public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Get list of programs on system
List <string> programs = GetPrograms();
// Loop over every program config
foreach (KeyValuePair <string, bool> programConfig in InstalledPrograms)
{
bool installed = false;
// Loop over every program on system
foreach (string program in programs)
{
// If program and config match, program is installed
if (program == programConfig.Key)
{
installed = true;
}
}
// If desired install status matches actual status
if (installed == programConfig.Value)
{
details.Points++;
details.Output.Add(ConfigurationManager.Translate("InstalledPrograms", programConfig.Key, programConfig.Value ? "Installed" : "Uninstalled"));
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
if (RemoteDesktopStatus.IsScored)
{
object sectionValue = RegistryManager.GetValue(RemoteDesktopStatus.Key, RemoteDesktopStatus.ValueName);
if (sectionValue != null)
{
int value = (int)sectionValue;
if (value == RemoteDesktopStatus.SelectedIndex)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("RemoteDesktop", RemoteDesktopStatus.SelectedItem));
}
}
}
if (HostFileScored)
{
bool emptyOrDefault = true;
// Gets host file path from System32 folder
string hostFilePath = Path.Combine(Environment.SystemDirectory, @"drivers\etc\hosts");
// If file exists, check it
if (File.Exists(hostFilePath))
{
// Read all lines of file
string[] lines = File.ReadAllLines(hostFilePath);
// Loop over each line
foreach (string line in lines)
{
// If line is not a comment and is not whitespace
if (!line.StartsWith("#") && !string.IsNullOrWhiteSpace(line))
{
// If line does not contain either of the default entries
if (!line.Contains("127.0.0.1 localhost") &&
!line.Contains("::1 localhost"))
{
// File is not empty/default
emptyOrDefault = false;
break;
}
}
}
}
// If file is empty/default, give points
if (emptyOrDefault)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("HostFile"));
}
}
return(details);
}
/// <summary>
/// Allocate the payload in the target process.
/// </summary>
/// <author>The Wover (@TheRealWover)</author>
/// <param name="Payload">The PIC payload to allocate to the target process.</param>
/// <param name="Process">The target process.</param>
/// <param name="PreferredAddress">The preferred address at which to allocate the payload in the target process.</param>
/// <returns>Base address of allocated memory within the target process's virtual memory space.</returns>
public IntPtr Allocate(PICPayload Payload, Process Process, IntPtr PreferredAddress)
{
// Get a convenient handle for the target process.
IntPtr procHandle = Process.Handle;
// Create a section to hold our payload
IntPtr sectionAddress = CreateSection((uint)Payload.Payload.Length, sectionAttributes);
// Map a view of the section into our current process with RW permissions
SectionDetails details = MapSection(Process.GetCurrentProcess().Handle, sectionAddress,
localSectionPermissions, IntPtr.Zero, Convert.ToUInt32(Payload.Payload.Length));
// Copy the shellcode to the local view
System.Runtime.InteropServices.Marshal.Copy(Payload.Payload, 0, details.baseAddr, Payload.Payload.Length);
// Now that we are done with the mapped view in our own process, unmap it
Data.Native.NTSTATUS result = UnmapSection(Process.GetCurrentProcess().Handle, details.baseAddr);
// Now, map a view of the section to other process. It should already hold the payload.
SectionDetails newDetails;
if (PreferredAddress != IntPtr.Zero)
{
// Attempt to allocate at a preferred address. May not end up exactly at the specified location.
// Refer to MSDN documentation on ZwMapViewOfSection for details.
newDetails = MapSection(procHandle, sectionAddress, remoteSectionPermissions, PreferredAddress, (ulong)Payload.Payload.Length);
}
else
{
newDetails = MapSection(procHandle, sectionAddress, remoteSectionPermissions, IntPtr.Zero, (ulong)Payload.Payload.Length);
}
return(newDetails.baseAddr);
}
/// <summary>
/// Allocate the payload to the target process.
/// </summary>
/// <param name="payload">The PIC payload to allocate to the target process.</param>
/// <param name="process">The target process.</param>
/// <returns>Base address of allocated memory within the target process's virtual memory space.</returns>
public IntPtr Allocate(PICPayload payload, System.Diagnostics.Process process)
{
//Get a convenient handle for the target process.
