private void PData_CollectionChanged(object sender, System.Collections.Specialized.NotifyCollectionChangedEventArgs e)
{
ProcessData changedData = null;
int amount = 0;
if (e.Action == System.Collections.Specialized.NotifyCollectionChangedAction.Add)
{
changedData = (ProcessData)e.NewItems[e.NewItems.Count - 1];
amount = 1;
}
else if (e.Action == System.Collections.Specialized.NotifyCollectionChangedAction.Remove)
{
changedData = (ProcessData)e.OldItems[0];
amount = -1;
}
ChangeValue(changedData.Name, amount);
}
private static void OutputHandler(object sendingProcess, DataReceivedEventArgs outLine)
{
//Als de nieuwe lijn leeg is zal er niets worden gedaan
if (String.IsNullOrEmpty(outLine.Data))
{
return;
}
try
{
//Controleert wanneer netstat opnieuw controleert naar connecties
if (outLine.Data.Equals("Active Connections"))
{
//Console.WriteLine("----- new list -----\n old list length: " + currentDataList.Count);
try
{
for (int i = activeDataList.Count - 1; i >= 0; i--)
{
//Console.Write(i + " " + activeDataList[i].Name + " \t ------\t");
//activeDataList[i].WriteData();
ProcessData currentData = activeDataList[i];
bool connected = false;
foreach (ProcessData oldData in currentDataList)
{
//Console.Write("\t" + oldData.Name + " is being checked -----\t");
//oldData.WriteData();
if (currentData.Equals(oldData))
{
connected = true;
break;
}
}
if (!connected)
{
if (loggedIn)
{
currentData.Connected = false;
currentData.Uploaded = false;
currentData.TimeStamp = DateTime.Now;
}
else
{
activeDataList.RemoveAt(i);
}
}
}
for (int i = uiDataList.Count - 1; i >= 0; i--)
{
ProcessData currentData = uiDataList[i];
bool connected = false;
foreach (ProcessData oldData in currentDataList)
{
if (currentData.Equals(oldData))
{
connected = true;
break;
}
}
if (!connected)
{
Application.Current.Dispatcher.Invoke((Action)(() =>
{
uiDataList.RemoveAt(i);
}));
Console.WriteLine(currentData.Name + " disconected");
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
finally
{
//Ververst de lijst van actieve connecties
currentDataList.Clear();
}
}
else
{
string[] tokens = Regex.Split(outLine.Data, "\\s+");
//Filtert alle onnodige verbindingen
//94.227.224.119 is het ip van sql server waarop wireshell draait
if (tokens[1].Equals("TCP") && !tokens[3].Split(':')[0].Equals("0.0.0.0") && !tokens[3].Split(':')[0].Equals("94.227.224.119") && !tokens[3].Split(':')[0].Equals("127.0.0.1") && !tokens[5].Equals("0") && tokens[4].Equals("ESTABLISHED"))
{
Process p;
string pName = "";
try
{
p = Process.GetProcessById(Convert.ToInt32(tokens[5]));
pName = p.ProcessName;
}
catch (ArgumentException ex)
{
Console.WriteLine("Process doesn't exists: " + tokens[5] + "\n" + ex.Message);
return;
}
if (pName == "svchost")
{
return;
}
//Creert nieuwe data adv van de output van netstat
ProcessData newData = new ProcessData(tokens[3].Split(':')[0], Convert.ToInt64(tokens[3].Split(':')[1]), Convert.ToInt32(tokens[5]), pName, DateTime.Now);
//Voegt de nieuwe data toe aan de actieve connecties
currentDataList.Add(newData);
//Controleert of een gelijkaardige connectie al eerder verbonden is
bool newCon = true;
foreach (ProcessData data in activeDataList)
{
if (data.Equals(newData))
{
newCon = false;
break;
}
}
//Als het een nieuwe verbinding is zal deze worden teogevoegd aan activeDataList
if (newCon)
{
activeDataList.Add(newData);
}
newCon = true;
foreach (ProcessData data in uiDataList)
{
if (data.Equals(newData))
{
newCon = false;
break;
}
}
if (newCon)
{
Application.Current.Dispatcher.Invoke((Action)(() =>
{
uiDataList.Add(newData);
}));
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
}
public bool Equals(ProcessData data)
{
return(Ip == data.Ip && Port == data.Port && PID == data.PID && Name == data.Name);
}
internal void UploadData(Object source, ElapsedEventArgs e)
{
if (!loggedIn)
{
return;
}
Console.WriteLine("checking for data change");
try
{
using (MySqlConnection connection = new MySqlConnection(connectionString))
{
connection.Open();
MySqlCommand addData = new MySqlCommand("sp_AddNewData", connection)
{
CommandType = System.Data.CommandType.StoredProcedure
};
MySqlCommand finishData = new MySqlCommand("sp_FinishData", connection)
{
CommandType = System.Data.CommandType.StoredProcedure
};
MySqlCommand tinyData = new MySqlCommand("sp_AddFinishedData", connection)
{
CommandType = System.Data.CommandType.StoredProcedure
};
for (int i = activeDataList.Count - 1; i >= 0; i--)
{
ProcessData data = activeDataList[i];
if (data.Uploaded)
{
continue;
}
Console.WriteLine(data.PID + " " + data.Ip + " " + data.Name + " " + data.Port + " " + data.TimeStamp);
if (data.Connected)
{
Console.WriteLine("\tconnected");
addData.Parameters.AddWithValue("userID", userID);
addData.Parameters.AddWithValue("ip", data.Ip);
addData.Parameters.AddWithValue("name", data.Name);
addData.Parameters.AddWithValue("startDate", data.TimeStamp);
addData.Parameters.AddWithValue("port", data.Port);
using (MySqlDataReader reader = addData.ExecuteReader())
{
reader.Read();
data.Pointer = reader.GetInt16("DataID");
Console.WriteLine("\tDone ID: " + data.Pointer);
}
addData.Parameters.Clear();
activeDataList[i].Uploaded = true;
}
else
{
if (data.Pointer == -1)
{
Console.WriteLine("\tstart and ended");
tinyData.Parameters.AddWithValue("userID", userID);
tinyData.Parameters.AddWithValue("ip", data.Ip);
tinyData.Parameters.AddWithValue("name", data.Name);
tinyData.Parameters.AddWithValue("startDate", data.TimeStamp);
tinyData.Parameters.AddWithValue("endDate", data.TimeStamp);
tinyData.Parameters.AddWithValue("port", data.Port);
tinyData.ExecuteNonQuery();
tinyData.Parameters.Clear();
Console.WriteLine("\tDone");
activeDataList.RemoveAt(i);
}
else
{
Console.WriteLine("\tdisconnected");
finishData.Parameters.AddWithValue("prevDataID", data.Pointer);
finishData.Parameters.AddWithValue("finishDate", data.TimeStamp);
finishData.ExecuteNonQuery();
finishData.Parameters.Clear();
Console.WriteLine("\tDone");
activeDataList.RemoveAt(i);
}
}
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
finally
{
Console.WriteLine("Check done");
}
}
