like