IntPtr procHandle = process.Handle;
//Create a section to hold our payload
IntPtr sectionAddress = CreateSection((uint)payload.Payload.Length);
//Map a view of the section into our current process with RW permissions
SectionDetails details = MapSection(System.Diagnostics.Process.GetCurrentProcess().Handle, sectionAddress,
Win32.WinNT.PAGE_READWRITE, IntPtr.Zero, Convert.ToUInt32(payload.Payload.Length));
//Copy the shellcode to the local view
System.Runtime.InteropServices.Marshal.Copy(payload.Payload, 0, details.baseAddr, payload.Payload.Length);
//Now that we are done with the mapped view in our own process, unmap it
Win32.NtDll.NTSTATUS result = UnmapSection(System.Diagnostics.Process.GetCurrentProcess().Handle, details.baseAddr);
//Now, map a view of the section to other process. It should already hold our shellcode.
//If the shellcode supports it, you should use RX memory rather than RWX.
SectionDetails newDetails = MapSection(procHandle, sectionAddress,
Win32.WinNT.PAGE_EXECUTE_READWRITE, IntPtr.Zero, (uint)payload.Payload.Length);
return(newDetails.baseAddr);
}
/// <summary>
/// Update the Details of a Section.
/// </summary>
/// <param name="section"></param>
/// <param name="details"></param>
private void UpdateSectionDetails(Section section, SectionDetails details)
{
// Update Section Data
details.MapInto(section);
// Create Fields
foreach (var field in details.Fields)
{
var newField = section.CreateField(field.DataEntryFieldId, field.Label);
field.MapInto(newField);
}
// Create new SubSection
foreach (var subSection in details.SubSections)
{
var newSubSection = section.CreateSubSection(subSection.Label);
subSection.MapInto(newSubSection);
// Create new SubSection Fields
foreach (var field in subSection.Fields)
{
var newField = section.CreateField(field.DataEntryFieldId, field.Label, newSubSection);
field.MapInto(newField);
}
}
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
SecurityPolicyManager.GetLockoutPolicy();
if (ConfigPolicy.AccountLockoutDuration.IsScored &&
ConfigPolicy.AccountLockoutDuration.Value.WithinBounds(SystemPolicy.AccountLockoutDuration))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("AccountLockoutDuration", SystemPolicy.AccountLockoutDuration));
}
if (ConfigPolicy.AccountLockoutThreshold.IsScored &&
ConfigPolicy.AccountLockoutThreshold.Value.WithinBounds(SystemPolicy.AccountLockoutThreshold))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("AccountLockoutThreshold", SystemPolicy.AccountLockoutThreshold));
}
if (ConfigPolicy.ResetLockoutCounterAfter.IsScored &&
ConfigPolicy.ResetLockoutCounterAfter.Value.WithinBounds(SystemPolicy.ResetLockoutCounterAfter))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("ResetLockoutCounterAfter", SystemPolicy.ResetLockoutCounterAfter));
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
SecurityPolicyManager.GetAuditPolicy();
// Loop over every audit configuration
foreach (KeyValuePair <string, ScoredItem <EAuditSettings> > config in ConfigPolicy.HeaderSettingPairs)
{
// If not scored, skip
if (!config.Value.IsScored)
{
continue;
}
// Loop over every system audit setting
foreach (KeyValuePair <string, POLICY_AUDIT_EVENT> systemSetting in SystemPolicy.HeaderSettingPairs)
{
// Check if config and system setting are of the same policy
if (config.Key == systemSetting.Key)
{
// Check if integer casted values are equal
if ((int)config.Value.Value == (int)systemSetting.Value)
{
// Setting is properly configured
details.Points++;
details.Output.Add(ConfigurationManager.Translate("AuditPolicy", config.Key, AuditSettingFormat[config.Value.Value]));
}
}
}
}
return(details);
}
private SectionDetails CreateSectionDetails(string label)
{
var sectionDetails = new SectionDetails {
Label = label
};
return(sectionDetails);
}
public Guid AddSection(Guid templateId, Guid dataEntrySectionId, SectionDetails details)
{
InjectIdentity();
var query = GetDependency <ITemplateQueryService>();
var cmd = GetDependency <ITemplateCommandService>();
return(cmd.AddSection(templateId, dataEntrySectionId, details));
}
private SectionDetails GetExistingSectionDetails(int TermCourseId)
{
SectionDetails sectionDetails = new SectionDetails();
sectionDetails.SectionInfos = dao.GetSectionsForTermCourse(TermCourseId);
sectionDetails.InstructorOptions = (List <InstructorOption>)Session["InstructorOptions"];
sectionDetails.RoomOptions = (List <RoomOption>)Session["RoomOptions"];
sectionDetails.TimeOptions = (List <TimeOption>)Session["TimeOptions"];
