Hiding Command line arguments

Question

I am invoking an exe to do certain operation on a device, Exe needs password to connect to device to perform the operation.

Problem : password is visible in task manager under command line column.

I tried deleting command line argument detail from PROCESS_BASIC_INFORMATION by following command :

HANDLE hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
                               FALSE, GetCurrentProcessId());
PROCESS_BASIC_INFORMATION pbi;
ULONG ReturnLength;
PFN_NT_QUERY_INFORMATION_PROCESS pfnNtQueryInformationProcess =
    (PFN_NT_QUERY_INFORMATION_PROCESS) GetProcAddress (
        GetModuleHandle(TEXT("ntdll.dll")), "NtQueryInformationProcess");
NTSTATUS status = pfnNtQueryInformationProcess (
    hProcess, ProcessBasicInformation,
    (PVOID)&pbi, sizeof(pbi), &ReturnLength);
// remove full information about my command line
pbi.PebBaseAddress->ProcessParameters->CommandLine.Buffer = NULL;
pbi.PebBaseAddress->ProcessParameters->CommandLine.Length = 0;

But command line information still appears in task manager.

Could you guys help me to understand how task manager is reading command line argument and how it can be changed?

Thanks, Pooja

Answer 1

Not sure if this helps but I had to write an app that interfaces with SQL via command line and needed to hide our Database password, while it is not 100% it does work for what I need. In the command line arguments, I start the arguments with 465 spaces; It was a random number I tried when I first came up with the idea, the command line does not care about space and has a high character limit; the task manager on the other hand does not have a high character limit so all it displays it the exe and a bunch of whitespace and that is it.