public static async void InstantInfoUser(HttpListenerContext ctx)
{
WebSocketContext wsc;
WebSocket ws;
try {
wsc = await ctx.AcceptWebSocketAsync(null);
ws = wsc.WebSocket;
} catch (WebSocketException ex) {
ctx.Response.Close();
Logging.Err(ex);
return;
}
string sessionId = ctx.Request.Cookies["sessionid"]?.Value ?? null;
if (sessionId is null)
{
ctx.Response.Close();
return;
}
try {
byte[] buff = new byte[2048];
WebSocketReceiveResult receiveResult = await ws.ReceiveAsync(new ArraySegment <byte>(buff), CancellationToken.None);
string filename = Encoding.Default.GetString(buff, 0, receiveResult.Count);
if (!Database.users.ContainsKey(filename))
{
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
return;
}
Database.DbEntry user = (Database.DbEntry)Database.users[filename];
string username;
if (user.hash.ContainsKey("USERNAME"))
{
username = ((string[])user.hash["USERNAME"])[0];
}
else
{
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
return;
}
try {
SearchResult sr = ActiveDirectory.GetUser(username);
if (sr != null)
{
if (sr.Properties["lastLogonTimestamp"].Count > 0)
{
if (Int64.TryParse(sr.Properties["lastLogonTimestamp"][0].ToString(), out long time) && time > 0)
{
WsWriteText(ws, $"last logon{(char)127}{DateTime.FromFileTime(time)}{(char)127}Active directory");
}
}
if (sr.Properties["lastLogoff"].Count > 0)
{
if (Int64.TryParse(sr.Properties["lastLogoff"][0].ToString(), out long time) && time > 0)
{
WsWriteText(ws, $"last logoff{(char)127}{DateTime.FromFileTime(time)}{(char)127}Active directory");
}
}
if (sr.Properties["badPasswordTime"].Count > 0)
{
if (Int64.TryParse(sr.Properties["badPasswordTime"][0].ToString(), out long time) && time > 0)
{
WsWriteText(ws, $"bad password time{(char)127}{DateTime.FromFileTime(time)}{(char)127}Active directory");
}
}
if (sr.Properties["lockoutTime"].Count > 0)
{
if (Int64.TryParse(sr.Properties["lockoutTime"][0].ToString(), out long time) && time > 0)
{
WsWriteText(ws, $"lockout time{(char)127}{DateTime.FromFileTime(time)}{(char)127}Active directory");
}
}
}
} catch { }
if (user.hash.ContainsKey("PASSWORD"))
{
string password = ((string[])user.hash["PASSWORD"])[0];
if (password.Length > 0 && PasswordStrength.Entropy(password) < 28)
{
WsWriteText(ws, $"!{(char)127}{"Weak password"}{(char)127}");
}
}
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
} catch (Exception ex) {
Logging.Err(ex);
}
}
public static async void InstantInfoEquip(HttpListenerContext ctx)
{
WebSocketContext wsc;
WebSocket ws;
try {
wsc = await ctx.AcceptWebSocketAsync(null);
ws = wsc.WebSocket;
} catch (WebSocketException ex) {
ctx.Response.Close();
Logging.Err(ex);
return;
}
string sessionId = ctx.Request.Cookies["sessionid"]?.Value ?? null;
if (sessionId is null)
{
ctx.Response.Close();
return;
}
try {
byte[] buff = new byte[2048];
WebSocketReceiveResult receiveResult = await ws.ReceiveAsync(new ArraySegment <byte>(buff), CancellationToken.None);
string filename = Encoding.Default.GetString(buff, 0, receiveResult.Count);
if (!Database.equip.ContainsKey(filename))
{
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
return;
}
Database.DbEntry equip = (Database.DbEntry)Database.equip[filename];
string host = null;
if (equip.hash.ContainsKey("IP"))
{
host = ((string[])equip.hash["IP"])[0];
}
else if (equip.hash.ContainsKey("HOSTNAME"))
{
host = ((string[])equip.hash["HOSTNAME"])[0];
}
else
{
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
return;
}
string lastseen = "";
string[] ipArray = host.Split(';').Select(o => o.Trim()).ToArray();
try {
using System.Net.NetworkInformation.Ping p = new System.Net.NetworkInformation.Ping();
PingReply reply = p.Send(ipArray[0], 1000);
if (reply.Status == IPStatus.Success)
{
lastseen = "Just now";
WsWriteText(ws, $"last seen{(char)127}{lastseen}{(char)127}ICMP");
WsWriteText(ws, $".roundtrip:{ipArray[0]}{(char)127}{reply.RoundtripTime}{(char)127}ICMP");
LastSeen.Seen(ipArray[0]);
}
else
{
lastseen = Encoding.UTF8.GetString(LastSeen.HasBeenSeen(ipArray[0], true));
