public ActionResult RunAnalysis(string first_id, string second_id)
{
CompareCommandOptions opts = new CompareCommandOptions();
opts.FirstRunId = first_id;
opts.SecondRunId = second_id;
foreach (BaseCompare c in AttackSurfaceAnalyzerCLI.GetComparators())
{
// The GUI *should* prevent us from getting here. But this is extra protection.
// We won't start new collections while existing ones are ongoing.
if (c.IsRunning() == RUN_STATUS.RUNNING)
{
return(Json("Comparators already running!"));
}
}
using (var cmd = new SqliteCommand(SQL_CHECK_IF_COMPARISON_PREVIOUSLY_COMPLETED, DatabaseManager.Connection, DatabaseManager.Transaction))
{
cmd.Parameters.AddWithValue("@base_run_id", opts.FirstRunId);
cmd.Parameters.AddWithValue("@compare_run_id", opts.SecondRunId);
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
return(Json("Using cached comparison calculations."));
}
}
}
Task.Factory.StartNew <Dictionary <string, object> >(() => AttackSurfaceAnalyzerCLI.CompareRuns(opts));
return(Json("Started Analysis"));
}
public ActionResult GetComparators()
{
Dictionary <string, RUN_STATUS> dict = new Dictionary <string, RUN_STATUS>();
foreach (BaseCompare c in AttackSurfaceAnalyzerCLI.GetComparators())
{
var fullString = c.GetType().ToString();
var splits = fullString.Split('.');
dict.Add(splits[splits.Count() - 1], c.IsRunning());
}
//@TODO: Also return the RunId
return(Json(JsonConvert.SerializeObject(dict)));
}
private IEnumerable <DataRunModel> GetRunModels()
{
List <string> Runs = AttackSurfaceAnalyzerCLI.GetRuns("collect");
List <DataRunModel> runModels = new List <DataRunModel>();
for (int i = 0; i < Runs.Count(); i++)
{
runModels.Add(new DataRunModel {
Key = Runs[i], Text = Runs[i]
});
}
return(runModels);
}
public ActionResult StartCollection(string Id, bool File, bool Port, bool Service, bool User, bool Registry, bool Certificates)
{
CollectCommandOptions opts = new CollectCommandOptions();
opts.RunId = Id.Trim();
opts.EnableFileSystemCollector = File;
opts.EnableNetworkPortCollector = Port;
opts.EnableServiceCollector = Service;
opts.EnableRegistryCollector = Registry;
opts.EnableUserCollector = User;
opts.EnableCertificateCollector = Certificates;
opts.DatabaseFilename = "asa.sqlite";
opts.FilterLocation = "Use embedded filters.";
Dictionary <string, bool> dict = new Dictionary <string, bool>();
foreach (BaseCollector c in AttackSurfaceAnalyzerCLI.GetCollectors())
{
// The GUI *should* prevent us from getting here. But this is extra protection.
// We won't start new collections while existing ones are ongoing.
if (c.IsRunning() == RUN_STATUS.RUNNING)
{
return(Json(ERRORS.ALREADY_RUNNING));
}
}
AttackSurfaceAnalyzerCLI.ClearCollectors();
string Select_Runs = "select run_id from runs where run_id=@run_id";
using (var cmd = new SqliteCommand(Select_Runs, DatabaseManager.Connection, DatabaseManager.Transaction))
{
cmd.Parameters.AddWithValue("@run_id", Id);
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
return(Json(ERRORS.UNIQUE_ID));
}
}
}
Task.Factory.StartNew <int>(() => AttackSurfaceAnalyzerCLI.RunCollectCommand(opts));
return(Json(ERRORS.NONE));
}
public ActionResult GetCollectors()
{
Dictionary <string, RUN_STATUS> dict = new Dictionary <string, RUN_STATUS>();
string RunId = AttackSurfaceAnalyzerCLI.GetLatestRunId();
//TODO: Improve this to not have to change this variable on every loop, without having to call GetCollectors twice.
foreach (BaseCollector c in AttackSurfaceAnalyzerCLI.GetCollectors())
{
var fullString = c.GetType().ToString();
var splits = fullString.Split('.');
dict.Add(splits[splits.Count() - 1], c.IsRunning());
}
Dictionary <string, object> output = new Dictionary <string, object>();
output.Add("RunId", RunId);
output.Add("Runs", dict);
//@TODO: Also return the RunId
return(Json(JsonConvert.SerializeObject(output)));
}
public ActionResult StartMonitoring(string RunId, string Directory, string Extension)
{
using (var cmd = new SqliteCommand(INSERT_RUN, DatabaseManager.Connection, DatabaseManager.Transaction))
{
cmd.Parameters.AddWithValue("@run_id", RunId.Trim());
cmd.Parameters.AddWithValue("@file_system", true);
cmd.Parameters.AddWithValue("@ports", false);
cmd.Parameters.AddWithValue("@users", false);
cmd.Parameters.AddWithValue("@services", false);
cmd.Parameters.AddWithValue("@registry", false);
cmd.Parameters.AddWithValue("@certificates", false);
cmd.Parameters.AddWithValue("@firewall", false);
cmd.Parameters.AddWithValue("@comobjects", false);
cmd.Parameters.AddWithValue("@type", "monitor");
cmd.Parameters.AddWithValue("@timestamp", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"));
cmd.Parameters.AddWithValue("@version", Helpers.GetVersionString());
cmd.Parameters.AddWithValue("@platform", Helpers.GetPlatformString());
try
{
cmd.ExecuteNonQuery();
DatabaseManager.Commit();
}
catch (Exception e)
{
Log.Warning(e.StackTrace);
Log.Warning(e.Message);
return(Json((int)ERRORS.UNIQUE_ID));
}
}
MonitorCommandOptions opts = new MonitorCommandOptions
{
RunId = RunId,
EnableFileSystemMonitor = true,
MonitoredDirectories = Directory,
FilterLocation = "filters.json"
};
AttackSurfaceAnalyzerCLI.ClearMonitors();
return(Json((int)AttackSurfaceAnalyzerCLI.RunGuiMonitorCommand(opts)));
}
public ActionResult WriteScanJson(int ResultType, string BaseId, string CompareId, bool ExportAll, string OutputPath)
{
AttackSurfaceAnalyzerCLI.WriteScanJson(ResultType, BaseId, CompareId, ExportAll, OutputPath);
return(Json(true));
}
public ActionResult WriteMonitorJson(string RunId, int ResultType, string OutputPath)
{
AttackSurfaceAnalyzerCLI.WriteMonitorJson(RunId, ResultType, OutputPath);
return(Json(true));
}
public ActionResult StopMonitoring()
{
return(Json(AttackSurfaceAnalyzerCLI.StopMonitors()));
}
public ActionResult GetLatestRunId()
{
return(Json(AttackSurfaceAnalyzerCLI.GetLatestRunId()));
}
