Beispiel #1
0
        public void SendAlert(SessionHandler oSessionHandler)
        {
            string        json       = CreateJson(oSessionHandler);
            StringBuilder jsonAndHAR = new StringBuilder(json);

            jsonAndHAR.Append("\n\n");

            byte[] xelemBytes = Encoding.ASCII.GetBytes(jsonAndHAR.ToString());

            Queue <SessionHandler> tempSessions = new Queue <SessionHandler>();

            tempSessions.Enqueue(oSessionHandler);
            byte[] output = JSONCircularBuffer.ExportToHAR(tempSessions);
            output = Util.CombineByteArray(xelemBytes, output);

            try
            {
                AnalyzerManager.ProxydbObj.InsertInAlerts(output);
            }
            catch (Exception ex)
            {
                //AnalyzerManager.Logger.Error(ex);
            }

            if (TestTCPClient.TestConfig.TestCheck)
            {
                TestTCPClient.SendAlertMessageToServer("2", output);
            }
            else
            {
                TCPClients.SendAlertMessageToServer("2", output);
            }
        }
Beispiel #2
0
        public static void SendRegistryFetchAuditResult()
        {
            DataTable dt   = winaudits.ReadQueries.GetRegistryFetchAudit();
            string    json = JsonConvert.SerializeObject(dt);

            List <winaudits.RegistryFetch> listAuditMaster = JsonConvert.DeserializeObject <List <winaudits.RegistryFetch> >(json);

            foreach (var fetch in listAuditMaster)
            {
                if (fetch != null)
                {
                    winaudits.UpdateQuery.UpdateRegistryFetchAuditStatus(1, fetch.AuditJobID);
                    TCPClients.SendRegistryFetchResults("31", fetch);
                }
            }
        }
Beispiel #3
0
        public static void SendAuditResult()
        {
            DataTable auditMasterTable = winaudits.ReadQueries.GetAuditMasterByStatus("auditmaster", 2);

            if (auditMasterTable != null && auditMasterTable.Rows.Count > 0)
            {
                string json = JsonConvert.SerializeObject(auditMasterTable);

                List <AuditMaster> listAuditMaster = JsonConvert.DeserializeObject <List <AuditMaster> >(json);

                foreach (AuditMaster auditMaster in listAuditMaster)
                {
                    if (auditMaster.Status == 2)
                    {
                        try
                        {
                            var zipStream = new MemoryStream();
                            var zip       = new ZipOutputStream(zipStream);

                            if (auditMaster.IncludeUser == 1)
                            {
                                AddJsonEntry("user", auditMaster, zip);
                            }
                            if (auditMaster.IncludeProcess == 1)
                            {
                                AddJsonEntry("process", auditMaster, zip);
                            }
                            if (auditMaster.IncludeServices == 1)
                            {
                                AddJsonEntry("services", auditMaster, zip);
                            }
                            if (auditMaster.IncludeInstalledApp == 1)
                            {
                                AddJsonEntry("installedapp", auditMaster, zip);
                            }
                            if (auditMaster.IncludeNetworkInfo == 1)
                            {
                                AddJsonEntry("networkconnection", auditMaster, zip);
                            }
                            if (auditMaster.IncludeAutoRunPoints == 1)
                            {
                                AddJsonEntry("autorunpoints", auditMaster, zip);
                            }
                            if (auditMaster.IncludePrefetch == 1)
                            {
                                AddJsonEntry("prefetch", auditMaster, zip);
                            }
                            if (auditMaster.IncludeTask == 1)
                            {
                                AddJsonEntry("task", auditMaster, zip);
                            }
                            if (auditMaster.IncludeArp == 1)
                            {
                                AddJsonEntry("arp", auditMaster, zip);
                            }

                            zip.Close();
                            string encoding = Convert.ToBase64String(zipStream.ToArray());
                            if (TestTCPClient.TestConfig.TestCheck)
                            {
                                TestTCPClient.SendAuditResults("31", Encoding.ASCII.GetBytes(encoding), auditMaster.ServerJobID);
                            }
                            else
                            {
                                TCPClients.SendAuditResults("31", Encoding.ASCII.GetBytes(encoding), auditMaster.ServerJobID);
                            }
                            winaudits.UpdateQuery.ExcecuteUpdateQuery(4, auditMaster.ClientJobID);
                        }
                        catch (Exception)
                        {
                        }
                    }
                    else
                    {
                        if (TestTCPClient.TestConfig.TestCheck)
                        {
                            TestTCPClient.SendAuditResults("31", Encoding.ASCII.GetBytes(string.Empty), auditMaster.ServerJobID);
                        }
                        else
                        {
                            TCPClients.SendAuditResults("31", Encoding.ASCII.GetBytes(string.Empty), auditMaster.ServerJobID);
                        }
                        winaudits.UpdateQuery.ExcecuteUpdateQuery(4, auditMaster.ClientJobID);
                    }
                }
            }
        }