public void start(Boolean read_only) { FileStream fs; String dllpath = "."; Environment.SetEnvironmentVariable("PATH", Environment.GetEnvironmentVariable("PATH") + ";" + dllpath); List <string> cpath = new List <string>(Application.ExecutablePath.Split('\\')); cpath.RemoveRange(cpath.Count() - 1, 1); String exepath = string.Join("\\", cpath.ToArray()); this.exec_check_only = read_only; this.shouldRun = true; if (this.restoremode == true) { pol_xmlfile = this.restorepath + "\\FixprivPolicyRules.xml"; svc_xmlfile = this.restorepath + "\\FixprivServiceRules.xml"; } else { pol_xmlfile = exepath + "\\FixprivPolicyRules.xml"; svc_xmlfile = exepath + "\\FixprivServiceRules.xml"; } FixprivPolicies fpol = new FixprivPolicies(); FixprivServices fsvc = new FixprivServices(); FixprivServices bsvc = new FixprivServices(); XmlSerializer sp = new XmlSerializer(typeof(FixprivPolicies)); XmlSerializer ss = new XmlSerializer(typeof(FixprivServices)); try { fs = new FileStream(pol_xmlfile, FileMode.Open); this.fpol = (FixprivPolicies)sp.Deserialize(fs); this.t = new Thread(new ThreadStart(this.go)); this.t.SetApartmentState(ApartmentState.STA); this.t.Start(); resultview.listView1.Columns[1].Width = 1000; resultview.listView1.Columns[2].Width = 0; while (this.shouldRun == true) { this.signalQueue.WaitOne(1000); fixpriv_result_t r; while (this.returnValueQueue.TryDequeue(out r)) { this.result_update(new[] { colors[(int)r.state], r.policy.section_key + "\\" + r.policy.pol_key + "\\" + r.policy.pol_value_name, r.tooltip }); this.status_update(r.policy.pol_value_name); this.progress_update(resultview.listView1.Items.Count, this.fpol.rules.Count); } } if (resultview.listView1.Items.Count > 0) { resultview.listView1.AutoResizeColumns(ColumnHeaderAutoResizeStyle.ColumnContent); } fs.Close(); fs = new FileStream(svc_xmlfile, FileMode.Open); fsvc = (FixprivServices)ss.Deserialize(fs); //Debug.WriteLine("[*] processing {0} services", fsvc.rules.Count); foreach (FixprivService svc in fsvc.rules) { fixpriv_status_t result; fixpriv_privsvc_t pi_svc = new fixpriv_privsvc_t(); fixpriv_privsvc_t backup_pi_svc = new fixpriv_privsvc_t(); FixprivService backup_svc = new FixprivService(); pi_svc.service_name = backup_svc.name = svc.name; pi_svc.service_path = backup_svc.servicePath = svc.servicePath; pi_svc.service_params = backup_svc.serviceParams = svc.serviceParams; backup_pi_svc.service_name = svc.name; backup_pi_svc.service_path = svc.servicePath; backup_pi_svc.service_params = svc.serviceParams; backup_svc.serviceState = "WS_STATUS_UNCHANGED"; backup_svc.serviceDescription = svc.serviceDescription; backup_svc.id = svc.id; if (svc.serviceCommand.Equals("WS_STARTUP_AUTOMATIC_DELAYED")) { pi_svc.service_startup = ws_startup_t.WS_STARTUP_AUTOMATIC_DELAYED; } else if (svc.serviceCommand.Equals("WS_STARTUP_AUTOMATIC")) { pi_svc.service_startup = ws_startup_t.WS_STARTUP_AUTOMATIC; } else if (svc.serviceCommand.Equals("WS_STARTUP_MANUAL")) { pi_svc.service_startup = ws_startup_t.WS_STARTUP_MANUAL; } else if (svc.serviceCommand.Equals("WS_STARTUP_DISABLED")) { pi_svc.service_startup = ws_startup_t.WS_STARTUP_DISABLED; } else if (svc.serviceCommand.Equals("WS_STARTUP_DELETE")) { pi_svc.service_startup = ws_startup_t.WS_STARTUP_DELETE; } else { pi_svc.service_startup = ws_startup_t.WS_STARTUP_UNCHANGED; } if (svc.serviceState.Equals("WS_STATUS_START")) { pi_svc.service_status = ws_status_t.WS_STATUS_START; } else if (svc.serviceState.Equals("WS_STATUS_STOP")) { pi_svc.service_status = ws_status_t.WS_STATUS_STOP; } else if (svc.serviceState.Equals("WS_STATUS_PAUSE")) { pi_svc.service_status = ws_status_t.WS_STATUS_PAUSE; } else if (svc.serviceState.Equals("WS_STATUS_RESUME")) { pi_svc.service_status = ws_status_t.WS_STATUS_RESUME; } else { pi_svc.service_status = ws_status_t.WS_STATUS_UNCHANGED; } fixpriv_svc_read(ref backup_pi_svc); switch (backup_pi_svc.service_startup) { case ws_startup_t.WS_STARTUP_AUTOMATIC_DELAYED: backup_svc.serviceCommand = "WS_STARTUP_AUTOMATIC_DELAYED"; break; case ws_startup_t.WS_STARTUP_AUTOMATIC: backup_svc.serviceCommand = "WS_STARTUP_AUTOMATIC"; break; case ws_startup_t.WS_STARTUP_MANUAL: backup_svc.serviceCommand = "WS_STARTUP_MANUAL"; break; case ws_startup_t.WS_STARTUP_DISABLED: backup_svc.serviceCommand = "WS_STARTUP_DISABLED"; break; case ws_startup_t.WS_STARTUP_DELETE: backup_svc.serviceCommand = "WS_STARTUP_DELETE"; break; case ws_startup_t.WS_STARTUP_UNCHANGED: default: backup_svc.serviceCommand = "WS_STARTUP_UNCHANGED"; break; } bsvc.rules.Add(backup_svc); if (false == this.exec_check_only) { fixpriv_svc_modify(pi_svc); } result = fixpriv_svc_check(pi_svc); if ((int)result == -2) { this.result_update(new[] { colors[(int)fixpriv_status_t.FIXPRIV_NEUTRAL], "[Windows Services] " + pi_svc.service_name + ": Permission Denied", svc.serviceDescription }); } else { this.result_update(new[] { colors[(int)result], "[Windows Services] " + pi_svc.service_name + ": " + pi_svc.service_startup, svc.serviceDescription }); } this.status_update(pi_svc.service_name); } // foreach svc if (false == this.exec_check_only) { this.backup.store(bsvc); } } catch (Exception e) { Debug.WriteLine("[e] error in main: " + e.Message); if (false == this.exec_check_only) { this.backup.store(bsvc); } } this.status_update("Done"); }
public void go() { fixpriv_privpol_t pi_pol; fixpriv_privpol_t backup_pi_pol; fixpriv_result_t s = new fixpriv_result_t(); FixprivPolicies bpol = new FixprivPolicies(); fixpriv_backupstatus_t backupStatus; if (this.exec_check_only == false) { fixpriv_special_modify(); } foreach (FixprivPolicy pol in this.fpol.rules) { FixprivPolicy backup_pol = new FixprivPolicy(); pi_pol = new fixpriv_privpol_t(); backup_pi_pol = new fixpriv_privpol_t(); if (pol.key.keyRoot.Equals("HKCU")) { pi_pol.section_key = ws_key_t.WS_KEY_HKCU; } else if (pol.key.keyRoot.Equals("HKLM")) { pi_pol.section_key = ws_key_t.WS_KEY_HKLM; } else if (pol.key.keyRoot.Equals("GPOU")) { pi_pol.section_key = ws_key_t.WS_KEY_GPOU; } else if (pol.key.keyRoot.Equals("GPOM")) { pi_pol.section_key = ws_key_t.WS_KEY_GPOM; } backup_pol.key.keyRoot = pol.key.keyRoot; backup_pi_pol.section_key = pi_pol.section_key; pi_pol.pol_key = pol.key.keyName; pi_pol.pol_value_name = pol.key.keyValue.valueName; backup_pi_pol.pol_key = pol.key.keyName; backup_pi_pol.pol_value_name = pol.key.keyValue.valueName; backup_pol.key.keyName = pol.key.keyName; if (pol.key.keyValue.valueType.Equals("REG_DWORD")) { pi_pol.pol_datatype = value_data_type_t.POL_DWORD; pi_pol.pol_value_data = pol.key.keyValue.valueData; pi_pol.pol_mode = m0_polregmode_t.POL_ENABLED; } else if (pol.key.keyValue.valueType.Equals("REG_SZ")) { pi_pol.pol_datatype = value_data_type_t.POL_WSTRING; pi_pol.pol_mode = m0_polregmode_t.POL_ENABLED; pi_pol.pol_value_data = pol.key.keyValue.valueData; } else if (pol.key.keyValue.valueType.Equals("REG_NONE")) { pi_pol.pol_datatype = value_data_type_t.POL_DWORD; pi_pol.pol_mode = m0_polregmode_t.POL_NOTCONFIGURED; } else if (pol.key.keyValue.valueType.Equals("REG_BINARY")) { pi_pol.pol_datatype = value_data_type_t.POL_DWORD; pi_pol.pol_mode = m0_polregmode_t.POL_ENABLED; } else if (pol.key.keyValue.valueType.Equals("REG_DELETE")) { pi_pol.pol_datatype = value_data_type_t.POL_WSTRING; pi_pol.pol_mode = m0_polregmode_t.POL_DELETE; } else if (pol.key.keyValue.valueType.Equals("REG_DISABLE")) { pi_pol.pol_datatype = value_data_type_t.POL_WSTRING; pi_pol.pol_mode = m0_polregmode_t.POL_DISABLED; } backup_pi_pol.pol_datatype = pi_pol.pol_datatype; backup_pi_pol.pol_mode = pi_pol.pol_mode; backup_pol.key.keyValue.valueType = pol.key.keyValue.valueType; backup_pol.id = pol.id; backup_pol.key.keyValue.valueDescription = pol.key.keyValue.valueDescription; if (this.exec_check_only == true) { check_result = fixpriv_check_regkey(pi_pol); s = new fixpriv_result_t(); s.state = check_result; s.policy = pi_pol; s.tooltip = pol.key.keyValue.valueDescription; returnValueQueue.Enqueue(s); signalQueue.Set(); Thread.Sleep(50); } else { try { // backup functions backupStatus = (fixpriv_backupstatus_t)fixpriv_read_regkey(ref backup_pi_pol); backup_pol.key.keyValue.valueName = backup_pi_pol.pol_value_name; backup_pol.key.keyValue.valueData = backup_pi_pol.pol_value_data; if (backupStatus == fixpriv_backupstatus_t.READREG_SUCCESS) { backup_pol.key.keyValue.valueMode = "POL_ENABLED"; backup_pol.key.keyValue.valueData = backup_pi_pol.pol_value_data; } else if (backupStatus == fixpriv_backupstatus_t.READREG_NOTFOUND) { backup_pol.key.keyValue.valueMode = "POL_DELETE"; backup_pol.key.keyValue.valueType = "REG_DELETE"; backup_pol.key.keyValue.valueData = "0"; } else // fail { backup_pol.key.keyValue.valueType = "REG_DELETE"; backup_pol.key.keyValue.valueMode = "POL_NOTCONFIGURED"; backup_pol.key.keyValue.valueData = "0"; } bpol.rules.Add(backup_pol); // backup functions fixpriv_modify_policy(pi_pol); if (pi_pol.section_key == ws_key_t.WS_KEY_GPOM) { Thread.Sleep(300); // wait for changes to sync. 500ms works } check_result = fixpriv_check_regkey(pi_pol); s = new fixpriv_result_t(); s.state = check_result; s.policy = pi_pol; s.tooltip = pol.key.keyValue.valueDescription; returnValueQueue.Enqueue(s); signalQueue.Set(); Thread.Sleep(5); } catch (Exception e) { Debug.WriteLine("[e] error in FixprivExecute.go: " + e.Message); // make sure, backups are written to disk if (false == this.exec_check_only) { this.backup.store(bpol); } } } } // foreach if (false == this.exec_check_only) { this.backup.store(bpol); } this.shouldRun = false; } // go()