Ejemplo n.º 1
0
        public static List <CompareResult> GetComparisonResults(string compareId, RESULT_TYPE exportType)
        {
            List <CompareResult> records = new List <CompareResult>();

            if (MainConnection != null)
            {
                using (var cmd = new SQLiteCommand(GET_COMPARISON_RESULTS, MainConnection.Connection, MainConnection.Transaction))
                {
                    cmd.Parameters.AddWithValue("@comparison_id", compareId);
                    cmd.Parameters.AddWithValue("@result_type", exportType);
                    using (var reader = cmd.ExecuteReader())
                    {
                        while (reader.Read())
                        {
                            if (reader["serialized"].ToString() is string serialized)
                            {
                                try
                                {
                                    records.Add(JsonConvert.DeserializeObject <CompareResult>(serialized));
                                }
                                catch (Exception e)
                                {
                                    Log.Debug(e, "Couldn't deserialized into a CompareResult {0}", serialized);
                                }
                            }
                        }
                    }
                }
            }
            return(records);
        }
Ejemplo n.º 2
0
        public static string ResultTypeToTableName(RESULT_TYPE result_type)
        {
            switch (result_type)
            {
            case RESULT_TYPE.FILE:
                return("file_system");

            case RESULT_TYPE.PORT:
                return("network_ports");

            case RESULT_TYPE.REGISTRY:
                return("registry");

            case RESULT_TYPE.CERTIFICATE:
                return("certificates");

            case RESULT_TYPE.SERVICE:
                return("win_system_service");

            case RESULT_TYPE.USER:
                return("user_account");

            default:
                return("null");
            }
        }
Ejemplo n.º 3
0
        public static int GetNumResults(RESULT_TYPE ResultType, string runId)
        {
            try
            {
                if (MainConnection != null)
                {
                    using (var cmd = new SqliteCommand(SQL_GET_NUM_RESULTS, MainConnection.Connection, MainConnection.Transaction))
                    {
                        cmd.Parameters.AddWithValue("@run_id", runId);
                        cmd.Parameters.AddWithValue("@result_type", ResultType.ToString());

                        using (var reader = cmd.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                return(int.Parse(reader["the_count"].ToString() ?? "-1", CultureInfo.InvariantCulture));
                            }
                        }
                    }
                }
            }
            catch (SqliteException)
            {
                Log.Error(Strings.Get("Err_Sql"), MethodBase.GetCurrentMethod()?.Name);
            }
            return(-1);
        }
Ejemplo n.º 4
0
 private WriteObject(byte[] SerializedIn, RESULT_TYPE ResultTypeIn, string RunIdIn)
 {
     _serialized = SerializedIn;
     _rowKey     = CryptoHelpers.CreateHash(_serialized);
     RunId       = RunIdIn;
     ColObj      = JsonUtils.Hydrate(SerializedIn, ResultTypeIn) !;
 }
Ejemplo n.º 5
0
 public GGResult(string mainResult, string notice, int itemIndex, RESULT_TYPE result_type, string tag="")
 {
     this.mainResult = mainResult;
     this.notice = notice;
     this.itemIndex = itemIndex;
     this.type = result_type;
     this.tag = tag;
 }
Ejemplo n.º 6
0
        /// <summary>
        ///     Deserialize a Collect object from a RawCollectResult
        /// </summary>
        /// <param name="res"> The RawCollectResult containing the msgpack serialized object to hydrate. </param>
        /// <returns>
        ///     An appropriately typed collect object based on the collect result passed in, or null if the
        ///     RESULT_TYPE is unknown.
        /// </returns>
        public static CollectObject?Hydrate(string serialized, RESULT_TYPE type)
        {
            if (serialized == null)
            {
                return(null);
            }

            switch (type)
            {
            case RESULT_TYPE.CERTIFICATE:
                return(JsonConvert.DeserializeObject <CertificateObject>(serialized, jsonSettings));

            case RESULT_TYPE.FILE:
                return(JsonConvert.DeserializeObject <FileSystemObject>(serialized, jsonSettings));

            case RESULT_TYPE.PORT:
                return(JsonConvert.DeserializeObject <OpenPortObject>(serialized, jsonSettings));

            case RESULT_TYPE.REGISTRY:
                return(JsonConvert.DeserializeObject <RegistryObject>(serialized, jsonSettings));

            case RESULT_TYPE.SERVICE:
                return(JsonConvert.DeserializeObject <ServiceObject>(serialized, jsonSettings));

