Esempio n. 1
0
        public static void StopResearch(string id)
        {
            Int32 researchId = Convert.ToInt32(id);
            //Приведение таблтцы [dbo].[events] в актуальное состояние
            //int res1 = ResearchManager.UpdateEnents(researchId);
            if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.EXECUTING)
            {
                SandBox.Db.Research research = ResearchManager.GetResearch(researchId);
                MLogger.LogTo(Level.TRACE, false, "Stop research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by stop event '");
                ResearchManager.UpdateResearchState(researchId, ResearchState.COMPLETING);

                //Останаливаем виртуалку
                String machineName = VmManager.GetVmName(research.VmId);
                Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
                SendPacket(packet.ToByteArray());

                //Добавил---
                ResearchManager.UpdateResearchStopTime(research.Id);
                ResearchManager.UpdateResearchState(research.Id, ResearchState.COMPLETED);
                //----------
                int res1 = ResearchManager.UpdateEnents(researchId);
            }
            else
            {
                MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to stop research '" /*+ ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research already stopped"*/);
            }
            //Приведение таблтцы [dbo].[events] в актуальное состояние
            int res = ResearchManager.UpdateEnents(researchId);
        }
Esempio n. 2
0
 private void GetVmStatus(Int32 id)
 {
     String machineName = VmManager.GetVmName(id);
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     _client.Send(packet.ToByteArray());
 }
Esempio n. 3
0
 private static void GetVmStatus(String machineName)
 {
     MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     _client.Send(packet.ToByteArray());
 }
Esempio n. 4
0
 protected void BtnCreateClick(object sender, EventArgs e)
 {
     LValidation.Visible = false;
     if (tbLir.Text != String.Empty)
     {
         String newName = (tbLir.Text).Replace(" ", "_");
         if (!IsNameInBase(newName))
         {
             Vm etalon = VmManager.GetVm(Convert.ToInt32(cbEtalon.Value));
             String etalonName = etalon.Name;
             Int32 etalonEnvType = Convert.ToInt32(etalon.EnvType);
             VmManager.AddVm(newName, 2, etalon.System, UserId, etalonEnvType);
             Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
             packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
             packet.AddParameter(Encoding.UTF8.GetBytes(newName));
             SendPacket(packet.ToByteArray());
             //Vm newVm = VmManager.GetVm(newName);
             VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
             Response.Redirect("~/Pages/Information/Resources.aspx");
         }
         else
         {
             LValidation.Visible = true;
             LValidation.ForeColor = System.Drawing.Color.Red;
             LValidation.Text = "Такое имя уже сущеcтвует!";
         }
     }
     else
     {
         LValidation.Visible = true;
         LValidation.ForeColor = System.Drawing.Color.Red;
         LValidation.Text = "Имя не может быть пустым!";
     }
 }
Esempio n. 5
0
 public static void StartVm(Int32 id)
 {
     String machineName = VmManager.GetVmName(id);
     Debug.Print("Start vm: " + machineName);
     Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     SendPacket(packet.ToByteArray());
 }
Esempio n. 6
0
 public static void FolowMalware(string id)
 {
     Int32 malwareId = Convert.ToInt32(id);
     String malwarePath = MlwrManager.GetPath(malwareId);
     Packet packet = new Packet { Type = PacketType.OBJECT_FOLLOW, Direction = PacketDirection.REQUEST };
     packet.AddParameter(new byte[] { 0x02 });
     packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
     _client.Send(packet.ToByteArray());
 }
Esempio n. 7
0
 protected void BtnLoadClick(object sender, EventArgs e)
 {
     Int32 malwareId = Convert.ToInt32(Session["malwareId"]);
     if (malwareId == 0) return;
     String malwarePath = MlwrManager.GetPath(malwareId);
     Packet packet = new Packet { Type = PacketType.MALWARE_LOAD, Direction = PacketDirection.REQUEST };
     packet.AddParameter(new byte[] { 0x02 });
     packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
     _client.Send(packet.ToByteArray());
 }
Esempio n. 8
0
 protected void ASPxButton2_Click(object sender, EventArgs e)
 {
     var mlwr = MlwrManager.GetMlwr(mlwrID);
     string outFileName = String.Format("{0}_inetCheck.report", mlwrID);
     Packet packet = new Packet { Type = PacketType.CDM_MLWR_NETCHECK, Direction = PacketDirection.REQUEST };//CDM_MLWR_NETCHECK   = 0xD8 Отправить впо на проверку в инет
     packet.AddParameter(Encoding.UTF8.GetBytes(String.Format("{0}",mlwrID)));
     packet.AddParameter(Encoding.UTF8.GetBytes(outFileName));
     packet.AddParameter(Encoding.UTF8.GetBytes(mlwr.Name));
     SendPacket(packet.ToByteArray());
     Timer1.Enabled = true;
     ASPxButton2.Enabled = false;
 }
Esempio n. 9
0
        public static void StopVm(Int32 id)
        {
            Vm vm = VmManager.GetVm(id);

