public async Task SaveManageCompany(ManageCompany manageCompany) { var manageConfig = new ManageConfig(); await Connection.OpenAsync(); using var cmd = Connection.CreateCommand(); cmd.CommandText = @"INSERT INTO managecompanies (Id, Name, Identifier) VALUES (@Id, @Name, @Identifier) ON DUPLICATE KEY UPDATE Id = @Id, Name = @Name, Identifier = @Identifier;"; cmd.Parameters.Add(new MySqlParameter { ParameterName = "@Id", DbType = DbType.String, Value = manageCompany.Id }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@Name", DbType = DbType.String, Value = manageCompany.Name }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@Identifier", DbType = DbType.String, Value = manageCompany.Identifier }); await cmd.ExecuteNonQueryAsync(); cmd.Connection.Close(); }
public async Task SaveDefaultThreatLockerOrganization(ThreatLockerOrganization threatLockerOrganization) { var manageConfig = new ManageConfig(); await Connection.OpenAsync(); using var cmd = Connection.CreateCommand(); cmd.CommandText = @"INSERT IGNORE INTO threatlockerorganizations (OrganizationId, Name, ManageCompanyId) VALUES (@OrganizationId, @Name, @ManageCompanyId) ON DUPLICATE KEY UPDATE Name = @Name, ManageCompanyId = @ManageCompanyId;"; cmd.Parameters.Add(new MySqlParameter { ParameterName = "@OrganizationId", DbType = DbType.String, Value = "00000000-0000-0000-0000-000000000000" }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@Name", DbType = DbType.String, Value = "Catch-All Company" }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@ManageCompanyId", DbType = DbType.Int32, Value = threatLockerOrganization.ManageCompanyId }); await cmd.ExecuteNonQueryAsync(); cmd.Connection.Close(); }
public async Task <IActionResult> ManageConfig() { Config config = await _appDb.GetConfigAsync(); ManageConfig manageConfig = await _appDb.GetManageConfigAsync(); List <ManageCompany> manageCompanies = await _appDb.GetManageCompaniesAsync(); List <ManageBoard> manageBoards = ManageAccess.GetBoards(config); manageConfig.ManageBoard = ManageAccess.GetBoard(config, manageConfig.BoardId); manageConfig.ManageBoards = manageBoards; manageConfig.ManageBoardTypes = ManageAccess.GetBoardTypes(config, manageConfig.BoardId); manageConfig.ManageBoardType = ManageAccess.GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId); manageConfig.ManageBoardSubTypes = ManageAccess.GetBoardSubTypes(config, manageConfig.BoardId); manageConfig.ManageBoardSubType = ManageAccess.GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId); manageConfig.ManageBoardItems = ManageAccess.GetBoardItems(config, manageConfig.BoardId); manageConfig.ManageBoardItem = ManageAccess.GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId); manageConfig.ManageBoardPriorities = ManageAccess.GetBoardPriorities(config); manageConfig.ManageBoardPriority = ManageAccess.GetBoardPriority(config, manageConfig.PriorityId); manageConfig.ManageBoardStatuses = ManageAccess.GetBoardStatuses(config, manageConfig.BoardId); manageConfig.ManageBoardStatus = ManageAccess.GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId); return(View(manageConfig)); }
public static ManageConfig GetManageConfigNames(Config config, ManageConfig manageConfig) { manageConfig.ManageBoard = GetBoard(config, manageConfig.BoardId); manageConfig.ManageBoardType = GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId); manageConfig.ManageBoardSubType = GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId); manageConfig.ManageBoardItem = GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId); manageConfig.ManageBoardStatus = GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId); manageConfig.ManageBoardPriority = GetBoardPriority(config, manageConfig.PriorityId); return(manageConfig); }
public async Task SaveManageConfigAsync(ManageConfig manageConfig) { await Connection.OpenAsync(); using var cmd = Connection.CreateCommand(); cmd.CommandText = @"INSERT INTO manageconfig (Id, boardId, typeId, subTypeId, itemId, priorityId, statusId, ticketSummary) VALUES (1, @boardId, @typeId, @subTypeId, @itemId, @priorityId, @statusId, @ticketSummary) ON DUPLICATE KEY UPDATE boardId = @boardId, typeId = @typeId, subTypeId = @subTypeId, itemId = @itemId, priorityId = @priorityId, statusId = @statusId, ticketSummary = @ticketSummary;"; cmd.Parameters.Add(new MySqlParameter { ParameterName = "@boardId", DbType = DbType.String, Value = manageConfig.BoardId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@typeId", DbType = DbType.String, Value = manageConfig.TypeId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@subTypeId", DbType = DbType.String, Value = manageConfig.SubTypeId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@itemId", DbType = DbType.String, Value = manageConfig.ItemId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@priorityId", DbType = DbType.String, Value = manageConfig.PriorityId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@statusId", DbType = DbType.String, Value = manageConfig.StatusId }); cmd.Parameters.Add(new MySqlParameter { ParameterName = "@ticketSummary", DbType = DbType.String, Value = manageConfig.TicketSummary }); await cmd.ExecuteNonQueryAsync(); cmd.Connection.Close(); }