            case RESULT_TYPE.USER:
                return(JsonConvert.DeserializeObject <UserAccountObject>(serialized, jsonSettings));

            case RESULT_TYPE.GROUP:
                return(JsonConvert.DeserializeObject <GroupAccountObject>(serialized, jsonSettings));

            case RESULT_TYPE.FIREWALL:
                return(JsonConvert.DeserializeObject <FirewallObject>(serialized, jsonSettings));

            case RESULT_TYPE.COM:
                return(JsonConvert.DeserializeObject <ComObject>(serialized, jsonSettings));

            case RESULT_TYPE.LOG:
                return(JsonConvert.DeserializeObject <EventLogObject>(serialized, jsonSettings));

            case RESULT_TYPE.TPM:
                return(JsonConvert.DeserializeObject <TpmObject>(serialized, jsonSettings));

            case RESULT_TYPE.KEY:
                return(JsonConvert.DeserializeObject <CryptographicKeyObject>(serialized, jsonSettings));

            case RESULT_TYPE.PROCESS:
                return(JsonConvert.DeserializeObject <ProcessObject>(serialized, jsonSettings));

            case RESULT_TYPE.DRIVER:
                return(JsonConvert.DeserializeObject <DriverObject>(serialized, jsonSettings));

            case RESULT_TYPE.FILEMONITOR:
                return(JsonConvert.DeserializeObject <FileMonitorObject>(serialized, jsonSettings));

            default:
                return(null);
            }
        }
Ejemplo n.º 7
0
        private static string?ResultTypeToTargetName(RESULT_TYPE value)
        {
            switch (value)
            {
            case RESULT_TYPE.CERTIFICATE:
                return(typeof(CertificateObject).Name);

            case RESULT_TYPE.COM:
                return(typeof(ComObject).Name);

            case RESULT_TYPE.DRIVER:
                return(typeof(DriverObject).Name);

            case RESULT_TYPE.FILE:
                return(typeof(FileSystemObject).Name);

            case RESULT_TYPE.FILEMONITOR:
                return(typeof(FileMonitorObject).Name);

            case RESULT_TYPE.FIREWALL:
                return(typeof(FirewallObject).Name);

            case RESULT_TYPE.GROUP:
                return(typeof(GroupAccountObject).Name);

            case RESULT_TYPE.KEY:
                return(typeof(CryptographicKeyObject).Name);

            case RESULT_TYPE.LOG:
                return(typeof(EventLogObject).Name);

            case RESULT_TYPE.PORT:
                return(typeof(OpenPortObject).Name);

            case RESULT_TYPE.PROCESS:
                return(typeof(ProcessObject).Name);

            case RESULT_TYPE.REGISTRY:
                return(typeof(RegistryObject).Name);

            case RESULT_TYPE.SERVICE:
                return(typeof(ServiceObject).Name);

            case RESULT_TYPE.TPM:
                return(typeof(TpmObject).Name);

            case RESULT_TYPE.USER:
                return(typeof(UserAccountObject).Name);

            case RESULT_TYPE.WIFI:
                return(typeof(WifiObject).Name);

            default:
                return(null);
            }
        }
Ejemplo n.º 8
0
        public static WriteObject?FromString(string SerializedIn, RESULT_TYPE ResultTypeIn, string RunIdIn)
        {
            var wo = new WriteObject(SerializedIn, ResultTypeIn, RunIdIn);

            if (wo.ColObj == null)
            {
                return(null);
            }
            return(wo);
        }
Ejemplo n.º 9
0
        /// <summary>
        /// The ResultCollection constructor.
        /// </summary>
        /// <param name="rgResults">Specifies the results.</param>
        /// <param name="outputLayerType">Specifies the output layer type.</param>
        public ResultCollection(List <Result> rgResults, LayerParameter.LayerType outputLayerType)
        {
            m_resultType        = GetResultType(outputLayerType);
            m_rgResultsOriginal = rgResults;

            foreach (Result item in rgResults)
            {
                m_rgResultsSorted.Add(item);
            }

            m_rgResultsSorted = m_rgResultsSorted.OrderByDescending(p => p.Score).ToList();
        }
Ejemplo n.º 10
0
        public static WriteObject?FromString(string SerializedIn, RESULT_TYPE ResultTypeIn, string RunIdIn)
        {
            var deserialized = JsonUtils.Hydrate(SerializedIn, ResultTypeIn);

            if (deserialized is CollectObject)
            {
                return(new WriteObject(deserialized, RunIdIn));
            }
            else
            {
                Log.Debug($"Couldn't hydrate {SerializedIn} Failed to make a WriteObject.");
                return(null);
            }
        }
Ejemplo n.º 11
0
        TestResultEvent createResultEvent()
        {
            RESULT_TYPE type  = RESULT_TYPE.SUCCESS;
            Exception   error = null;

