internal static bool VERIFY_String_Hashs(string String1, string string2) { string File1Hash; string File2Hash; try { using (var sha256 = SHA256.Create()) { File1Hash = BitConverter.ToString(sha256.ComputeHash(CONVERT_To_ASCII_Bytes(String1.Trim().Replace('\n', ' ').ToCharArray().ToString()))).ToLowerInvariant(); } using (var sha2562 = SHA256.Create()) { File2Hash = BitConverter.ToString(sha2562.ComputeHash(CONVERT_To_ASCII_Bytes(string2.Trim().Replace('\n', ' ').ToCharArray().ToString()))).ToLowerInvariant(); } if (File1Hash == File2Hash) { return(true); } else { return(false); } } catch (Exception e) { Error_Operation.WRITE_Errors_To_Log("VERIFY_File_Hashs()", "Error " + e.Message.ToString() + e.StackTrace, Error_Operation.LogSeverity.Warning);//log change return(false); } }
internal static void Write_IP_Output(List <string> IPs) { File.Delete(Settings.IPs_File_Path); File.Create(Settings.IPs_File_Path).Close(); for (int x = 0; x < IPs.Count; ++x) { try { File.AppendAllText(Settings.IPs_File_Path, IPs.ElementAt(x) + "\n"); } catch (Exception e) { Error_Operation.WRITE_Errors_To_Log("Write_IP_Output()", e.Message.ToString(), Error_Operation.LogSeverity.Warning); } } CHECK_File_Size(Settings.IPs_File_Path, .0002); }
internal static void WRITE_Default_Configs_Files_and_Reg() { File_Operation.Turnicate_File(GET_AppConfigFile_Path); File_Operation.Turnicate_File(GET_EventLogID_PlaceHolder_Path); File_Operation.Turnicate_File(GET_SearchTermsFile_Path); File_Operation.Turnicate_File(GET_WhiteList_SearchTermsFile_Path); File_Operation.Turnicate_File(GET_SearchTermsFile_PLUGIN_Path); File_Operation.CREATE_NEW_Files_And_Dirs(Config_File_Location, AppConfigFile_FileName, File_Operation.GET_Default_ConsoleAppConfig_File_Contents, true); File_Operation.CREATE_NEW_Files_And_Dirs(Config_File_Location, EventLogID_PlaceHolde_FileName, File_Operation.GET_Default_Eventlog_with_PlaceKeeper_File_Contents, true); File_Operation.CREATE_NEW_Files_And_Dirs(Search_File_Location, SearchTermsFileName_FileName, File_Operation.GET_Default_Logs_Search_File_Contents, true); File_Operation.CREATE_NEW_Files_And_Dirs(Search_File_Location, Search_WhiteList_FileName, "", true); File_Operation.CREATE_NEW_Files_And_Dirs(Plugin_Search_Location, SearchTermsFileName_FileName, File_Operation.GET_Default_Powershell_Plugins_File_Contents, true); Reg_Operation.WRITE_Default_SWELF_Reg_Keys(); Error_Operation.WRITE_Errors_To_Log("WRITE_Default_Configs()", "SWELF created new default config files for all settings", Error_Operation.LogSeverity.FailureAudit); }
internal static bool VERIFY_Central_File_Config_Hash(string HTTP_File_Path, string Local_File_Path) { string HTTPFileHash; string LocalFileHash; try { HttpWebRequest request = (HttpWebRequest)WebRequest.Create(HTTP_File_Path); request.AllowAutoRedirect = false; request.UnsafeAuthenticatedConnectionSharing = false; request.Timeout = 150000; ServicePointManager.Expect100Continue = true; ServicePointManager.CheckCertificateRevocationList = false; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls | SecurityProtocolType.Ssl3; using (CustomWebClient response = new CustomWebClient()) { //string Web_Config_File_Contents = response.DownloadString(HTTP_File_Path); if (Settings.Central_Config_Hashs.ContainsKey(HTTP_File_Path) == true)//determine if we use cache version { HTTPFileHash = Settings.Central_Config_Hashs[HTTP_File_Path]; } else//no cache version get from network { Central_Config_File_Web_Cache = Crypto_Operation.CONVERT_To_String_From_Bytes(response.DownloadData(HTTP_File_Path), 2);//get file has from Network using (var sha256 = SHA256.Create()) { HTTPFileHash = BitConverter.ToString(sha256.ComputeHash(Encoding.UTF8.GetBytes(Central_Config_File_Web_Cache))); } if (Settings.Central_Config_Hashs.ContainsKey(HTTP_File_Path) == false) { Settings.Central_Config_Hashs.Add(HTTP_File_Path, HTTPFileHash); } } using (var sha2562 = SHA256.Create())//Get local file hash { if (File_Operation.CHECK_if_File_Exists(Local_File_Path) == false) { return(false);//no local file } else { LocalFileHash = BitConverter.ToString(sha2562.ComputeHash(Encoding.UTF8.GetBytes(File_Operation.READ_AllText(Local_File_Path)))); } } if (HTTPFileHash == LocalFileHash) { return(true); } else { return(false); } } } catch (Exception e) { Error_Operation.WRITE_Errors_To_Log("VERIFY_Central_File_Config_Hash()", e.Message.ToString() + " " + HTTP_File_Path + " " + Local_File_Path, Error_Operation.LogSeverity.Informataion);//log change return(false); } finally { Wclient.Dispose(); } }
internal static bool VERIFY_Central_Reg_Config_Hash(string HTTP_File_Path, string RegContents) { string HTTPFileHash; string LocalFileHash; try { HttpWebRequest request = (HttpWebRequest)WebRequest.Create(HTTP_File_Path); request.AllowAutoRedirect = false; request.UnsafeAuthenticatedConnectionSharing = false; request.Timeout = 150000; ServicePointManager.Expect100Continue = true; ServicePointManager.CheckCertificateRevocationList = false; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls | SecurityProtocolType.Ssl3; using (CustomWebClient response = new CustomWebClient()) { //string Web_Config_File_Contents = response.DownloadString(HTTP_File_Path); if (Settings.Central_Config_Hashs.ContainsKey(HTTP_File_Path) == true)//determine if we use cache version { HTTPFileHash = Settings.Central_Config_Hashs[HTTP_File_Path]; } else//no cache version get from network { Uri uri = new Uri(HTTP_File_Path); Central_Config_File_Web_Cache = Crypto_Operation.CONVERT_To_String_From_Bytes(response.DownloadData(uri), 2);//get file has from Network using (var sha256 = SHA256.Create()) { HTTPFileHash = BitConverter.ToString(sha256.ComputeHash(Encoding.UTF8.GetBytes(Central_Config_File_Web_Cache))); } if (Settings.Central_Config_Hashs.ContainsKey(HTTP_File_Path) == false) { Settings.Central_Config_Hashs.Add(HTTP_File_Path, HTTPFileHash); } } using (var sha2562 = SHA256.Create())//Get local file hash { LocalFileHash = BitConverter.ToString(sha2562.ComputeHash(Encoding.UTF8.GetBytes(RegContents))); } Connection_Successful = true; if (HTTPFileHash == LocalFileHash) { return(true); } else { return(false); } } } catch (Exception e) { Connection_Successful = false; if (e.Message.Contains("has timed out") == false && e.Message.Contains("The remote name could not be resolved: ") == false) { Error_Operation.Log_Error("VERIFY_Central_File_Config_Hash()", e.Message.ToString() + " " + HTTP_File_Path + " ", e.StackTrace.ToString(), Error_Operation.LogSeverity.Informataion); } else if ((e.Message.Contains("The operation has timed out") || e.Message.Contains("The remote name could not be resolved: "))) { Error_Operation.WRITE_Errors_To_Log("VERIFY_Central_File_Config_Hash()", "Network unavaiulable for SWELF." + e.Message.ToString() + " " + HTTP_File_Path + " ", Error_Operation.LogSeverity.Informataion); } return(false); } finally { Wclient.Dispose(); } }
internal static void Log_Storage_Location_Unavailable(string e) { EventLog_w_PlaceKeeper = EventLog_w_PlaceKeeper_Backup; Error_Operation.WRITE_Errors_To_Log("Log_Storage_Location_Unavailable(string e)", e + " Access to log storage location may not be available.", Error_Operation.LogSeverity.Critical); }