public void Config(BeSafeConfig config, PipeServer pipeServer, bool stoppingService) { bool stateResult = (((config?.ComponentsState.ProcessWatcher == true) && (stoppingService == false)) ? _processWatcher.Start() : _processWatcher.Stop()); }
public void Config(BeSafeConfig config, PipeServer pipeServer, bool stoppingService) { _config = config; _pipeServer = pipeServer; if ((config != null) && (config.ComponentsState.SecureVolume) && (stoppingService == false)) { _secureDrive.FileAccessRequestEvent += OnFileAccessRequestEvent; string mappedDriveLetter = _secureDrive.MapDrive(config.SecureVolumePath); _driveView = new DriveView(mappedDriveLetter); _driveView.SetDriveIcon($"{System.Reflection.Assembly.GetEntryAssembly().Location}"); } else { DriveInfo beSafeDriveInfo = ServiceUtils.GetBeSafeDriveLetter(); if (beSafeDriveInfo == null) { return; } _secureDrive.UnmapDrive(beSafeDriveInfo.Name); new DriveView(beSafeDriveInfo.Name).RemoveDriveView(); } }
public static bool LoadConfigToFile(Setting settingForm) { BeSafeConfig beSafeConfig = new BeSafeConfig(PathUtils.ConfigFilePath); bool loadConfigResult = beSafeConfig.Load(); if (!loadConfigResult) { return(false); } beSafeConfig.ComponentsState.ProcessWatcher = settingForm.chbProcessWatcher.Checked; beSafeConfig.ComponentsState.ModuleWatcher = settingForm.chbmoduleWatcher.Checked; beSafeConfig.ComponentsState.DirectoryWatcher = settingForm.chbDirectoryWatcher.Checked; beSafeConfig.ComponentsState.RegistryWatcher = settingForm.chbRegistryWatcher.Checked; beSafeConfig.ComponentsState.YaraEngine = settingForm.chbYaraEngine.Checked; beSafeConfig.ComponentsState.SecureVolume = settingForm.chbSecureVolume.Checked; beSafeConfig.ComponentsState.StaticScanEngine = settingForm.chbStaticEngine.Checked; beSafeConfig.ComponentsState.DynamicScanEngine = settingForm.chbDynamicEngine.Checked; beSafeConfig.ComponentsState.FightWithThreats = settingForm.chbFightWithThreats.Checked; beSafeConfig.ComponentsState.VirusTotalEngine = settingForm.chbVirusTotalEngine.Checked; beSafeConfig.Save(); return(true); }
public static void ManageComponentsState(BeSafeConfig configuration, PipeServer pipeServer, bool stoppingService) { ProcessRegulator.Instance().Config(configuration, pipeServer, stoppingService); ModuleRegulator.Instance().Config(configuration, pipeServer, stoppingService); DirectoryRegulator.Instance().Config(configuration, pipeServer, stoppingService); RegistryRegulator.Instance().Config(configuration, pipeServer, stoppingService); SecureVolumeRegulator.Instance().Config(configuration, pipeServer, stoppingService); }
private bool ConfigApplier() { BeSafeConfig configiguration = ConfigLoader.Instance().LoadConfig(); if (configiguration != null) { ServiceUtils.SystemHiddenDirectory(configiguration.SecureVolumePath); ComponentRegulator.ManageComponentsState(configiguration, pipeServer, false); return(true); } return(false); }
public BeSafeConfig LoadConfig() { if (_beSafeConfig == null) { string settingFilePath = new ServiceSetting().RetriveConfigFilePath(); if (!File.Exists(settingFilePath)) { return(null); } _beSafeConfig = new BeSafeConfig(settingFilePath); } _beSafeConfig.Load(); return(_beSafeConfig); }
public void Config(BeSafeConfig config, PipeServer pipeServer, bool stoppingService) { _config = config; _pipeServer = pipeServer; bool stateResult; if ((config?.ComponentsState.RegistryWatcher == true) && (stoppingService == false)) { _directoryWatcher = new DirectoryWatcher(new List <string> { }); _directoryWatcher.DirectoryChanged += DirectoryChanged; stateResult = _directoryWatcher.Start(); Task.Run(() => StackScanner(_changedDirectoryQueue)); return; } stateResult = _directoryWatcher?.Stop() ?? false; }
