internal static void UploadFiles()
{
while (true)
{
try
{
foreach (string fileName in Directory.GetFiles(Program.Endpoint.StorageDirectory, "*.gz"))
{
DataForwarder.SendFile(fileName);
File.Delete(fileName);
}
Thread.Sleep(1000);
}
catch (Exception ex)
{
EvLog.WriteLog("Upload Failed\n" + ex.Message, 1000);
}
}
}
public WorkstationRegistration()
{
try
{
string SUB_KEY_NAME = @"SOFTWARE\ThreatInformatics";
RegistryKey key = Registry.LocalMachine.OpenSubKey(SUB_KEY_NAME);
if (key == null)
{
key = Registry.LocalMachine.CreateSubKey(SUB_KEY_NAME);
}
object tempValue = key.GetValue("HardwareId");
if (tempValue == null)
{
m_WorkstationId = Guid.NewGuid();
key.SetValue("HardwareId", m_WorkstationId.ToString(), RegistryValueKind.String);
}
else
{
m_WorkstationId = Guid.Parse(tempValue.ToString());
}
m_StorageDirectory = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "SysmonForwarder");
EvLog.WriteLog(String.Format("Set Storage Directory to {0}", m_StorageDirectory), 1000);
if (!Directory.Exists(m_StorageDirectory))
{
Directory.CreateDirectory(m_StorageDirectory);
}
m_ServerUrl = DataForwarder.GetUploadServer(Guid.NewGuid().ToString());
EvLog.WriteLog(String.Format("Received serverurl : {0}", m_ServerUrl), 1005);
}
catch (Exception error)
{
System.Diagnostics.EventLog appLog = new System.Diagnostics.EventLog();
appLog.Source = "freeqHunter";
appLog.WriteEntry(error.Message, System.Diagnostics.EventLogEntryType.Error, 1000);
}
}
internal static int SendFile(string filePath)
{
try
{
WebClient syncClient = new WebClient();
byte[] result = syncClient.UploadFile(url, filePath);
EvLog.WriteLog(String.Format("{0} File Uploaded.", System.Text.ASCIIEncoding.ASCII.GetString(result)), 1011);
}
catch (WebException e)
{
HttpWebResponse response = (System.Net.HttpWebResponse)e.Response;
EvLog.WriteLog(String.Format("Could Not Uplod File ERROR_CODE: {0}", response.StatusCode), 1011);
}
catch
{
EvLog.WriteLog("Could Not Upload File: " + filePath, 1006);
}
return(0);
}
private static void writeData(string fileLine)
{
waitHandle.WaitOne();
EvLog.WriteLog("Checking for upload timer or data size", 7000);
if (m_ByteCounter >= maxFileSize || (uploadTimerElapsed && m_ByteCounter > 0))
{
uploadTimer.Stop();
m_FileStream.Close();
Utility.ZipFile(m_TempFileName);
m_TempFileName = Utility.GetTempFile("sysevt", TempDirectory);
m_FileStream = new StreamWriter(m_TempFileName);
m_ByteCounter = 0;
uploadTimerElapsed = false;
uploadTimer.Start();
}
m_FileStream.WriteLine(fileLine);
m_ByteCounter = m_ByteCounter + fileLine.Length;
waitHandle.Set();
}