sectionDetails.TermCourseId = TermCourseId;
return(sectionDetails);
}
public ActionResult CreateNewSection(int TermCourseId)
{
SectionDetails sectionDetails = GetExistingSectionDetails(TermCourseId);
SectionInfo newSectionInfo = new SectionInfo();
newSectionInfo.ClassInfos = new List <ClassInfo>()
{
new ClassInfo()
};
sectionDetails.SectionInfos.Add(newSectionInfo);
return(PartialView("EditSectionDetails", sectionDetails));
}
public void UpdateSection(SectionDetails details)
{
InjectIdentity();
var query = GetDependency <ITemplateQueryService>();
var cmd = GetDependency <ITemplateCommandService>();
var agency = GetAgencies()[0];
var template = query.GetDefaultTemplate(agency.AgencyId, ModuleType.Incident);
var section = template.Sections[1];
section.Label += " Updated";
cmd.UpdateSection(section);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
SecurityPolicyManager.GetPasswordPolicy();
if (ConfigPolicy.EnforcePasswordHistory.IsScored &&
ConfigPolicy.EnforcePasswordHistory.Value.WithinBounds(SystemPolicy.EnforcePasswordHistory))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("EnforcePasswordHistory", SystemPolicy.EnforcePasswordHistory));
}
if (ConfigPolicy.MaxPasswordAge.IsScored &&
ConfigPolicy.MaxPasswordAge.Value.WithinBounds(SystemPolicy.MaximumPasswordAge))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("MaxPasswordAge", SystemPolicy.MaximumPasswordAge));
}
if (ConfigPolicy.MinPasswordAge.IsScored &&
ConfigPolicy.MinPasswordAge.Value.WithinBounds(SystemPolicy.MinimumPasswordAge))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("MinPasswordAge", SystemPolicy.MinimumPasswordAge));
}
if (ConfigPolicy.MinPasswordLength.IsScored &&
ConfigPolicy.MinPasswordLength.Value.WithinBounds(SystemPolicy.MinimumPasswordLength))
{
details.Points++;
details.Output.Add(TranslationManager.Translate("MinPasswordLength", SystemPolicy.MinimumPasswordLength));
}
string[] readableNames = new string[]
{
TranslationManager.Translate("Disabled"),
TranslationManager.Translate("Enabled")
};
if (ConfigPolicy.PasswordComplexity.IsScored && ConfigPolicy.PasswordComplexity.Value == SystemPolicy.PasswordComplexity)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("PasswordComplexity", readableNames[SystemPolicy.PasswordComplexity]));
}
if (ConfigPolicy.ReversibleEncryption.IsScored && ConfigPolicy.ReversibleEncryption.Value == SystemPolicy.ReversibleEncryption)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("ReversibleEncryption", readableNames[SystemPolicy.ReversibleEncryption]));
}
return(details);
}
public ActionResult CreateNewClass(int TermCourseId, int SectionId)
{
if (SectionId == 0)
{
return(RedirectToAction("CreateNewSection", new { TermCourseId = TermCourseId }));
}
else
{
SectionDetails sectionDetails = GetExistingSectionDetails(TermCourseId);
SectionInfo sectionInfo = sectionDetails.SectionInfos.Find(s => s.SectionId == SectionId);
sectionInfo.ClassInfos.Add(new ClassInfo());
return(PartialView("EditSectionDetails", sectionDetails));
}
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Get system's outbound rules
List <Rule> systemRules = Rule.GetOutboundRules();
// For each configured outbound rule
foreach (Rule rule in OutboundRules)
{
bool foundMatch = false;
// For each system rule
foreach (Rule systemRule in systemRules)
{
// If rules match
if (rule.Equals(systemRule))
{
foundMatch = true;
// Match was found, break loop
break;
}
}
// If match wasn't found, give points
if (!foundMatch)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("FirewallOutboundRule",
rule.Name,
rule.Group,
rule.Description,
rule.ProfileString,
rule.Enabled ? TranslationManager.Translate("Enabled") : TranslationManager.Translate("Disabled"),
rule.ActionString,
rule.ApplicationName,
rule.ServiceName,
rule.LocalAddresses,
rule.RemoteAddresses,
rule.Protocol,
rule.LocalPorts,
rule.RemotePorts));
}
}
return(details);
}
public Guid AddSection(Guid tempalteId, Guid dataEntrySectionId, SectionDetails details)
{
// Commented out until Module Permissions are Fixed. :(
//RequireModuleAccess(ModuleType.DataEntryDesigner);
// Lookup the Template
var template = _administrationUnitOfWork.Find <Template>(tempalteId);
// Create the Section
var section = template.CreateSection(dataEntrySectionId, details.Label);
UpdateSectionDetails(section, details);
// Commit
_administrationUnitOfWork.Commit();
return(section.Id);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Loop over all shares
foreach (KeyValuePair <string, bool> share in LocalShares)
