コード例 #1
0
ファイル: PacketAnalyzer.cs プロジェクト: pande88/votchina
 private static void GetVmStatus(String machineName)
 {
     MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     _client.Send(packet.ToByteArray());
 }
コード例 #2
0
ファイル: Client.cs プロジェクト: alexkasp/monitor
 private void GetVmStatus(Int32 id)
 {
     String machineName = VmManager.GetVmName(id);
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     _client.Send(packet.ToByteArray());
 }
コード例 #3
0
ファイル: CreateVLir.aspx.cs プロジェクト: alexkasp/monitor
 protected void BtnCreateClick(object sender, EventArgs e)
 {
     LValidation.Visible = false;
     if (tbLir.Text != String.Empty)
     {
         String newName = (tbLir.Text).Replace(" ", "_");
         if (!IsNameInBase(newName))
         {
             Vm etalon = VmManager.GetVm(Convert.ToInt32(cbEtalon.Value));
             String etalonName = etalon.Name;
             Int32 etalonEnvType = Convert.ToInt32(etalon.EnvType);
             VmManager.AddVm(newName, 2, etalon.System, UserId, etalonEnvType);
             Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
             packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
             packet.AddParameter(Encoding.UTF8.GetBytes(newName));
             SendPacket(packet.ToByteArray());
             //Vm newVm = VmManager.GetVm(newName);
             VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
             Response.Redirect("~/Pages/Information/Resources.aspx");
         }
         else
         {
             LValidation.Visible = true;
             LValidation.ForeColor = System.Drawing.Color.Red;
             LValidation.Text = "Такое имя уже сущеcтвует!";
         }
     }
     else
     {
         LValidation.Visible = true;
         LValidation.ForeColor = System.Drawing.Color.Red;
         LValidation.Text = "Имя не может быть пустым!";
     }
 }
コード例 #4
0
ファイル: MainForm.cs プロジェクト: pande88/votchina
        public static void StopResearch(string id)
        {
            Int32 researchId = Convert.ToInt32(id);
            //Приведение таблтцы [dbo].[events] в актуальное состояние
            //int res1 = ResearchManager.UpdateEnents(researchId);
            if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.EXECUTING)
            {
                SandBox.Db.Research research = ResearchManager.GetResearch(researchId);
                MLogger.LogTo(Level.TRACE, false, "Stop research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by stop event '");
                ResearchManager.UpdateResearchState(researchId, ResearchState.COMPLETING);

                //Останаливаем виртуалку
                String machineName = VmManager.GetVmName(research.VmId);
                Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
                SendPacket(packet.ToByteArray());

                //Добавил---
                ResearchManager.UpdateResearchStopTime(research.Id);
                ResearchManager.UpdateResearchState(research.Id, ResearchState.COMPLETED);
                //----------
                int res1 = ResearchManager.UpdateEnents(researchId);
            }
            else
            {
                MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to stop research '" /*+ ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research already stopped"*/);
            }
            //Приведение таблтцы [dbo].[events] в актуальное состояние
            int res = ResearchManager.UpdateEnents(researchId);
        }
コード例 #5
0
ファイル: Resources.aspx.cs プロジェクト: alexkasp/monitor
 public static void StartVm(Int32 id)
 {
     String machineName = VmManager.GetVmName(id);
     Debug.Print("Start vm: " + machineName);
     Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
     SendPacket(packet.ToByteArray());
 }
コード例 #6
0
ファイル: History.aspx.cs プロジェクト: alexkasp/monitor
 public static void FolowMalware(string id)
 {
     Int32 malwareId = Convert.ToInt32(id);
     String malwarePath = MlwrManager.GetPath(malwareId);
     Packet packet = new Packet { Type = PacketType.OBJECT_FOLLOW, Direction = PacketDirection.REQUEST };
     packet.AddParameter(new byte[] { 0x02 });
     packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
     _client.Send(packet.ToByteArray());
 }
コード例 #7
0
ファイル: ReportList.aspx.cs プロジェクト: pande88/votchina
        protected void BtnGetClick(object sender, EventArgs e)
        {
            var research = ResearchManager.GetResearch(UserId, Rs.ResearchName);
            if (research == null) return;
            Session["researchId"] = research.Id;