            if (vm != null)
            {
                Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
                SendPacket(packet.ToByteArray());

                if (vm.EnvType == 0)
                    TryDeleteVm(vm.Id);
            }
        }
Esempio n. 10
0
        public static void StopVm(Int32 id)
        {
            Vm vm = VmManager.GetVm(id);

            if (vm != null)
            {
                if (vm.EnvType == (int)VmManager.LIRType.LIR)
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_STOP_LIR, Direction = PacketDirection.REQUEST };
                    byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
                    packet.AddParameter(new[] { envIdBytes[0] });
                    SendPacket(packet.ToByteArray());
                }
                else
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                    packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
                    SendPacket(packet.ToByteArray());
                    if (vm.EnvType == 0) TryDeleteVm(vm.Id);
                }
            }
        }
Esempio n. 11
0
 private void CreateVm(String etalonName, String newName, Int32 type, Int32 system, Int32 userId)
 {
     VmManager.AddVm(newName, type, system, userId);
     UpdateTable();
     Packet packet = new Packet { Type = PacketType.VM_CREATE, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
     packet.AddParameter(Encoding.UTF8.GetBytes(newName));
     SendPacket(packet.ToByteArray());
 }
Esempio n. 12
0
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало списка файлов в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 /// <param name="root">начальный каталог для получения списка файлов</param>
 protected static void SendGetFiles(int id, String root = "c:\\windows\\*")
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_FILES, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     packet1.AddParameter(Encoding.UTF8.GetBytes(root));
     SendPacket(packet1.ToByteArray());
 }
Esempio n. 13
0
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало записи списка процессов в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 protected static void SendGetProcess(int id)
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_PROCESSES, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     SendPacket(packet1.ToByteArray());
 }
Esempio n. 14
0
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало списка записей реестра в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 /// <param name="subkey">подветка реестра (здесь уже если надо указать нужно писать строкой к примеру "Software")</param>
 /// <param name="rowStartKeyBytes">ветка реестра (0 - HKEY_CLASSES_ROOT, 1- HKEY_CURRENT_USER, 2 - HKEY_LOCAL_MACHINE, 3 - HKEY_USERS, 4 -HKEY_CURRENT_CONFIG;)</param>
 protected static void SendGetRegs(int id, String subkey = "",int rowStartKeyBytes = 2)
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     byte[] startKeyBytes = BitConverter.GetBytes(rowStartKeyBytes);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_REGS, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     packet1.AddParameter(new[] { startKeyBytes[0] });
     packet1.AddParameter(Encoding.UTF8.GetBytes(subkey));
     SendPacket(packet1.ToByteArray());
 }
Esempio n. 15
0
        private void GetVmStatus(Int32 id)
        {
            String machineName = VmManager.GetVmName(id);
            MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);

            VmManager.UpdateVmState(id, (Int32)VmManager.State.UPDATING);

            Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
            packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
            SendPacket(packet.ToByteArray());
        }
Esempio n. 16
0
        private static void TryDeleteVm(Int32 id)
        {
            String machineName = VmManager.GetVmName(id);
            Packet packet = new Packet { Type = PacketType.CMD_VM_DELETE, Direction = PacketDirection.REQUEST };
            packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
            SendPacket(packet.ToByteArray());

            VmManager.DeleteVm(id);
        }
Esempio n. 17
0
 /// <summary>
 /// Отправка пакета с информацией о паре id исследования и id среды
 /// </summary>
 /// <param name="rschId">id исследования</param>
 /// <param name="envId">id среды</param>
 protected static void SendInfoRschIdEnvId(int rschId, int envId)
 {
     Packet packet = new Packet { Type = PacketType.INF_RSCHID_ENVID, Direction = PacketDirection.REQUEST };
     byte[] rschIdBytes = BitConverter.GetBytes(rschId);
     byte[] envIdBytes = BitConverter.GetBytes(envId);
     packet.AddParameter(new[] { rschIdBytes[0] });
     packet.AddParameter(new[] { envIdBytes[0] });
     SendPacket(packet.ToByteArray());
 }
Esempio n. 18
0
        public static void StartResearch(string id)
        {
            Int32 researchId = Convert.ToInt32(id);

            if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.READY)
            {
                MLogger.LogTo(Level.TRACE, false, "Start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "'");
                ResearchManager.UpdateResearchState(researchId, ResearchState.STARTING);