{
if (ShareExists(share.Key) == share.Value)
{
details.Points++;
details.Output.Add(ConfigurationManager.Translate("Shares", share.Key, share.Value ? "Exists" : "Deleted"));
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Loop over all prohibited files
foreach (string filelocation in ProhibitedFiles)
{
// Get attributes of files, if -1 is returned, no file/directory/ADS was found
if (WinAPI.GetFileAttributes(filelocation) == -1)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("ProhibitedFiles", filelocation));
}
}
return(details);
}
public void UpdateSection(SectionDetails details)
{
// Commented out until Module Permissions are Fixed. :(
//RequireModuleAccess(ModuleType.DataEntryDesigner);
// Find the Section
var section = _administrationUnitOfWork.Find <Section>(details.Id);
// Clean the Section(The process for updating a section is to remove everything in it and recreate the subsections and fields.)
CleanSection(section);
// Update the Section's Details
UpdateSectionDetails(section, details);
// Commit
_administrationUnitOfWork.Commit();
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Loop over each process output
foreach (ProcessOutput processOutput in ProcessOutputs)
{
int exitCode;
string output;
// If process ran properly
if (processOutput.RunProcess(out exitCode, out output))
{
bool equals = false;
// For each comparison
foreach (IComparison comparison in processOutput.Comparisons)
{
string value = output;
// Comparison range needs exit code
if (comparison is ComparisonRange)
{
value = exitCode.ToString();
}
// If comparison matches, set as so
if (comparison.Equals(value))
{
equals = true;
}
}
if (processOutput.Matches == equals)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("ProcessCustomOutput", processOutput.CustomOutput));
}
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Loop over each custom file
foreach (CustomFile customFile in CustomFiles)
{
try
{
// If file doesn't exist, skip
if (!File.Exists(customFile.Path))
{
continue;
}
// Get file contents
string contents = File.ReadAllText(customFile.Path);
bool equals = false;
// For each comparison
foreach (IComparison comparison in customFile.Comparisons)
{
// If comparison equals, set as so
if (comparison.Equals(contents))
{
equals = true;
}
}
// If value equals status matches scoring, give points
if (customFile.Matches == equals)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("CustomFilesCustomOutput", customFile.CustomOutput));
}
}
catch { }
}
return(details);
}
public void UpdateSection()
{
var sectionDetails = _arrestTemplate.CreateSection(Guid.NewGuid(), "Organization Section Label");
_administrationUnitOfWork.Setup(item => item.Find <Section>(It.IsAny <Guid>(), It.IsAny <TrackingMode>(), It.IsAny <ThrowIf>()))
.Returns(sectionDetails);
var sectionDetailsToUpdate = new SectionDetails();
var subSection = new SubSection();
subSection.Fields = new List <Field>();
sectionDetailsToUpdate.SubSections = new List <SubSection>();
sectionDetailsToUpdate.Fields = new List <Field>();
subSection.Fields.Add(CreateField());
sectionDetailsToUpdate.SubSections.Add(subSection);
sectionDetailsToUpdate.Fields.Add(CreateField());
_templateCommandService.UpdateSection(sectionDetailsToUpdate);
_administrationUnitOfWork.Verify(mock => mock.Commit(It.IsAny <ConcurrencyMode>()), Times.Once);
sectionDetails.SubSections.Should().HaveCount(1);
sectionDetails.Fields.Should().HaveCount(2);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Gets services of local machine
ServiceController[] services = ServiceController.GetServices();
// Gets drivers of local machine
ServiceController[] drivers = ServiceController.GetDevices();
// Combine arrays
List <ServiceController> combined = new List <ServiceController>(services);
combined.AddRange(drivers);
// For each service info config
foreach (ServiceInfo info in Services)
{
// For each service on local machine
foreach (ServiceController service in combined)
{
// If config and service have matching names
if (info.Name == service.ServiceName)
{
// Check status and startup type
if (info.Status == ServiceInfo.Statuses[service.Status] &&
info.StartupType == ServiceInfo.StartupTypes[service.StartType])
{
// Set correctly, increment score and give message
details.Points++;
details.Output.Add(TranslationManager.Translate("Service", info.Name, info.Status, info.StartupType));
}
// Found match, stop looking
break;
}
}
}
return(details);
}
/// <summary>
/// Maps a view of a section to the target process.
