private static void PrintProcessCreationEvents() { try { Beaprint.MainPrint("Process creation events - searching logs (EID 4688) for sensitive data.\n"); if (!MyUtils.IsHighIntegrity()) { Beaprint.NoColorPrint(" You must be an administrator to run this check"); return; } foreach (var eventInfo in ProcessCreation.GetProcessCreationEventInfos()) { Beaprint.BadPrint($" Created (UTC) : {eventInfo.CreatedAtUtc}\n" + $" Event Id : {eventInfo.EventId}\n" + $" User : {eventInfo.User}\n" + $" Command Line : {eventInfo.Match}\n"); Beaprint.PrintLineSeparator(); } } catch (Exception ex) { Beaprint.PrintException(ex.Message); } }
private void beginInstallUpdateExe(ApplicationUpdate update, bool restartApplication = true) { if (!File.Exists(update.UpdateFileLocalPath)) { throw new Exception("Target update installer does not exist at the expected location."); } var systemFolder = Environment.GetFolderPath(Environment.SpecialFolder.System); string filename, args; if (restartApplication) { string executingProcess = Process.GetCurrentProcess().MainModule.FileName; filename = update.UpdateFileLocalPath; args = $"\"{filename}\" /passive /waitforexit"; // The /waitforexit argument makes sure FilterServiceProvider.exe is stopped before displaying its UI. } else { filename = update.UpdateFileLocalPath; args = $"\"{filename}\" /passive /waitforexit"; } try { if (!ProcessCreation.CreateElevatedProcessInCurrentSession(filename, args)) { logger.Error($"Failed to create elevated process with {System.Runtime.InteropServices.Marshal.GetLastWin32Error()}"); } } catch (Exception ex) { logger.Error(ex); } }
public override Task <StartClientResponse> startClient(StartClientRequest request, ServerCallContext context) { ProcessCreation.StartClient(request.Username, request.URL, request.ScriptFile, request.DefaultServerUrl, request.Partitions); return(Task.FromResult(new StartClientResponse())); }
public override Task <StartServerResponse> startServer(StartServerRequest request, ServerCallContext context) { var partitions = new List <Partition>(); foreach (var p in request.Partitions) { partitions.Add(new Partition { id = p.Id, masterUrl = p.MasterURL }); } ProcessCreation.StartServer(request.ServerId, request.URL, request.MinDelay, request.MaxDelay, partitions); return(Task.FromResult(new StartServerResponse())); }
private void beginInstallUpdateExe(ApplicationUpdate update, bool restartApplication = true) { if (!File.Exists(update.UpdateFileLocalPath)) { throw new Exception("Target update installer does not exist at the expected location."); } var systemFolder = Environment.GetFolderPath(Environment.SpecialFolder.System); var email = PlatformTypes.New <IAuthenticationStorage>().UserEmail; var fingerPrint = FingerprintService.Default.Value; var userId = email + ":" + fingerPrint; string filename, args; if (restartApplication) { string executingProcess = Process.GetCurrentProcess().MainModule.FileName; filename = update.UpdateFileLocalPath; args = $"\"{filename}\" /upgrade /passive /waitforexit /userid={userId}"; // The /waitforexit argument makes sure FilterServiceProvider.exe is stopped before displaying its UI. } else { filename = update.UpdateFileLocalPath; args = $"\"{filename}\" /upgrade /passive /waitforexit /userid={userId}"; } try { logger.Info("Starting update process " + filename + " " + args); if (!ProcessCreation.CreateElevatedProcessInCurrentSession(filename, args)) { logger.Error($"Failed to create elevated process with {System.Runtime.InteropServices.Marshal.GetLastWin32Error()}"); } } catch (Exception ex) { logger.Error(ex); } }