                //**---------------------------------------
                Vm vm = VmManager.GetVm(ResearchManager.GetResearch(researchId).VmId);
                byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
                Mlwr mlwr = MlwrManager.GetMlwr(ResearchManager.GetResearch(researchId).MlwrId);

                Packet packet1 = new Packet { Type = PacketType.CMD_SET_TARGET, Direction = PacketDirection.REQUEST };
                packet1.AddParameter(new[] { envIdBytes[0] });
                packet1.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet1.ToByteArray());

                Packet packet2 = new Packet { Type = PacketType.CMD_SET_OBJECT, Direction = PacketDirection.REQUEST };
                packet2.AddParameter(new[] { envIdBytes[0] });
                packet2.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet2.ToByteArray());
                //***********************Посылаем пакет с иформацей о соответствии идентификатора среды и исследования
                //SendInfoRschIdEnvId(researchId, vm.EnvId);
                //****Установка дополнительных параметров

                IQueryable<Task> tasks = TaskManager.GetTasks(researchId);
                foreach (var task in tasks)
                {
                    Packet packet = new Packet {Direction = PacketDirection.REQUEST};

                    switch (task.Type)
                    {
                        case (Int32)TaskState.HIDE_FILE:
                            packet.Type = PacketType.CMD_HIDE_AND_LOCK;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.LOCK_FILE:
                            packet.Type = PacketType.CMD_LOCK_DELETE;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.HIDE_REGISTRY:
                            packet.Type = PacketType.CMD_HIDE_REGISTRY;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.HIDE_PROCESS:
                            packet.Type = PacketType.CMD_HIDE_PROCESS;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_SIGNATURE:
                            packet.Type = PacketType.CMD_SET_SIGNATURE;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_EXTENSION:
                            packet.Type = PacketType.CMD_SET_EXTENSION;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_BANDWIDTH:
                            String ip = vm.EnvIp;
                            Int32 bandwidth = Convert.ToInt32(task.Value);
                            packet.Type = PacketType.CMD_SET_BANDWIDTH;
                            packet.AddParameter(Encoding.UTF8.GetBytes(ip));
                            packet.AddParameter(BitConverter.GetBytes(bandwidth));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.GET_PROCESS:
                            {
                                SendGetProcess(researchId);
                                break;
                            }
                        case (Int32)TaskState.GET_FILES:
                            {
                                SendGetFiles(researchId, task.Value);
                                break;
                            }
                        case (Int32)TaskState.GET_REGS:
                            {
                                Int32 key = Convert.ToInt32(task.Value.Substring(0,1));
                                string subKey = "";
                                if(task.Value.Length>1)
                                {
                                    subKey = task.Value.Substring(1, task.Value.Length-1);
                                }
                                SendGetRegs(researchId, subKey, key);
                                break;
                            }
                    }
                    //SendPacket(packet.ToByteArray());
                }

                //****
                Packet packet3 = new Packet { Type = PacketType.CMD_LOAD_MALWARE, Direction = PacketDirection.REQUEST };
                packet3.AddParameter(new[] { envIdBytes[0] });
                packet3.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet3.ToByteArray());
                //**---------------------------------------

                ResearchManager.UpdateResearchState(researchId, ResearchState.EXECUTING);
                ResearchManager.UpdateResearchStartTime(researchId); //?? Должно быть выше
            }
            else
            {
                MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research not ready");
            }
        }
Esempio n. 19
0
 public static byte[] ToByteArray(Packet message)
 {
     return message.ToByteArray();
 }
Esempio n. 20
0
 private void BtnClientSendClick(object sender, EventArgs e)
 {
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(tbClientMessage.Text));
     _client.Send(packet.ToByteArray());
 }
Esempio n. 21
0
        protected bool CreateOrStartVm(String VmName,String NewName)
        {
            Vm baseVm = VmManager.GetVm(VmName);

            if (baseVm.Type == 1)
            {

                String newName = NewName;//

                Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
                packet.AddParameter(Encoding.UTF8.GetBytes(newName));
                SendPacket(packet.ToByteArray());
                //Vm newVm = VmManager.GetVm(newName);
                VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
                return false;
            }
            else
            {
                if (baseVm.State == Convert.ToInt32(VmManager.State.STARTED))
                {
                    return true;
                }
                else
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
                    packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
                    SendPacket(packet.ToByteArray());
                    return false;
                }
            }
        }