Beispiel #1
0
        static void Main(string [] args)
        {
            settings st1 = new settings();
            functions fn1 = new functions();
            results rs1 = new results();
            st1.baseKey = "SOFTWARE\\OLPL";
            st1.appKey = "PC-Sec";
            fn1.regCreateKeys(st1);
            st1 = fn1.getSettings(st1);
            st1.logFile = @"c:\temp\log.txt";
            st1.mode = 1;
            st1.resultURL = "https://api.olpl.org/api/sec";
            if (args.Length > 0)
            {
                if (args[0].ToUpper() == "ADMIN")
                {
                    Application.EnableVisualStyles();
                    Application.SetCompatibleTextRenderingDefault(false);
                    Application.Run(new Form1());
                }
            }
               else
            {
                Console.WriteLine("Run application on client");
                rs1 = fn1.checkMaintUser(st1,rs1);
                rs1.Result_Admin_User = fn1.checkAdministrator(st1, "Administrator");
                rs1.Result_Admin_Group = fn1.checkAdministrators(st1);

                fn1.sendResults(st1, rs1);
                Thread.Sleep(6000);
                Application.Exit();
            }
        }
Beispiel #2
0
        public string checkAdministrators(settings st1)
        {
            string str1 = "";
            try
            {

                DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
                DirectoryEntry admGroup = localMachine.Children.Find("administrators", "group");
                object members = admGroup.Invoke("members", null);
                foreach (object groupMember in (IEnumerable)members)
                {
                    DirectoryEntry member = new DirectoryEntry(groupMember);
                    str1 = str1 + " " + member.Name + " ; ";
                }
            }
            catch (Exception e)
            {
                writeToFile(e.Message, st1);
                return "Error";
            }
            return str1;
        }
Beispiel #3
0
        public string checkAdministrator(settings st1,string userName)
        {
            try
            {
                PrincipalContext ctx = new PrincipalContext(ContextType.Machine);

                // find a user
                UserPrincipal user = UserPrincipal.FindByIdentity(ctx, userName);
                if ((bool)user.Enabled)
                {
                    user.Enabled = false;
                    user.Save();
                    DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
                    DirectoryEntry HostedUser = AD.Children.Find(userName, "user");
                    HostedUser.Invoke("SetPassword", new object[] { decryptByte(st1.adminPass) });
                    HostedUser.Close();
                    AD.Close();
                    return "Warning -- " + userName + " is Enabled -- Fixed";
                }
                else
                {
                    DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
                    DirectoryEntry HostedUser = AD.Children.Find(userName, "user");
                    HostedUser.Invoke("SetPassword", new object[] { decryptByte(st1.adminPass) });
                    HostedUser.Close();
                    AD.Close();
                    return "OK";
                }

            }
            catch (Exception e)
            {
                writeToFile(e.Message, st1);
                return "Error";
            }
        }
Beispiel #4
0
        public results checkMaintUser(settings st1, results rs1)
        {
            PrincipalContext ctx = new PrincipalContext(ContextType.Machine);
            string str1 = "";
            bool changePass = true;
            // find a user
            UserPrincipal user = UserPrincipal.FindByIdentity(ctx, decryptByte(st1.adminName));
            if (user == null)
            {
                changePass = false;
                PrincipalContext systemContext = null;
                systemContext = new PrincipalContext(ContextType.Machine, null);
                UserPrincipal userPrincipal = new UserPrincipal(systemContext);
                userPrincipal.Name = decryptByte(st1.adminName);
                userPrincipal.DisplayName = "IT Administrative User";
                userPrincipal.PasswordNeverExpires = true;
                userPrincipal.SetPassword(decryptByte(st1.adminPass));
                userPrincipal.Enabled = true;
                userPrincipal.Save();
                GroupPrincipal groupPrincipal = null;
                groupPrincipal = GroupPrincipal.FindByIdentity(systemContext, "Administrators");
                groupPrincipal.Members.Add(userPrincipal);
                groupPrincipal.Save();
                RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, true);
                rk.SetValue("p1-1", st1.adminPass, RegistryValueKind.Binary);
                rk.SetValue("pC", DateTime.Now.ToString(),RegistryValueKind.String);
                rs1.Resutl_User_Pass_Changed = DateTime.Now.ToString();