            ExpectedExceptionAttribute attr = Method.GetCustomAttribute <ExpectedExceptionAttribute>();

            if (attr != null)
            {
                type  = RESULT_TYPE.FAILED_ASSERTION;
                error = new AssertException("Expected " + attr.ExpectedExceptionType
                                            + " but test method did not raise an exception");
            }
            return(new TestResultEvent(type, this, error));
        }
Ejemplo n.º 12
0
        public static List <CompareResult> GetComparisonResults(string compareId, RESULT_TYPE exportType)
        {
            List <CompareResult> records = new List <CompareResult>();

            using (var cmd = new SQLiteCommand(GET_COMPARISON_RESULTS, Connection, Transaction))
            {
                cmd.Parameters.AddWithValue("@comparison_id", compareId);
                cmd.Parameters.AddWithValue("@result_type", exportType);
                using (var reader = cmd.ExecuteReader())
                {
                    while (reader.Read())
                    {
                        records.Add(JsonSerializer.Deserialize <CompareResult>(reader["serialized"].ToString()));
                    }
                }
            }
            return(records);
        }
Ejemplo n.º 13
0
        /// <summary>
        /// Deserialize a Collect object from a RawCollectResult
        /// </summary>
        /// <param name="res">The RawCollectResult containing the msgpack serialized object to hydrate.</param>
        /// <returns>An appropriately typed collect object based on the collect result passed in, or null if the RESULT_TYPE is unknown.</returns>
        public static CollectObject?Hydrate(string bytes, RESULT_TYPE type)
        {
            if (bytes == null)
            {
                throw new NullReferenceException();
            }
            switch (type)
            {
            case RESULT_TYPE.CERTIFICATE:
                return(JsonConvert.DeserializeObject <CertificateObject>(bytes));

            case RESULT_TYPE.FILE:
                return(JsonConvert.DeserializeObject <FileSystemObject>(bytes));

            case RESULT_TYPE.PORT:
                return(JsonConvert.DeserializeObject <OpenPortObject>(bytes));

            case RESULT_TYPE.REGISTRY:
                return(JsonConvert.DeserializeObject <RegistryObject>(bytes));

            case RESULT_TYPE.SERVICE:
                return(JsonConvert.DeserializeObject <ServiceObject>(bytes));

            case RESULT_TYPE.USER:
                return(JsonConvert.DeserializeObject <UserAccountObject>(bytes));

            case RESULT_TYPE.GROUP:
                return(JsonConvert.DeserializeObject <GroupAccountObject>(bytes));

            case RESULT_TYPE.FIREWALL:
                return(JsonConvert.DeserializeObject <FirewallObject>(bytes));

            case RESULT_TYPE.COM:
                return(JsonConvert.DeserializeObject <ComObject>(bytes));

            case RESULT_TYPE.LOG:
                return(JsonConvert.DeserializeObject <EventLogObject>(bytes));

            default:
                return(null);
            }
        }
Ejemplo n.º 14
0
        TestResultEvent createResultEvent(Exception ex)
        {
            RESULT_TYPE type  = RESULT_TYPE.SUCCESS;
            Exception   error = ex;

            ExpectedExceptionAttribute attr = Method.GetCustomAttribute <ExpectedExceptionAttribute>();