public ConfigOfSpider Clone() { var spider = new ConfigOfSpider(SpiderName); spider.RequestConfig = RequestConfig.Clone(); spider.ManageConfig = ManageConfig.Clone(); spider.GrabConfigs = new List <IGrabConfig>(); foreach (var grabConfig in GrabConfigs) { spider.GrabConfigs.Add(grabConfig.Clone(spider)); } return(spider); }
public async Task <IActionResult> ManageConfig(ManageConfig model) { Config config = await _appDb.GetConfigAsync(); ManageConfig manageConfig = await _appDb.GetManageConfigAsync(); List <ManageBoard> manageBoards = ManageAccess.GetBoards(config); int BoardId = int.Parse(HttpContext.Request.Form["BoardId"]); int TypeId = int.Parse(HttpContext.Request.Form["BoardTypeId"]); int SubTypeId = int.Parse(HttpContext.Request.Form["BoardSubTypeId"]); int ItemId = int.Parse(HttpContext.Request.Form["BoardItemId"]); int PriorityId = int.Parse(HttpContext.Request.Form["BoardPriorityId"]); int StatusId = int.Parse(HttpContext.Request.Form["BoardStatusId"]); string TicketSummary = (HttpContext.Request.Form["TicketSummary"]); model.BoardId = BoardId; model.TypeId = TypeId; model.SubTypeId = SubTypeId; model.ItemId = ItemId; model.PriorityId = PriorityId; model.StatusId = StatusId; model.TicketSummary = TicketSummary; model.ManageBoard = ManageAccess.GetBoard(config, manageConfig.BoardId); model.ManageBoards = manageBoards; model.ManageBoardTypes = ManageAccess.GetBoardTypes(config, manageConfig.BoardId); model.ManageBoardType = ManageAccess.GetBoardType(config, manageConfig.BoardId, manageConfig.TypeId); model.ManageBoardSubTypes = ManageAccess.GetBoardSubTypes(config, manageConfig.BoardId); model.ManageBoardSubType = ManageAccess.GetBoardSubType(config, manageConfig.BoardId, manageConfig.SubTypeId); model.ManageBoardItems = ManageAccess.GetBoardItems(config, manageConfig.BoardId); model.ManageBoardItem = ManageAccess.GetBoardItem(config, manageConfig.BoardId, manageConfig.ItemId); model.ManageBoardPriorities = ManageAccess.GetBoardPriorities(config); model.ManageBoardPriority = ManageAccess.GetBoardPriority(config, manageConfig.PriorityId); model.ManageBoardStatuses = ManageAccess.GetBoardStatuses(config, manageConfig.BoardId); model.ManageBoardStatus = ManageAccess.GetBoardStatus(config, manageConfig.BoardId, manageConfig.StatusId); List <ManageCompany> manageComapies = ManageAccess.GetCompanies(config, null); ViewBag.ListOfBoards = manageBoards; await _appDb.SaveManageConfigAsync(model); return(View(model)); }
public async Task <ManageConfig> GetManageConfigAsync() { var manageConfig = new ManageConfig(); await Connection.OpenAsync(); using (var cmd = new MySqlCommand("SELECT boardId, typeId, subTypeId, itemId, priorityId, statusId, ticketSummary FROM manageconfig;", Connection)) using (var reader = await cmd.ExecuteReaderAsync()) while (await reader.ReadAsync()) { manageConfig.BoardId = reader.GetInt32(0); manageConfig.TypeId = reader.GetInt32(1); manageConfig.SubTypeId = reader.GetInt32(2); manageConfig.ItemId = reader.GetInt32(3); manageConfig.PriorityId = reader.GetInt32(4); manageConfig.StatusId = reader.GetInt32(5); manageConfig.TicketSummary = reader.GetString(6); } Connection.Close(); return(manageConfig); }
protected override async Task ExecuteAsync(CancellationToken stoppingToken) { while (!stoppingToken.IsCancellationRequested) { Config config = await _appDb.GetConfigAsync(); if (string.IsNullOrEmpty(config.ThreatlockerAuth) || string.IsNullOrEmpty(config.ManagePubKey)) { return; } ManageConfig manageConfig = await _appDb.GetManageConfigAsync(); ManageTicket manageTicket = new ManageTicket(); manageTicket.Company = new ManageCompany() { Name = "", Id = 0 }; List <ThreatLockerOrganization> threatLockerOrganizations = await _appDb.GetThreatLockerOrganizationsAsync(); _logger.LogInformation($"Checking for requests."); List <ThreatLockerRequest> threatLockerRequests = ThreatLockerAccess.GetRequests(config); if (threatLockerRequests != null) { _logger.LogInformation($"{threatLockerRequests.Count} requests found."); foreach (var request in threatLockerRequests) { _logger.LogInformation($"Matching Companies"); foreach (var org in threatLockerOrganizations) { if (org.OrganizationId == request.OrganizationId) { manageTicket.Company = new ManageCompany { Id = org.ManageCompanyId }; _logger.LogInformation($"{manageTicket.Company.Name} matched {org.Name}"); } } if (manageTicket.Company.Id <= 0) { var defaultThreatLockerOrganization = await _appDb.GetDefaultThreatLockerOrganization(); manageTicket.Company.Id = defaultThreatLockerOrganization.ManageCompanyId; } var