                str1 =str1+ " not found Created";
            }
            else
            {
                str1 = str1 + " Found";
                PrincipalContext systemContext = null;
                systemContext = new PrincipalContext(ContextType.Machine, null);
                GroupPrincipal groupPrincipal = null;
                groupPrincipal = GroupPrincipal.FindByIdentity(systemContext, "Administrators");
                if (groupPrincipal.Members.Contains(systemContext, IdentityType.SamAccountName, decryptByte(st1.adminName)))
                {
                    str1 = str1 + " Administrator";
                }
                else
                {
                    UserPrincipal usr = UserPrincipal.FindByIdentity(systemContext, decryptByte(st1.adminName));
                    groupPrincipal.Members.Add(usr);
                    groupPrincipal.Save();

                    str1 = str1 + " not Administrator";
                }
            }
            if (ByteArrayCompare(st1.adminPass,st1.adminPass1)!=true && changePass==true)
            {
                try
                {

                    str1 = str1 + " Password does not match";
                    PrincipalContext systemContext = null;
                    systemContext = new PrincipalContext(ContextType.Machine, null);
                    UserPrincipal usr = UserPrincipal.FindByIdentity(systemContext, decryptByte(st1.adminName));
                    usr.ChangePassword(decryptByte(st1.adminPass1), decryptByte(st1.adminPass));
                    RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, true);
                    rk.SetValue("p1-1", st1.adminPass, RegistryValueKind.Binary);
                    rk.SetValue("pC", DateTime.Now.ToString(), RegistryValueKind.String);
                    rs1.Resutl_User_Pass_Changed = DateTime.Now.ToString();
                }
                catch(Exception e)
                {
                    str1 = e.Message;
                }

            }
            else { str1 = str1 + " Password OK"; }
            rs1.Result_Maint_User = str1;
            return rs1;
        }
Beispiel #5
0
 public bool writeToFile(string str1,settings st1)
 {
     File.WriteAllText(st1.logFile, str1);
     return true;
 }
Beispiel #6
0
        public bool sendResults(settings st1,results rs1)
        {
            try
            {
                using (WebClient client = new WebClient())
                {
                    if (rs1.Result_Admin_Group == null) { rs1.Result_Admin_Group = "Not Reported"; }
                    if (rs1.Result_Admin_User == null) { rs1.Result_Admin_User = "******"; }
                    if(rs1.Resutl_User_Pass_Changed == null){ rs1.Resutl_User_Pass_Changed = st1.timeChanged; }
                    NameValueCollection vals = new NameValueCollection();
                    vals.Add("CPUName", Environment.MachineName);
                    vals.Add("Result_Admin_Group", rs1.Result_Admin_Group);
                    vals.Add("Result_Admin_User", rs1.Result_Admin_User);
                    vals.Add("Result_Maint_User", rs1.Result_Maint_User);
                    vals.Add("Result_User_Pass_Changed", rs1.Resutl_User_Pass_Changed);
                    client.Credentials = new NetworkCredential(decryptByte(st1.connectUser), decryptByte(st1.connectPass), "olpl");
                    client.UploadValues(st1.resultURL, vals);
                }
            }
            catch (Exception e)
            {
                writeToFile(e.Message, st1);
                return false;
            }

            return true;
        }
Beispiel #7
0
 public bool regCreateKeys(settings st1)
 {
     try
     {
         if (Registry.LocalMachine.OpenSubKey(st1.baseKey) == null)
         {
             Registry.LocalMachine.CreateSubKey(st1.baseKey);
         }
         if (Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey) == null)
         {
             Registry.LocalMachine.CreateSubKey(st1.baseKey + "\\" + st1.appKey);
         }
     }
     catch(Exception e)
     {
         writeToFile(e.Message, st1);
     }
     return true;
 }
Beispiel #8
0
        public settings getSettings(settings st1)
        {
            try
            {
                RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, false);
                st1.adminName = (byte[])rk.GetValue("u1");
                st1.adminPass = (byte[])rk.GetValue("p1");
                st1.connectPass = (byte[])rk.GetValue("p2");
                st1.connectUser = (byte[])rk.GetValue("u2");
                st1.adminPass1 = (byte[])rk.GetValue("p1-1");
                st1.timeChanged= (string)rk.GetValue("pC");
            }
            catch (Exception e)
            {
                writeToFile(e.Message, st1);
            }

            return st1;
        }