            if (attr != null)
            {
                Type ExpectedExceptionType = attr.ExpectedExceptionType;
                Type ActualExceptionType   = ex.GetType();
                if (ExpectedExceptionType.IsAssignableFrom(ActualExceptionType))
                {
                    if (attr.Message == null || ex.Message.Contains(attr.Message))
                    {
                        type  = RESULT_TYPE.SUCCESS;
                        error = ex;
                    }
                    else
                    {
                        type  = RESULT_TYPE.FAILED_ASSERTION;
                        error = new AssertException("Expected exception message to contain " +
                                                    "[" + attr.Message + "] but actual message was " +
                                                    "[" + ex.Message + "]");
                    }
                }
                else
                {
                    type  = RESULT_TYPE.FAILED_ASSERTION;
                    error = new AssertException("Expected " + ExpectedExceptionType
                                                + " but was " + ActualExceptionType);
                }
            }
            else
            {
                error = ex;
                type  = ex is AssertException
                      ? RESULT_TYPE.FAILED_ASSERTION: RESULT_TYPE.FAILED_EXECUTION;
            }
            return(new TestResultEvent(type, this, error));
        }
Ejemplo n.º 15
0
        public static int GetNumResults(RESULT_TYPE ResultType, string runId)
        {
            try
            {
                using (var cmd = new SqliteCommand(SQL_GET_NUM_RESULTS.Replace("@table_name", Helpers.ResultTypeToTableName(ResultType)), DatabaseManager.Connection, DatabaseManager.Transaction))
                {
                    cmd.Parameters.AddWithValue("@run_id", runId);

                    using (var reader = cmd.ExecuteReader())
                    {
                        while (reader.Read())
                        {
                            return(int.Parse(reader["the_count"].ToString()));
                        }
                    }
                }
            }
            catch (Exception e)
            {
                Logger.DebugException(e);
            }
            return(-1);
        }
Ejemplo n.º 16
0
 public abstract List <CompareResult> GetComparisonResults(string baseId, string compareId, string analysesHash, RESULT_TYPE resultType, int offset, int numResults);
Ejemplo n.º 17
0
 void RegScan_MatchItem(cLightning.ROOT_KEY root, string key, string value, string data, RESULT_TYPE id)
 {
     _iResultsCounter += 1;
 }
Ejemplo n.º 18
0
 void RegScan_MatchItem(cLightning.ROOT_KEY root, string key, string value, string data, RESULT_TYPE id)
 {
     _sMatch = data;
     ProblemsCount += 1;
 }
Ejemplo n.º 19
0
        public static IEnumerable <CompareResult>?GetComparisonResults(string firstRunId, string secondRunId, RESULT_TYPE resultType, int offset = 0, int numResults = 2147483647)
        {
            var crs = db?.GetCollection <CompareResult>("CompareResult");

            return(crs?.Find(x => x.BaseRunId != null && x.CompareRunId != null && x.BaseRunId.Equals(firstRunId) && x.CompareRunId.Equals(secondRunId) && x.ResultType.Equals(resultType), offset, numResults));
        }
Ejemplo n.º 20
0
 public void SetResponse(object response, RESULT_TYPE type)
 {
     this.Response     = response;
     this.ErrorMessage = "success";
     ErrorCode         = (int)type;
 }
Ejemplo n.º 21
0
 public void SetErrorResponse(string errorMessage, RESULT_TYPE type)
 {
     this.ErrorCode    = (int)type;
     this.ErrorMessage = errorMessage;
     this.Response     = null;
 }
Ejemplo n.º 22
0
        public static int GetNumResults(RESULT_TYPE ResultType, string runId)
        {
            var wo = db?.GetCollection <WriteObject>("WriteObjects");

