From 9a0837656bd0586a8ef16e648671f48ca5b41058 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Tue, 17 Aug 2021 11:06:34 +0200
Subject: [PATCH 1/4] UI: Add hide/show component for credentials

---
 .../cc/services/config_schema/basic.py        |  4 +-
 .../configuration-components/UiSchema.js      |  8 ++++
 .../src/components/ui-components/HideInput.js | 44 +++++++++++++++++++
 .../ui/src/styles/components/HideInput.scss   |  3 ++
 4 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
 create mode 100644 monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss

diff --git a/monkey/monkey_island/cc/services/config_schema/basic.py b/monkey/monkey_island/cc/services/config_schema/basic.py
index aba80e08a..27b8f1d6f 100644
--- a/monkey/monkey_island/cc/services/config_schema/basic.py
+++ b/monkey/monkey_island/cc/services/config_schema/basic.py
@@ -48,7 +48,9 @@ BASIC = {
                     "title": "Exploit password list",
                     "type": "array",
                     "uniqueItems": True,
-                    "items": {"type": "string"},
+                    "items": {
+                        "type": "string",
+                    },
                     "default": [
                         "root",
                         "123456",
diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
index 38e7ad244..9263ba772 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
@@ -3,6 +3,7 @@ import PbaInput from './PbaInput';
 import {API_PBA_LINUX, API_PBA_WINDOWS} from '../pages/ConfigurePage';
 import InfoBox from './InfoBox';
 import TextBox from './TextBox';
+import HideInput from '../ui-components/HideInput';
 
 export default function UiSchema(props) {
   const UiSchema = {
@@ -13,6 +14,13 @@ export default function UiSchema(props) {
           classNames: 'config-template-no-header',
           'ui:widget': AdvancedMultiSelect
         }
+      },
+      credentials : {
+        exploit_password_list: {
+            items: {
+            'ui:widget': HideInput
+            }
+         }
       }
     },
     basic_network: {
diff --git a/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js b/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
new file mode 100644
index 000000000..148e9dac3
--- /dev/null
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
@@ -0,0 +1,44 @@
+import React from 'react';
+import {InputGroup, FormControl} from 'react-bootstrap';
+import '../../styles/components/HideInput.scss'
+
+class HideInput extends React.PureComponent {
+  constructor(props) {
+    super(props);
+
+    this.state = {
+      hidden: false
+    };
+    this.toggleShow = this.toggleShow.bind(this);
+  }
+
+  toggleShow() {
+    this.setState({hidden: ! this.state.hidden});
+  }
+
+  onChange(e) {
+    var value = e.target.value;
+    return this.props.onChange(value === '' ? this.props.options.emptyValue : value);
+  }
+
+  render() {
+    return (
+    <div>
+      <InputGroup className='mb-3'>
+        <FormControl
+            value={this.props.value || ''}
+            type={this.state.hidden ? 'text' : 'password'}
+            onChange={(event) => this.onChange(event)}
+        />
+        <InputGroup.Append>
+          <InputGroup.Text>
+            <i onClick={this.toggleShow} className={this.state.hidden ? 'fas fa-eye-slash' : 'fas fa-eye'}></i>
+          </InputGroup.Text>
+        </InputGroup.Append>
+      </InputGroup>
+    </div>
+    );
+  }
+}
+
+export default HideInput;
diff --git a/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss b/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss
new file mode 100644
index 000000000..85898638c
--- /dev/null
+++ b/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss
@@ -0,0 +1,3 @@
+.eye-button{
+  padding: 5px !important;
+}

From a8cc0e6781b5710eb7b058c7fbc364dad07f17bf Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Wed, 18 Aug 2021 11:49:01 +0200
Subject: [PATCH 2/4] UI: Add HideInput component to internal exploits

---
 .../configuration-components/UiSchema.js           | 14 +++++++++++++-
 .../ui/src/components/ui-components/HideInput.js   |  6 +++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
index 9263ba772..e6dbed239 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
@@ -18,7 +18,7 @@ export default function UiSchema(props) {
       credentials : {
         exploit_password_list: {
             items: {
-            'ui:widget': HideInput
+              'ui:widget': HideInput
             }
          }
       }
@@ -112,6 +112,18 @@ export default function UiSchema(props) {
         aws_keys: {
           classNames: 'config-field-hidden'
         }
+      },
+      exploits: {
+        exploit_lm_hash_list:{
+          items: {
+              'ui:widget': HideInput
+          }
+        },
+        exploit_ntlm_hash_list: {
+          items: {
+              'ui:widget': HideInput
+          }
+        }
       }
     }
   };
diff --git a/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js b/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
index 148e9dac3..4a2e53915 100644
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
@@ -24,15 +24,15 @@ class HideInput extends React.PureComponent {
   render() {
     return (
     <div>
-      <InputGroup className='mb-3'>
+      <InputGroup className='mb-4'>
         <FormControl
             value={this.props.value || ''}
             type={this.state.hidden ? 'text' : 'password'}
             onChange={(event) => this.onChange(event)}
         />
         <InputGroup.Append>
-          <InputGroup.Text>
-            <i onClick={this.toggleShow} className={this.state.hidden ? 'fas fa-eye-slash' : 'fas fa-eye'}></i>
+          <InputGroup.Text onClick={this.toggleShow} >
+            <i className={this.state.hidden ? 'fas fa-eye-slash' : 'fas fa-eye'}></i>
           </InputGroup.Text>
         </InputGroup.Append>
       </InputGroup>