            // UpdatePanelReports.Visible = true;
            gridViewReports.DataSource = ReportManager.GetReports(Convert.ToInt32(Session["researchId"]));
            gridViewReports.DataBind();

            linkGetTraffic.NavigateUrl = "javascript;";
            if (research.TrafficFileReady == (Int32)TrafficFileReady.COMPLETE)
            {
                String link = research.TrafficFileName;
                linkGetTraffic.NavigateUrl = link;
                linkGetTraffic.Visible = true;
                linkGetTraffic.Enabled = true;
                ASPxButton1.Visible = false;
            }

            // это наверно не надо, не пойму зачем тут этот код у него вставлен

                        //String path = Request.Path;
                        //String root = path.Substring(0, path.LastIndexOf("/"));
                        //linkGetProcessList.NavigateUrl = root + "/ProcessList.aspx?research=" + research.Id;
                        //linkGetRegistryList.NavigateUrl = root + "/RegistryList.aspx?research=" + research.Id;
                        //linkGetFileList.NavigateUrl = root + "/FileList.aspx?research=" + research.Id;

            //*/
            if (research.TrafficFileReady == (Int32)TrafficFileReady.NOACTION)
            {
                var researchVmData = ResearchManager.GetResearchVmData(research.ResearchVmData);
                if (researchVmData == null) return;

                String ip = researchVmData.VmEnvIp;
                String beginTime = research.StartedDate.HasValue ? research.StartedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");
                String endTime = research.StoppedDate.HasValue ? research.StoppedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");

                Packet packet = new Packet { Type = PacketType.CMD_LOAD_TRAFFIC, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(ip));
                packet.AddParameter(Encoding.UTF8.GetBytes(beginTime));
                packet.AddParameter(Encoding.UTF8.GetBytes(endTime));
                SendPacket(packet);

                String filename = ip + beginTime + ".pcap";
                ResearchManager.UpdateTrafficInfo(research.Id, TrafficFileReady.EXECUTING, filename);

            }
            ASPxButton1.Enabled = false;
            ASPxButton1.Text = "Запрос на получение трафика отправлен";

            gridViewReports.DataSource = ResearchManager.GetEventsForRsch(Rs.Id);
            var newPageSize = (Int32)CBPagingSize.SelectedItem.Value;
            gridViewReports.SettingsPager.PageSize = newPageSize;
            gridViewReports.DataBind();
        }
コード例 #8
0
ファイル: History.aspx.cs プロジェクト: alexkasp/monitor
 protected void BtnLoadClick(object sender, EventArgs e)
 {
     Int32 malwareId = Convert.ToInt32(Session["malwareId"]);
     if (malwareId == 0) return;
     String malwarePath = MlwrManager.GetPath(malwareId);
     Packet packet = new Packet { Type = PacketType.MALWARE_LOAD, Direction = PacketDirection.REQUEST };
     packet.AddParameter(new byte[] { 0x02 });
     packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
     _client.Send(packet.ToByteArray());
 }
コード例 #9
0
ファイル: MalwareCard.aspx.cs プロジェクト: alexkasp/monitor
 protected void ASPxButton2_Click(object sender, EventArgs e)
 {
     var mlwr = MlwrManager.GetMlwr(mlwrID);
     string outFileName = String.Format("{0}_inetCheck.report", mlwrID);
     Packet packet = new Packet { Type = PacketType.CDM_MLWR_NETCHECK, Direction = PacketDirection.REQUEST };//CDM_MLWR_NETCHECK   = 0xD8 Отправить впо на проверку в инет
     packet.AddParameter(Encoding.UTF8.GetBytes(String.Format("{0}",mlwrID)));
     packet.AddParameter(Encoding.UTF8.GetBytes(outFileName));
     packet.AddParameter(Encoding.UTF8.GetBytes(mlwr.Name));
     SendPacket(packet.ToByteArray());
     Timer1.Enabled = true;
     ASPxButton2.Enabled = false;
 }
コード例 #10
0
ファイル: Resources.aspx.cs プロジェクト: pande88/votchina
        public static void StopVm(Int32 id)
        {
            Vm vm = VmManager.GetVm(id);

            if (vm != null)
            {
                Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
                SendPacket(packet.ToByteArray());

