C# (CSharp) RegistryQueryの例

コード例 #1

ファイル: UninstallCommandExec.cs プロジェクト: yuchong-pan/cli-lab

 private static IEnumerable <Bundle> GetAllBundles()
 {
     if (RuntimeInfo.RunningOnWindows)
     {
         return(RegistryQuery.GetInstalledBundles());
     }
     else if (RuntimeInfo.RunningOnOSX)
     {
         return(FileSystemExplorer.GetInstalledBundles());
     }
     else
     {
         throw new OperatingSystemNotSupportedException();
     }
 }

コード例 #2

ファイル: ListCommandExec.cs プロジェクト: yuchong-pan/cli-lab

 public static void Execute()
 {
     if (RuntimeInfo.RunningOnWindows)
     {
         Execute(
             RegistryQuery.GetInstalledBundles(),
             Windows.SupportedBundleTypeConfigs.SupportedBundleTypes);
     }
     else if (RuntimeInfo.RunningOnOSX)
     {
         Execute(
             FileSystemExplorer.GetInstalledBundles(),
             MacOs.SupportedBundleTypeConfigs.SupportedBundleTypes);
     }
     else
     {
         throw new OperatingSystemNotSupportedException();
     }
 }

コード例 #3

 internal void TestIsNetCoreBundleAccept(string input)
 {
     RegistryQuery.IsNetCoreBundle(input, "0.0", "mockuninstall.exe", "0.0")
     .Should()
     .BeTrue();
 }

コード例 #4

ファイル: Program.cs プロジェクト: superuser5/SLib

        static void Main(string[] args)
        {
            Filesystem fsChecks = new Filesystem();

            Generic.SandboxRes fsRes1 = fsChecks.checkFiles();
            Console.WriteLine("[+] Filesystem detection methods");
            Console.WriteLine("   [-] Check if specific files exist");
            Console.WriteLine("     [*] Is sandbox? " + fsRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in fsRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Generic.SandboxRes fsRes2 = fsChecks.checkDirectories();
            Console.WriteLine("   [-] Check if specific directories are present");
            Console.WriteLine("     [*] Is sandbox? " + fsRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in fsRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes fsRes3 = fsChecks.checkExePath();
            Console.WriteLine("   [-] Check if full path to the executable contains one of the specific strings &\n" +
                              "       Check if the executable is run from specific directory");
            Console.WriteLine("     [*] Is sandbox? " + fsRes3.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in fsRes3.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes fsRes4 = fsChecks.checkExeRoot();
            Console.WriteLine("   [-] Check if the executable files with specific names are present in physical disk drives' root");
            Console.WriteLine("     [*] Is sandbox? " + fsRes4.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in fsRes4.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Console.WriteLine();
            RegistryQuery rQuery = new RegistryQuery();

            Console.WriteLine("[+] Registry detection methods");
            Generic.SandboxRes rQueryRes1 = rQuery.checkPath();
            Console.WriteLine("   [-] Check if particular registry paths exist");
            Console.WriteLine("     [*] Is sandbox? " + rQueryRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in rQueryRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes rQueryRes2 = rQuery.checkKeyValue();
            Console.WriteLine("   [-] Check if particular registry keys contain specified strings");
            Console.WriteLine("     [*] Is sandbox? " + rQueryRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in rQueryRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            OsChecks osCheck = new OsChecks();

            Console.WriteLine("[+] Detection via generic OS checks");
            Generic.SandboxRes osCheckRes1 = osCheck.checkUsername();
            Console.WriteLine("   [-] Check if username is specific");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes2 = osCheck.checkComputerName();
            Console.WriteLine("   [-] Check if computer name is specific");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes3 = osCheck.checkHostName();
            Console.WriteLine("   [-] Check if host name is specific");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes3.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes3.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes4 = osCheck.checkComputerRAM();
            Console.WriteLine("   [-] Check if total RAM is low");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes4.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes4.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes5 = osCheck.checkScreenRes();
            Console.WriteLine("   [-] Check if screen resolution is non-usual for host OS");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes5.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes5.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes6 = osCheck.checkNProcessors();
            Console.WriteLine("   [-] Check if number of processors is low");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes6.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes6.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes7 = osCheck.checkNScreens();
            Console.WriteLine("   [-] Check if quantity of monitors is small");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes7.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes7.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes8 = osCheck.checkHDSize();
            Console.WriteLine("   [-] Check if hard disk drive size and free space are small");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes8.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes8.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes osCheckRes9 = osCheck.checkSystemUptime();
            Console.WriteLine("   [-] Check if system uptime is small");
            Console.WriteLine("     [*] Is sandbox? " + osCheckRes9.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osCheckRes9.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            //Generic.SandboxRes osCheckRes10 = osCheck.checkBootVirtual();
            //Console.WriteLine("   [-] Check if os was boot from virtual hard disk");
            //Console.WriteLine("     [*] Is sandbox? " + osCheckRes10.isSandbox.ToString());
            //foreach (Generic.SandboxTag tag in osCheckRes10.tagList)
            //{
            //    Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            //}