From 24009797ab16b84ba77e0e9fe71ce05b3ab0c57c Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Thu, 19 Aug 2021 11:16:22 +0200
Subject: [PATCH 3/4] UI: Rename HideInput to SensitiveTextInput. Resolve
 spacing

---
 .../components/configuration-components/UiSchema.js    |  8 ++++----
 .../{HideInput.js => SensitiveTextInput.js}            | 10 ++++------
 .../cc/ui/src/styles/components/HideInput.scss         |  3 ---
 3 files changed, 8 insertions(+), 13 deletions(-)
 rename monkey/monkey_island/cc/ui/src/components/ui-components/{HideInput.js => SensitiveTextInput.js} (79%)
 delete mode 100644 monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss

diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
index e6dbed239..6879bee2e 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/UiSchema.js
@@ -3,7 +3,7 @@ import PbaInput from './PbaInput';
 import {API_PBA_LINUX, API_PBA_WINDOWS} from '../pages/ConfigurePage';
 import InfoBox from './InfoBox';
 import TextBox from './TextBox';
-import HideInput from '../ui-components/HideInput';
+import SensitiveTextInput from '../ui-components/SensitiveTextInput';
 
 export default function UiSchema(props) {
   const UiSchema = {
@@ -18,7 +18,7 @@ export default function UiSchema(props) {
       credentials : {
         exploit_password_list: {
             items: {
-              'ui:widget': HideInput
+              'ui:widget': SensitiveTextInput
             }
          }
       }
@@ -116,12 +116,12 @@ export default function UiSchema(props) {
       exploits: {
         exploit_lm_hash_list:{
           items: {
-              'ui:widget': HideInput
+              'ui:widget': SensitiveTextInput
           }
         },
         exploit_ntlm_hash_list: {
           items: {
-              'ui:widget': HideInput
+              'ui:widget': SensitiveTextInput
           }
         }
       }
diff --git a/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js b/monkey/monkey_island/cc/ui/src/components/ui-components/SensitiveTextInput.js
similarity index 79%
rename from monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
rename to monkey/monkey_island/cc/ui/src/components/ui-components/SensitiveTextInput.js
index 4a2e53915..6dca37157 100644
--- a/monkey/monkey_island/cc/ui/src/components/ui-components/HideInput.js
+++ b/monkey/monkey_island/cc/ui/src/components/ui-components/SensitiveTextInput.js
@@ -1,18 +1,16 @@
 import React from 'react';
 import {InputGroup, FormControl} from 'react-bootstrap';
-import '../../styles/components/HideInput.scss'
 
-class HideInput extends React.PureComponent {
+class SensitiveTextInput extends React.PureComponent {
   constructor(props) {
     super(props);
 
     this.state = {
       hidden: false
     };
-    this.toggleShow = this.toggleShow.bind(this);
   }
 
-  toggleShow() {
+  toggleShow = () => {
     this.setState({hidden: ! this.state.hidden});
   }
 
@@ -24,7 +22,7 @@ class HideInput extends React.PureComponent {
   render() {
     return (
     <div>
-      <InputGroup className='mb-4'>
+      <InputGroup>
         <FormControl
             value={this.props.value || ''}
             type={this.state.hidden ? 'text' : 'password'}
@@ -41,4 +39,4 @@ class HideInput extends React.PureComponent {
   }
 }
 
-export default HideInput;
+export default SensitiveTextInput;
diff --git a/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss b/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss
deleted file mode 100644
index 85898638c..000000000
--- a/monkey/monkey_island/cc/ui/src/styles/components/HideInput.scss
+++ /dev/null
@@ -1,3 +0,0 @@
-.eye-button{
-  padding: 5px !important;
-}

From 0fc9631d7550e56205222bd2a18e59da44658d9c Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Fri, 20 Aug 2021 07:46:02 -0400
Subject: [PATCH 4/4] Update changelog with entry for #1183

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d9888aa47..38d64c59f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,10 @@ file.
 The format is based on [Keep a
 Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## [Unreleased]
+### Fixed
+- Credentials shown in plain text on configuration screens. #1183
+
 ## [1.11.0] - 2021-08-13
 ### Added
 - A runtime-configurable option to specify a data directory where runtime