WsWriteText(ws, $"last seen{(char)127}{lastseen}{(char)127}ICMP");
WsWriteText(ws, $".roundtrip:{ipArray[0]}{(char)127}TimedOut{(char)127}ICMP");
}
} catch {
WsWriteText(ws, $".roundtrip:{host}{(char)127}Error{(char)127}ICMP");
}
if (ipArray.Length > 1)
{
for (int i = 1; i < ipArray.Length; i++)
{
try {
using System.Net.NetworkInformation.Ping p = new System.Net.NetworkInformation.Ping();
PingReply reply = p.Send(ipArray[i], 1000);
if (reply.Status == IPStatus.Success)
{
WsWriteText(ws, $".roundtrip:{ipArray[i]}{(char)127}{reply.RoundtripTime}{(char)127}ICMP");
}
else
{
WsWriteText(ws, $".roundtrip:{ipArray[i]}{(char)127}{reply.Status}{(char)127}ICMP");
}
} catch {
WsWriteText(ws, $".roundtrip:{ipArray[i]}{(char)127}Error{(char)127}ICMP");
}
}
}
List <string> warnings = new List <string>();
string wmiHostName = null, adHostName = null, netbios = null, dns = null;
if (lastseen == "Just now")
{
ManagementScope scope = Wmi.WmiScope(host);
if (scope != null)
{
string username = Wmi.WmiGet(scope, "Win32_ComputerSystem", "UserName", false, null);
if (username.Length > 0)
{
WsWriteText(ws, $"logged in user{(char)127}{username}{(char)127}WMI");
}
string starttime = Wmi.WmiGet(scope, "Win32_LogonSession", "StartTime", false, new Wmi.FormatMethodPtr(Wmi.DateTimeToString));
if (starttime.Length > 0)
{
WsWriteText(ws, $"start time{(char)127}{starttime}{(char)127}WMI");
}
wmiHostName = Wmi.WmiGet(scope, "Win32_ComputerSystem", "DNSHostName", false, null);
}
using ManagementObjectCollection logicalDisk = new ManagementObjectSearcher(scope, new SelectQuery("SELECT * FROM Win32_LogicalDisk WHERE DriveType = 3")).Get();
foreach (ManagementObject o in logicalDisk)
{
string caption = o.GetPropertyValue("Caption").ToString();
UInt64 size = (UInt64)o.GetPropertyValue("Size");
UInt64 free = (UInt64)o.GetPropertyValue("FreeSpace");
if (size == 0)
{
continue;
}
UInt64 percent = 100 * free / size;
if (percent < 10)
{
warnings.Add($"{percent}% free space on disk {caption}");
}
}
}
if (equip.hash.ContainsKey("HOSTNAME"))
{
string hostname = ((string[])equip.hash["HOSTNAME"])[0];
SearchResult result = ActiveDirectory.GetWorkstation(hostname);
if (result != null)
{
if (result.Properties["lastLogonTimestamp"].Count > 0)
{
string time = ActiveDirectory.FileTimeString(result.Properties["lastLogonTimestamp"][0].ToString());
if (time.Length > 0)
{
WsWriteText(ws, $"last logon{(char)127}{time}{(char)127}Active directory");
}
}
if (result.Properties["lastLogoff"].Count > 0)
{
string time = ActiveDirectory.FileTimeString(result.Properties["lastLogoff"][0].ToString());
if (time.Length > 0)
{
WsWriteText(ws, $"last logoff{(char)127}{time}{(char)127}Active directory");
}
}
if (result.Properties["dNSHostName"].Count > 0)
{
adHostName = result.Properties["dNSHostName"][0].ToString();
}
}
}
try {
dns = (await System.Net.Dns.GetHostEntryAsync(host)).HostName;
} catch { }
if (!(dns is null))
{
dns = dns?.Split('.')[0].ToUpper();
bool mismatch = false;
if (!mismatch && !(wmiHostName is null) && wmiHostName.Length > 0)
{
wmiHostName = wmiHostName?.Split('.')[0].ToUpper();
if (wmiHostName != dns)
{
warnings.Add($"DNS mismatch: {wmiHostName} ≠ {dns}");
mismatch = true;
}
}
if (!mismatch && !(adHostName is null) && adHostName.Length > 0)
{
adHostName = adHostName?.Split('.')[0].ToUpper();
if (adHostName != dns)
{
warnings.Add($"DNS mismatch: {adHostName} ≠ {dns}");
mismatch = true;
}
}
if (!mismatch && wmiHostName is null && adHostName is null)
{
netbios = await NetBios.GetBiosNameAsync(host);
}
if (!mismatch && !(netbios is null) && netbios.Length > 0)
{
netbios = netbios?.Split('.')[0].ToUpper();
if (netbios != dns)
{
warnings.Add($"DNS mismatch: {netbios} ≠ {dns}");
mismatch = true;
}
}
}
for (int i = 0; i < warnings.Count; i++)
{
WsWriteText(ws, $"!{(char)127}{warnings[i]}{(char)127}");
}
try {
await ws.CloseAsync(WebSocketCloseStatus.NormalClosure, "", CancellationToken.None);
} catch { }
} catch (Exception ex) {
Logging.Err(ex);
}
}