            Console.WriteLine();
            GlobalObjects gObjects = new GlobalObjects();

            Console.WriteLine("[+] Global objects detection methods");
            Generic.SandboxRes gObjects1 = gObjects.checkGlobalMutexes();
            Console.WriteLine("   [-] Check for specific global mutexes");
            Console.WriteLine("     [*] Is sandbox? " + gObjects1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in gObjects1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            UiArtifacts uiArtifact = new UiArtifacts();

            Console.WriteLine("[+] UI artifacts detection methods");
            Generic.SandboxRes uiArtifactRes1 = uiArtifact.checkWindowTitle();
            Console.WriteLine("   [-] Check if windows with certain class names are present in the OS");
            Console.WriteLine("     [*] Is sandbox? " + uiArtifactRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in uiArtifactRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes uiArtifactRes2 = uiArtifact.checkNWindows();
            Console.WriteLine("   [-] Check if windows with certain class names are present in the OS");
            Console.WriteLine("     [*] Is sandbox? " + uiArtifactRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in uiArtifactRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            OsFeatures osFeature = new OsFeatures();

            Console.WriteLine("[+] OS features detection methods");
            Generic.SandboxRes osFeatureRes1 = osFeature.checkDebugPrivs();
            Console.WriteLine("   [-] Checking debug privileges");
            Console.WriteLine("     [*] Is sandbox? " + osFeatureRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in osFeatureRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            Processes processHelper = new Processes();

            Console.WriteLine("[+] Processes and libraries detection methods");
            Generic.SandboxRes processRes1 = processHelper.checkProcessName();
            Console.WriteLine("   [-] Check specific running processes and loaded libraries");
            Console.WriteLine("     [*] Is sandbox? " + processRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in processRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes processRes2 = processHelper.checkProcessDll();
            Console.WriteLine("   [-] Check if specific libraries are loaded in the process address space");
            Console.WriteLine("     [*] Is sandbox? " + processRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in processRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes processRes3 = processHelper.checkNProcess();
            Console.WriteLine("   [-] Check number of processes");
            Console.WriteLine("     [*] Is sandbox? " + processRes3.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in processRes3.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            NetworkHelpers networkHelper = new NetworkHelpers();

            Console.WriteLine("[+] Network detection methods");
            Generic.SandboxRes networkRes1 = networkHelper.checkMac();
            Console.WriteLine("   [-] Check if MAC address is specific");
            Console.WriteLine("     [*] Is sandbox? " + networkRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in networkRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes networkRes2 = networkHelper.checkAdapterName();
            Console.WriteLine("   [-] Check if adapter name is specific");
            Console.WriteLine("     [*] Is sandbox? " + networkRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in networkRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes networkRes3 = networkHelper.checkIP();
            Console.WriteLine("   [-] Check if network belongs to security perimeter");
            Console.WriteLine("     [*] Is sandbox? " + networkRes3.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in networkRes3.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes networkRes4 = networkHelper.checkCuckoo();
            Console.WriteLine("   [-] Cuckoo ResultServer connection based anti-emulation technique");
            Console.WriteLine("     [*] Is sandbox? " + networkRes4.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in networkRes4.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.WriteLine();
            Hardware hwHelper = new Hardware();

            Console.WriteLine("[+] Hardware info detection methods");
            Generic.SandboxRes hwRes1 = hwHelper.checkHdName();
            Console.WriteLine("   [-] Check if HDD has specific name");
            Console.WriteLine("     [*] Is sandbox? " + hwRes1.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in hwRes1.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes hwRes2 = hwHelper.checkHdVendor();
            Console.WriteLine("   [-] Check if HDD Vendor ID has specific value");
            Console.WriteLine("     [*] Is sandbox? " + hwRes2.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in hwRes2.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }
            Generic.SandboxRes hwRes3 = hwHelper.checkAudio();
            Console.WriteLine("   [-] Check if CPU temperature information is available");
            Console.WriteLine("     [*] Is sandbox? " + hwRes3.isSandbox.ToString());
            foreach (Generic.SandboxTag tag in hwRes3.tagList)
            {
                Console.WriteLine("       Tag: {0} -> {1}", tag.tag, tag.query);
            }

            Console.ReadLine();
        }

コード例 #5

 internal void TestGetBundleVersionReturnsNullOnInvalidDisplayNames(string displayName)
 {
     RegistryQuery.GetBundleVersion(displayName, string.Empty, string.Empty)
     .Should()
     .BeNull();
 }