            return(wo?.Count(Query.And(Query.EQ("RunId", runId), Query.EQ("ColObj.ResultType", (int)ResultType))) ?? 0);
        }
Ejemplo n.º 23
0
 public ExecutionResult(int _result)
 {
     type          = RESULT_TYPE.INTEGER;
     integerResult = _result;
 }
Ejemplo n.º 24
0
 string IdConverter(RESULT_TYPE id)
 {
     switch (id)
     {
         case RESULT_TYPE.ControlAppID:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlClassSubEdit:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlClassSubExt:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlClassSubOpen:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlInterfaceProxy:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlInterfaceType:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlProcServer:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlTypeHelp:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlTypeLib:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.ControlTypeWin32:
             return rm.GetString("SystemScan");
         case RESULT_TYPE.DeepMs:
             return rm.GetString("DeepSystemScan");
         case RESULT_TYPE.DeepSft:
             return rm.GetString("DeepSystemScan");
         case RESULT_TYPE.Font:
             return rm.GetString("SystemFonts");
         case RESULT_TYPE.FullClassName:
             return rm.GetString("SystemSoftware");
         case RESULT_TYPE.FullClsid:
             return rm.GetString("SystemSoftware");
         case RESULT_TYPE.FullIcon:
             return rm.GetString("SystemSoftware");
         case RESULT_TYPE.Help:
             return rm.GetString("HelpFiles");
         case RESULT_TYPE.HistoryExplorer:
             return rm.GetString("HistoryandStartMenu");
         case RESULT_TYPE.HistoryLink:
             return rm.GetString("HistoryandStartMenu");
         case RESULT_TYPE.HistoryMenu:
             return rm.GetString("HistoryandStartMenu");
         case RESULT_TYPE.HistoryStart:
             return rm.GetString("HistoryandStartMenu");
         case RESULT_TYPE.Mru:
             return rm.GetString("MRULists");
         case RESULT_TYPE.Shared:
             return rm.GetString("SharedLibraries");
         case RESULT_TYPE.Startup:
             return rm.GetString("StartupEntries");
         case RESULT_TYPE.Uninstall:
             return rm.GetString("InstallationStrings");
         case RESULT_TYPE.User:
             return rm.GetString("UserScan");
         case RESULT_TYPE.Vdf:
             return rm.GetString("VirtualDevices");
         default:
             return "";
     }
 }
Ejemplo n.º 25
0
        //store: root, subkey, value, path, id
        //scandata: key root, string key, string value, string path, string img, string name, int scope, int id
        void StoreResults(cLightning.ROOT_KEY root, string subkey, string value, string data, RESULT_TYPE id)
        {
            // ****************************************************
            // Trying to check registry key permissions
            // ****************************************************
            try
            {
                var permission = new RegistryPermission(RegistryPermissionAccess.Write, root.ToString());
                permission.Demand();
            }
            catch (System.Security.SecurityException ex)
            {
                return;
            }
            // ****************************************************
            // Trying to check registry key permissions
            // ****************************************************

            if (_oProcessAsyncBackgroundWorker != null && _oProcessAsyncBackgroundWorker.CancellationPending)
            {
                return;
            }

            int i = (int)id;
            if (value.Length == 0)
            {
                value = STR_DEFAULT;
            }
            Data.Add(new ScanData(root, subkey, value, data, "", IdConverter(id), IdToScope(i), i));
            // notify
            MatchItem(root, subkey, value, data, id);
        }
Ejemplo n.º 26
0
 public ExecutionResult(Boolean _result)
 {
     type          = RESULT_TYPE.BOOLEAN;
     booleanResult = _result;
 }
Ejemplo n.º 27
0
 //store: root, subkey, value, path, id
 //scandata: key root, string key, string value, string path, string img, string name, int scope, int id
 private void StoreResults(cLightning.ROOT_KEY root, string subkey, string value, string data, RESULT_TYPE id)
 {
     int i = (int)id;
     if (value.Length == 0)
     {
         value = STR_DEFAULT;
     }
     Data.Add(new ScanData(root, subkey, value, data, "", IdConverter(i), IdToScope(i), i));
     // notify
     MatchItem(root, subkey, value, data, id);
 }
Ejemplo n.º 28
0
 public Result(int integerResult)
 {
     type = RESULT_TYPE.INTEGER;
     this.IntegerResult = integerResult;
 }
Ejemplo n.º 29
0
 public Result(bool booleanResult)
 {
     type = RESULT_TYPE.BOOLEAN;
     this.BooleanResult = booleanResult;
 }
Ejemplo n.º 30
0
        public override List <CompareResult> GetComparisonResults(string baseId, string compareId, RESULT_TYPE exportType)
        {
            List <CompareResult> records = new List <CompareResult>();

            if (MainConnection != null)
            {
                using (var cmd = new SqliteCommand(GET_COMPARISON_RESULTS, MainConnection.Connection, MainConnection.Transaction))
                {
                    cmd.Parameters.AddWithValue("@first_run_id", baseId);
                    cmd.Parameters.AddWithValue("@second_run_id", compareId);
                    cmd.Parameters.AddWithValue("@result_type", exportType);
                    using (var reader = cmd.ExecuteReader())
                    {
                        while (reader.Read())
                        {
                            if (reader["serialized"].ToString() is string serialized)
                            {
                                records.Add(JsonConvert.DeserializeObject <CompareResult>(serialized));
                            }
                        }
                    }
                }
            }
            return(records);
        }
Ejemplo n.º 31
0
 public abstract List <CompareResult> GetComparisonResults(string baseId, string compareId, RESULT_TYPE exportType);
Ejemplo n.º 32
0
 public abstract int GetNumResults(RESULT_TYPE ResultType, string runId);
Ejemplo n.º 33
0
 public TestResultEvent(RESULT_TYPE f, TestMethod m, Exception e)
 {
     Nature = f;
     Method = m;
     Error  = e;
 }