/// </summary>
/// <param name="procHandle">Handle the process that the section will be mapped to.</param>
/// <param name="sectionHandle">Handle to the section.</param>
/// <param name="protection">What permissions to use on the view.</param>
/// <param name="addr">Optional parameter to specify the address of where to map the view.</param>
/// <param name="sizeData">Size of the view to map. Must be smaller than the max Section size.</param>
/// <returns>A struct containing address and size of the mapped view.</returns>
private static SectionDetails MapSection(IntPtr procHandle, IntPtr sectionHandle, uint protection, IntPtr addr, uint sizeData)
{
//Create an unsigned int to hold the value of NTSTATUS.
UIntPtr ntstatus = new UIntPtr();
//Copied so that they may be passed by reference but the original value preserved
IntPtr baseAddr = addr;
uint size = sizeData;
uint disp = 2;
uint alloc = 0;
//Returns an NTSTATUS value
Win32.NtDll.NTSTATUS result = DynamicInvoke.Native.NtMapViewOfSection(sectionHandle, procHandle, ref baseAddr, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero, ref size, disp, alloc,
protection);
//Create a struct to hold the results.
SectionDetails details = new SectionDetails(baseAddr, sizeData);
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
if (RemoteDesktopStatus.IsScored)
{
object sectionValue = RegistryManager.GetValue(RemoteDesktopStatus.Key, RemoteDesktopStatus.ValueName);
if (sectionValue != null)
{
int value = (int)sectionValue;
if (value == RemoteDesktopStatus.SelectedIndex)
{
details.Points++;
details.Output.Add(ConfigurationManager.Translate("RemoteDesktop", RemoteDesktopStatus.SelectedItem));
}
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Get windows features on system
List <WindowsFeature> systemFeatures = WindowsFeature.GetWindowsFeatures();
// For each configured windows feature
foreach (WindowsFeature scoredFeature in ScoredFeatures)
{
// For each system windows feature
foreach (WindowsFeature systemFeature in systemFeatures)
{
// If features have the same name (same features)
if (scoredFeature.Name == systemFeature.Name)
{
// If installation statuses are equal, give points
if (scoredFeature.Installed == systemFeature.Installed)
{
details.Points++;
if (scoredFeature.Installed)
{
details.Output.Add(TranslationManager.Translate("WindowsFeatureInstalled", scoredFeature.Name));
}
else
{
details.Output.Add(TranslationManager.Translate("WindowsFeatureNotInstalled", scoredFeature.Name));
}
}
// Found match, break loop
break;
}
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Loop over all score keys
foreach (RegistryKey registryKey in RegistryKeysScored)
{
string strValue;
// If can't get value, skip
if (!registryKey.TryGetRegistryValue(out strValue))
{
continue;
}
bool equals = false;
// For each comparison
foreach (IComparison comparison in registryKey.Comparisons)
{
// If comparison equals, set as so
if (comparison.Equals(strValue))
{
equals = true;
}
}
// If value equals status matches scoring, give points
if (registryKey.ValueEquals == equals)
{
details.Points++;
details.Output.Add(TranslationManager.Translate("RegistryKeyCustomOutput", registryKey.CustomOutput));
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
List <StartupInfo> systemStartups = new List <StartupInfo>();
// Get current startup infos
StartupInfo.GetStartupInfos(systemStartups);
// Create list of strings to contain string representations of startups
List <string> startups = new List <string>(systemStartups.Count);
// For each system startup info
foreach (StartupInfo info in systemStartups)
{
// Add string representation to list
startups.Add(info.ToString());
}
// For each startup info config
foreach (StartupInfo info in StartupInfos)
{
// Get string representation of startup info
// Used to compare against others
string infoString = info.ToString();
// If string doesn't exist within list
if (!startups.Contains(infoString))
{
// Increase score and add to output
details.Points++;
details.Output.Add(TranslationManager.Translate("Startup", info.Owner, info.Name, info.Command, info.StartupTypeString, info.Location));
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// If no configuration for this section, return empty details
if (Groups.Count == 0)
{