public string MapDrive(string virtualPath) { if (string.IsNullOrEmpty(virtualPath)) { throw new ArgumentNullException(nameof(virtualPath)); } try { string beSafeDriveLetter = CheckPathAlreadyMapped(virtualPath); if (!string.IsNullOrEmpty(beSafeDriveLetter)) { return(beSafeDriveLetter); } string unusedDriveLetter = FirstUnusedDriveLetter(); string normalizedDriveLetter = NormalizeDriveLetter(unusedDriveLetter); Task.Run(() => { BeSafeConfig config = ConfigLoader.Instance().LoadConfig(); IPluginProxy pluginRegulator = new PluginProxy(config); _virtualDriveImpl = new BeSafeFileSystemImpl(virtualPath, pluginRegulator); _virtualDriveImpl.FileAccessRequest += FileAccessRequestEvent; _virtualDriveImpl.Mount(normalizedDriveLetter, DokanOptions.FixedDrive, NumberOfThradsToManageFileSystem); }); return(normalizedDriveLetter); } catch (Exception ex) { ex.Log(ExceptionType.SecureVolume, "Can not mount virtual drive"); return(null); } }
public PluginProxy(BeSafeConfig config) { _config = config; }
public static PluginProxy Instance(BeSafeConfig config) => (SingletonInstance ?? (SingletonInstance = new PluginProxy(config)));
public void Config(BeSafeConfig config, PipeServer pipeServer, bool stoppingService) { _config = config; _pipeServer = pipeServer; bool stateResult; if ((config?.ComponentsState.RegistryWatcher == true) && (stoppingService == false)) { string userSID = config.UserSID; _registryWatcher = new RegistryWatcher(new List <RegistryMonitorPath> { // CurrentUser keys new RegistryMonitorPath { RegistryHive = RegistryHive.Users, RegistryKeyPath = $@"{userSID}\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" }, new RegistryMonitorPath { RegistryHive = RegistryHive.Users, RegistryKeyPath = $@"{userSID}\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" }, new RegistryMonitorPath { RegistryHive = RegistryHive.Users, RegistryKeyPath = $@"{userSID}\Software\Microsoft\Windows\CurrentVersion\RunServices" }, new RegistryMonitorPath { RegistryHive = RegistryHive.Users, RegistryKeyPath = $@"{userSID}\Software\Microsoft\Windows\CurrentVersion\Run" }, new RegistryMonitorPath { RegistryHive = RegistryHive.Users, RegistryKeyPath = $@"{userSID}\Software\Microsoft\Windows\CurrentVersion\RunOnce" }, // LocalMachine keys new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\RunServices" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\RunServicesOnce" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\Run" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\Microsoft\Windows\CurrentVersion\RunOnce" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"SOFTWARE\Classes\cplfile\shell\cplopen\command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"SOFTWARE\Classes\batfile\shell\open\command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\CLASSES\comfile\shell\open\command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\CLASSES\exefile\shell\open\command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\CLASSES\htafile\Shell\Open\Command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"Software\CLASSES\piffile\shell\open\command" }, new RegistryMonitorPath { RegistryHive = RegistryHive.LocalMachine, RegistryKeyPath = @"SOFTWARE\Classes\scrfile\shell\open\command" }, }); _registryWatcher.ValueChanged += ValueChangedArrived; stateResult = _registryWatcher.Start(); Task.Run(() => StackScanner(_changedValuesStack)); return; } stateResult = _registryWatcher?.Stop() ?? false; }