                if (vm.EnvType == 0)
                    TryDeleteVm(vm.Id);
            }
        }
コード例 #11
0
ファイル: Reports.aspx.cs プロジェクト: alexkasp/monitor
        protected void BtnGetClick(object sender, EventArgs e)
        {
            var research = ResearchManager.GetResearch(UserId, cbResearch.Text);
            if (research == null) return;
            Session["researchId"] = research.Id;
            try
            {
                Session["rsch"] = research.Id;
            }
            catch
            {
                Session.Add("rsch", research.Id);
            }
            UpdatePanelReports.Visible = true;
            gridViewReports.DataSource = ReportManager.GetReports(Convert.ToInt32(Session["researchId"]));
            gridViewReports.DataBind();

            linkGetTraffic.NavigateUrl = "javascript;";
            if (research.TrafficFileReady == (Int32)TrafficFileReady.COMPLETE)
            {
                String link = research.TrafficFileName;
                linkGetTraffic.NavigateUrl = link;
            }

            String path = Request.Path;
            String root = path.Substring(0, path.LastIndexOf("/"));
            linkGetProcessList.NavigateUrl = root + "/ProcessList.aspx?research=" + research.Id;
            linkGetRegistryList.NavigateUrl = root + "/RegistryList.aspx?research=" + research.Id;
            linkGetFileList.NavigateUrl = root + "/FileList.aspx?research=" + research.Id;

            if (research.TrafficFileReady == (Int32)TrafficFileReady.NOACTION)
            {
                var researchVmData = ResearchManager.GetResearchVmData(research.ResearchVmData);
                if (researchVmData == null) return;

                String ip = researchVmData.VmEnvIp;
                String beginTime = research.StartedDate.HasValue ? research.StartedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");
                String endTime = research.StoppedDate.HasValue ? research.StoppedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");

                Packet packet = new Packet { Type = PacketType.CMD_LOAD_TRAFFIC, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(ip));
                packet.AddParameter(Encoding.UTF8.GetBytes(beginTime));
                packet.AddParameter(Encoding.UTF8.GetBytes(endTime));
                SendPacket(packet);

                String filename = ip + beginTime + ".pcap";
                ResearchManager.UpdateTrafficInfo(research.Id, TrafficFileReady.EXECUTING, filename);
            }
        }
コード例 #12
0
ファイル: ReportList.aspx.cs プロジェクト: alexkasp/monitor
        public static void AskPCAPFile(Int32 researchId)
        {
            var research = ResearchManager.GetResearch(researchId);
            var researchVmData = ResearchManager.GetResearchVmData(research.ResearchVmData);
            if (researchVmData == null) return;

            String ip = researchVmData.VmEnvIp;
            String beginTime = research.StartedDate.HasValue ? research.StartedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");
            String endTime = research.StoppedDate.HasValue ? research.StoppedDate.Value.ToString("yyyy-MM-dd HH':'mm':'ss") : DateTime.Now.ToString("yyyy-MM-dd HH':'mm':'ss");

            Packet packet = new Packet { Type = PacketType.CMD_LOAD_TRAFFIC, Direction = PacketDirection.REQUEST };
            packet.AddParameter(Encoding.UTF8.GetBytes(ip));
            packet.AddParameter(Encoding.UTF8.GetBytes(beginTime));
            packet.AddParameter(Encoding.UTF8.GetBytes(endTime));
            SendPacket(packet);

            String filename = ip + beginTime + ".pcap";
            ResearchManager.UpdateTrafficInfo(research.Id, TrafficFileReady.EXECUTING, filename);
        }
コード例 #13
0
ファイル: PacketAnalyzer.cs プロジェクト: pande88/votchina
 public static void AnalyzeReceived(Packet packet, ConnectionClientEx client)
 {
     _client = client;
     switch (packet.Type)
     {
         case PacketType.ANS_VM_START:       OnReceiveVmStart(packet.GetParameters()); break;
         case PacketType.ANS_VM_STOP:        OnReceiveVmStop(packet.GetParameters()); break;
         case PacketType.ANS_VM_STATUS:      OnReceiveVmStatus(packet.GetParameters()); break;
         case PacketType.ANS_VM_CREATE:      OnReceiveVmCreate(packet.GetParameters()); break;
         case PacketType.ANS_LOAD_MALWARE:   OnReceiveMalwareLoad(packet.GetParameters()); break;
         case PacketType.ANS_SET_TARGET:     OnReceiveSetTarget(packet.GetParameters()); break;
         case PacketType.ANS_REPORT:         OnReceiveReport(packet.GetParameters()); break;
         case PacketType.ANS_SET_OBJECT:     OnReceiveSetObject(packet.GetParameters()); break;
         case PacketType.ANS_VM_READY:       OnReceiveVmReady(packet.GetParameters()); break;
         case PacketType.ANS_VM_COMPLETE:    OnReceiveVmComplete(packet.GetParameters()); break;
         case PacketType.ANS_LOAD_TRAFFIC:   OnReceiveLoadTraffic(packet.GetParameters()); break;
         case PacketType.ANS_VM_NEWCREATE: OnReceiveVmCreateEvent(packet.GetParameters()); break;
     }
 }
コード例 #14
0
ファイル: Resources.aspx.cs プロジェクト: alexkasp/monitor
        public static void StopVm(Int32 id)
        {
            Vm vm = VmManager.GetVm(id);