return(details);
}
// Create instance for communicating with active directory
using (PrincipalContext context = new PrincipalContext(ContextType.Machine))
{
// Create searcher for active directory
using (PrincipalSearcher searcher = new PrincipalSearcher(new GroupPrincipal(context)))
{
// For each group on the machine
foreach (GroupPrincipal group in searcher.FindAll())
{
// For each group config
foreach (GroupSettings settings in Groups)
{
// If enumerated settings is not for specified group, skip
if (group.Name != settings.GroupName)
{
continue;
}
// If number of members of group and config are inequal, skip
if (group.Members.Count != settings.Members.Count)
{
continue;
}
// Copy the list so we may remove elements
List <UserPrincipal> membersGroup = new List <UserPrincipal>(group.Members.Cast <UserPrincipal>());
bool groupsMatch = true;
// For each member config
foreach (IMember memberConfig in settings.Members)
{
// Member found that matches current config
UserPrincipal foundMember = null;
// For each member in the group
foreach (UserPrincipal member in membersGroup)
{
string identifier = "";
// Determine the id type and get identifier
switch (memberConfig.IDType)
{
case "Username":
identifier = member.SamAccountName;
break;
case "SID":
identifier = member.Sid.Value;
break;
}
// If identifier matches config
if (identifier == memberConfig.Identifier)
{
foundMember = member;
break;
}
}
// If no match was found, groups do not match
if (foundMember == null)
{
groupsMatch = false;
break;
}
// Member was found, remove from list
// for optimization and possible duplicates
membersGroup.Remove(foundMember);
}
// If groups match, output and give point
if (groupsMatch)
{
details.Points++;
// Get list of members' names separated by commas
string members = string.Join(", ", group.Members.Cast <UserPrincipal>().Select(x => x.SamAccountName));
details.Output.Add(ConfigurationManager.Translate("Group", settings.GroupName, members));
}
}
}
}
}
return(details);
}
public SectionDetails GetScore()
{
SectionDetails details = new SectionDetails(0, new List <string>(), this);
// Get firewall info
INetFwPolicy2 fwPolicy = GetFirewallPolicy();
// For each firewall profile in config
foreach (FirewallProfile profile in Profiles)
{
NET_FW_PROFILE_TYPE2_ type = profile.ProfileType;
// For each property in firewall profile
foreach (KeyValuePair <string, string> property in profile.Properties)
{
string systemValue = null;
// Get system value corresponding to property
switch (property.Key)
{
case "Firewall state":
bool fwEnabled = fwPolicy.FirewallEnabled[type];
if (fwEnabled)
{
systemValue = "On";
}
else
{
systemValue = "Off";
}
break;
case "Inbound connections":
if (fwPolicy.BlockAllInboundTraffic[type])
{
systemValue = "Block all connections";
}
else if (fwPolicy.DefaultInboundAction[type] == NET_FW_ACTION_.NET_FW_ACTION_BLOCK)
{
systemValue = "Block";
}
else
{
systemValue = "Allow";
}
break;
case "Outbound connections":
if (fwPolicy.DefaultOutboundAction[type] == NET_FW_ACTION_.NET_FW_ACTION_BLOCK)
{
systemValue = "Block";
}
else
{
systemValue = "Allow";
}
break;
case "Display a notification":
if (fwPolicy.NotificationsDisabled[type])
{
systemValue = "No";
}
else
{
systemValue = "Yes";
}
break;
case "Allow unicast response":
if (fwPolicy.UnicastResponsesToMulticastBroadcastDisabled[type])
{
systemValue = "No";
}
else
{
systemValue = "Yes";
}
break;
}
// If no value was assigned, unknown property. Skip
if (systemValue == null)
{
continue;
}
// Check if config and system values match
if (systemValue == property.Value)
{
switch (systemValue)
{
case "On": systemValue = TranslationManager.Translate("On"); break;
case "Off": systemValue = TranslationManager.Translate("Off"); break;
case "Allow": systemValue = TranslationManager.Translate("Allow"); break;
case "Block": systemValue = TranslationManager.Translate("Block"); break;
case "Block all connections": systemValue = TranslationManager.Translate("BlockAll"); break;
case "Yes": systemValue = TranslationManager.Translate("Yes"); break;
case "No": systemValue = TranslationManager.Translate("No"); break;
}
details.Points++;
details.Output.Add(TranslationManager.Translate("FirewallProfileProperty", profile.Profile, property.Key, systemValue));
}
}
}
return(details);
}