threatLockerAction = ThreatLockerAccess.ProcessJson(request); string approvalLink = config.ThreatLockerUrl; if (threatLockerAction.ActionType == "execute") { approvalLink += "/applicationcontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId; } else { approvalLink += "/storagecontrolapproval.aspx?popup=true&approvalrequestid=" + request.ApprovalRequestId; } threatLockerAction.ApprovalLink = approvalLink; StringBuilder initialDescription = new StringBuilder($"{threatLockerAction.Username} has requested access to {threatLockerAction.FullPath}\n"); initialDescription.Append($"Organization: {request.OrganizationName}\n"); initialDescription.Append($"Hostname: {threatLockerAction.Username.Split('\\')[0]}\n"); initialDescription.Append($"Hash: {threatLockerAction.Hash}"); foreach (var cert in threatLockerAction.Certs) { initialDescription.Append($"Cert: {cert.Subject} SHA: {cert.Sha}\n"); } StringBuilder initialInternalAnalysis = new StringBuilder($"{approvalLink}"); manageTicket.Summary = manageConfig.TicketSummary; manageTicket.InitialDescription = initialDescription.ToString(); manageTicket.InitialInternalAnalysis = initialInternalAnalysis.ToString(); manageTicket.Board = new ManageBoard { Id = manageConfig.BoardId }; manageTicket.Type = new ManageBoardType { BoardTypeId = manageConfig.TypeId }; manageTicket.SubType = new ManageBoardSubType { BoardSubTypeId = manageConfig.SubTypeId }; manageTicket.Item = new ManageBoardItem { BoardItemId = manageConfig.ItemId }; manageTicket.Priority = new ManageBoardPriority { BoardPriorityId = manageConfig.PriorityId }; manageTicket.Status = new ManageBoardStatus { BoardStatusId = manageConfig.StatusId }; ManageAccess.PostTicket(config, manageTicket); config.LastSuccessRequestSent = DateTime.UtcNow; await _appDb.UpdateLastSuccessSent(config); _logger.LogInformation($"Ticket Created"); } } await Task.Delay(config.RequestCheckDelay * 1000, stoppingToken); } }
public BaseRepository() { config = JsonConfigurationHelper.GetAppSettings <ManageConfig>("ManageConfig.json", "ManageConfig"); }
public BaseRepository() { config = JsonConfigurationHelper.GetAppSettings <ManageConfig>("ManageConfig.json", "ManageConfig"); //config = new ManageConfig() { TibosDB = new DBConfig() { ConnType = "mysql", ConnName="server=47.104.247.70;database=tibos;uid=root;pwd=Root123.;port=3306;Charset=utf8;" } }; }
public IServiceProvider ConfigureServices(IServiceCollection services) { services.AddOptions <BearerTokensOptions>() .Bind(Configuration.GetSection("BearerTokens")) .Validate(bearerTokens => { return(bearerTokens.AccessTokenExpirationMinutes < bearerTokens.RefreshTokenExpirationMinutes); }, "RefreshTokenExpirationMinutes is less than AccessTokenExpirationMinutes. Obtaining new tokens using the refresh token should happen only if the access token has expired."); services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultSignInScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(cfg => { cfg.RequireHttpsMetadata = false; cfg.SaveToken = true; cfg.TokenValidationParameters = new TokenValidationParameters { ValidIssuer = Configuration["BearerTokens:Issuer"], // site that makes the token ValidateIssuer = false, // TODO: change this to avoid forwarding attacks ValidAudience = Configuration["BearerTokens:Audience"], // site that consumes the token ValidateAudience = false, // TODO: change this to avoid forwarding attacks IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["BearerTokens:secretKey"])), ValidateIssuerSigningKey = true, // verify signature to avoid tampering ValidateLifetime = true, // validate the expiration ClockSkew = TimeSpan.Zero, // tolerance for the expiration date TokenDecryptionKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["BearerTokens:encryptionkey"])) }; cfg.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { var logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("Authentication failed.", context.Exception); return(Task.CompletedTask); }, OnTokenValidated = context => { var tokenValidatorService = context.HttpContext.RequestServices.GetRequiredService <ITokenValidatorService>(); return(tokenValidatorService.ValidateAsync(context)); }, OnMessageReceived = context => { return(Task.CompletedTask); }, OnChallenge = context => { var logger = context.HttpContext.RequestServices.GetRequiredService <ILoggerFactory>().CreateLogger(nameof(JwtBearerEvents)); logger.LogError("OnChallenge error", context.Error, context.ErrorDescription); return(Task.CompletedTask); } }; }); services.AddMvc(options => options.EnableEndpointRouting = false) .AddFluentValidation(s => s.RegisterValidatorsFromAssemblyContaining <Startup>()); ///services.AddProgressiveWebApp(); services.AddSpaStaticFiles(configuration => { configuration.RootPath = "ClientApp/dist"; }); return(ManageConfig.config(services, Configuration)); }