            if (vm != null)
            {
                if (vm.EnvType == (int)VmManager.LIRType.LIR)
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_STOP_LIR, Direction = PacketDirection.REQUEST };
                    byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
                    packet.AddParameter(new[] { envIdBytes[0] });
                    SendPacket(packet.ToByteArray());
                }
                else
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
                    packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
                    SendPacket(packet.ToByteArray());
                    if (vm.EnvType == 0) TryDeleteVm(vm.Id);
                }
            }
        }
コード例 #15
0
ファイル: CommandForm.cs プロジェクト: alexkasp/monitor
        private void BtnEventReportClick(object sender, EventArgs e)
        {
            Int32 envId = Convert.ToInt32(tbEnvId.Text);
            Int32 modId = Convert.ToInt32(tbModId.Text);
            Int32 actId = Convert.ToInt32(tbActId.Text);
            String obj  = tbObject.Text;
            String trgt = tbTarget.Text;

            byte[] objBt = Encoding.UTF8.GetBytes(obj);
            byte[] actBt = BitConverter.GetBytes(actId);
            byte[] trgBt = Encoding.UTF8.GetBytes(trgt);

            byte[] data = new byte[306];
            data[0] = (BitConverter.GetBytes(envId))[0];
            data[1] = (BitConverter.GetBytes(modId))[0];
            Buffer.BlockCopy(objBt, 0, data, 2, objBt.Length);
            Buffer.BlockCopy(actBt, 0, data, 102, 4);
            Buffer.BlockCopy(trgBt, 0, data, 106, trgBt.Length);

            Packet packet = new Packet {Type = PacketType.ANS_REPORT, Direction = PacketDirection.RESPONSE};
                   packet.AddParameter(data);
            _server.Send(Packet.ToByteArray(packet));
        }
コード例 #16
0
ファイル: Packet.cs プロジェクト: pande88/votchina
 public static byte[] ToByteArray(Packet message)
 {
     return message.ToByteArray();
 }
コード例 #17
0
ファイル: Current.aspx.cs プロジェクト: pande88/votchina
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало записи списка процессов в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 protected static void SendGetProcess(int id)
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_PROCESSES, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     SendPacket(packet1.ToByteArray());
 }
コード例 #18
0
ファイル: Current.aspx.cs プロジェクト: pande88/votchina
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало списка файлов в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 /// <param name="root">начальный каталог для получения списка файлов</param>
 protected static void SendGetFiles(int id, String root = "c:\\windows\\*")
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_FILES, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     packet1.AddParameter(Encoding.UTF8.GetBytes(root));
     SendPacket(packet1.ToByteArray());
 }
コード例 #19
0
 protected static void SendPacket(Packet packet)
 {
     _client.Send(Packet.ToByteArray(packet));
 }
コード例 #20
0
ファイル: Current.aspx.cs プロジェクト: pande88/votchina
 /// <summary>
 /// Отправка пакета с запросом для исследования на начало списка записей реестра в базу
 /// </summary>
 /// <param name="id">идентификатор исследования</param>
 /// <param name="subkey">подветка реестра (здесь уже если надо указать нужно писать строкой к примеру "Software")</param>
 /// <param name="rowStartKeyBytes">ветка реестра (0 - HKEY_CLASSES_ROOT, 1- HKEY_CURRENT_USER, 2 - HKEY_LOCAL_MACHINE, 3 - HKEY_USERS, 4 -HKEY_CURRENT_CONFIG;)</param>
 protected static void SendGetRegs(int id, String subkey = "",int rowStartKeyBytes = 2)
 {
     Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
     byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
     byte[] startKeyBytes = BitConverter.GetBytes(rowStartKeyBytes);
     Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_REGS, Direction = PacketDirection.REQUEST };
     packet1.AddParameter(new[] { envIdBytes[0] });
     packet1.AddParameter(new[] { startKeyBytes[0] });
     packet1.AddParameter(Encoding.UTF8.GetBytes(subkey));
     SendPacket(packet1.ToByteArray());
 }
コード例 #21
0
ファイル: Resources.aspx.cs プロジェクト: alexkasp/monitor
        private void GetVmStatus(Int32 id)
        {
            String machineName = VmManager.GetVmName(id);
            MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);

            VmManager.UpdateVmState(id, (Int32)VmManager.State.UPDATING);

            Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
            packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
            SendPacket(packet.ToByteArray());
        }
コード例 #22
0
ファイル: Current.aspx.cs プロジェクト: pande88/votchina
 /// <summary>
 /// Отправка пакета с информацией о паре id исследования и id среды
 /// </summary>
 /// <param name="rschId">id исследования</param>
 /// <param name="envId">id среды</param>
 protected static void SendInfoRschIdEnvId(int rschId, int envId)
 {
     Packet packet = new Packet { Type = PacketType.INF_RSCHID_ENVID, Direction = PacketDirection.REQUEST };
     byte[] rschIdBytes = BitConverter.GetBytes(rschId);
     byte[] envIdBytes = BitConverter.GetBytes(envId);
     packet.AddParameter(new[] { rschIdBytes[0] });
     packet.AddParameter(new[] { envIdBytes[0] });
     SendPacket(packet.ToByteArray());
 }
コード例 #23
0
ファイル: Resources.aspx.cs プロジェクト: alexkasp/monitor
        private static void TryDeleteVm(Int32 id)
        {
            String machineName = VmManager.GetVmName(id);
            Packet packet = new Packet { Type = PacketType.CMD_VM_DELETE, Direction = PacketDirection.REQUEST };
            packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
            SendPacket(packet.ToByteArray());

            VmManager.DeleteVm(id);
        }
コード例 #24
0
ファイル: Current.aspx.cs プロジェクト: pande88/votchina
        public static void StartResearch(string id)
        {
            Int32 researchId = Convert.ToInt32(id);

            if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.READY)
            {
                MLogger.LogTo(Level.TRACE, false, "Start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "'");
                ResearchManager.UpdateResearchState(researchId, ResearchState.STARTING);

                //**---------------------------------------
                Vm vm = VmManager.GetVm(ResearchManager.GetResearch(researchId).VmId);
                byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
                Mlwr mlwr = MlwrManager.GetMlwr(ResearchManager.GetResearch(researchId).MlwrId);

                Packet packet1 = new Packet { Type = PacketType.CMD_SET_TARGET, Direction = PacketDirection.REQUEST };
                packet1.AddParameter(new[] { envIdBytes[0] });
                packet1.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet1.ToByteArray());

                Packet packet2 = new Packet { Type = PacketType.CMD_SET_OBJECT, Direction = PacketDirection.REQUEST };
                packet2.AddParameter(new[] { envIdBytes[0] });
                packet2.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet2.ToByteArray());
                //***********************Посылаем пакет с иформацей о соответствии идентификатора среды и исследования
                //SendInfoRschIdEnvId(researchId, vm.EnvId);
                //****Установка дополнительных параметров

                IQueryable<Task> tasks = TaskManager.GetTasks(researchId);
                foreach (var task in tasks)
                {
                    Packet packet = new Packet {Direction = PacketDirection.REQUEST};

                    switch (task.Type)
                    {
                        case (Int32)TaskState.HIDE_FILE:
                            packet.Type = PacketType.CMD_HIDE_AND_LOCK;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.LOCK_FILE:
                            packet.Type = PacketType.CMD_LOCK_DELETE;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.HIDE_REGISTRY:
                            packet.Type = PacketType.CMD_HIDE_REGISTRY;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.HIDE_PROCESS:
                            packet.Type = PacketType.CMD_HIDE_PROCESS;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_SIGNATURE:
                            packet.Type = PacketType.CMD_SET_SIGNATURE;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_EXTENSION:
                            packet.Type = PacketType.CMD_SET_EXTENSION;
                            packet.AddParameter(new[] { envIdBytes[0] });
                            packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.SET_BANDWIDTH:
                            String ip = vm.EnvIp;
                            Int32 bandwidth = Convert.ToInt32(task.Value);
                            packet.Type = PacketType.CMD_SET_BANDWIDTH;
                            packet.AddParameter(Encoding.UTF8.GetBytes(ip));
                            packet.AddParameter(BitConverter.GetBytes(bandwidth));
                            SendPacket(packet.ToByteArray());
                            break;
                        case (Int32)TaskState.GET_PROCESS:
                            {
                                SendGetProcess(researchId);
                                break;
                            }
                        case (Int32)TaskState.GET_FILES:
                            {
                                SendGetFiles(researchId, task.Value);
                                break;
                            }
                        case (Int32)TaskState.GET_REGS:
                            {
                                Int32 key = Convert.ToInt32(task.Value.Substring(0,1));
                                string subKey = "";
                                if(task.Value.Length>1)
                                {
                                    subKey = task.Value.Substring(1, task.Value.Length-1);
                                }
                                SendGetRegs(researchId, subKey, key);
                                break;
                            }
                    }
                    //SendPacket(packet.ToByteArray());
                }

                //****
                Packet packet3 = new Packet { Type = PacketType.CMD_LOAD_MALWARE, Direction = PacketDirection.REQUEST };
                packet3.AddParameter(new[] { envIdBytes[0] });
                packet3.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
                SendPacket(packet3.ToByteArray());
                //**---------------------------------------

                ResearchManager.UpdateResearchState(researchId, ResearchState.EXECUTING);
                ResearchManager.UpdateResearchStartTime(researchId); //?? Должно быть выше
            }
            else
            {
                MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research not ready");
            }
        }
コード例 #25
0
ファイル: NewResearch.aspx.cs プロジェクト: pande88/votchina
        protected bool CreateOrStartVm(String VmName,String NewName)
        {
            Vm baseVm = VmManager.GetVm(VmName);

            if (baseVm.Type == 1)
            {

                String newName = NewName;//

                Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
                packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
                packet.AddParameter(Encoding.UTF8.GetBytes(newName));
                SendPacket(packet.ToByteArray());
                //Vm newVm = VmManager.GetVm(newName);
                VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
                return false;
            }
            else
            {
                if (baseVm.State == Convert.ToInt32(VmManager.State.STARTED))
                {
                    return true;
                }
                else
                {
                    Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
                    packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
                    SendPacket(packet.ToByteArray());
                    return false;
                }
            }
        }
コード例 #26
0
ファイル: CommandForm.cs プロジェクト: alexkasp/monitor
        private void BtnReadyReportClick(object sender, EventArgs e)
        {
            Int32 id = Convert.ToInt32(tb_1_id.Text);
            Int32 type = Convert.ToInt32(tb_1_type.Text);

            List<String> ipTetrStr = tb_1_ip.Text.Split('.').ToList();
            List<Int32> ipTetr = ipTetrStr.Select(i => Convert.ToInt32(i)).ToList();
            byte[] ipAddr = new[] { BitConverter.GetBytes(ipTetr[0])[0], BitConverter.GetBytes(ipTetr[1])[0], BitConverter.GetBytes(ipTetr[2])[0], BitConverter.GetBytes(ipTetr[3])[0] };
            byte[] macAddr = StringToByteArray(tb_1_mac.Text);

            byte[] data = new byte[12];
            data[0] = (BitConverter.GetBytes(id))[0];
            data[1] = (BitConverter.GetBytes(type))[0];
            Buffer.BlockCopy(ipAddr, 0, data, 2, 4);
            Buffer.BlockCopy(macAddr, 0, data, 6, 6);

            Packet packet = new Packet { Type = PacketType.ANS_VM_READY, Direction = PacketDirection.RESPONSE };
            packet.AddParameter(data);
            _server.Send(Packet.ToByteArray(packet));
        }
コード例 #27
0
ファイル: Client.cs プロジェクト: alexkasp/monitor
 private void BtnClientSendClick(object sender, EventArgs e)
 {
     Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(tbClientMessage.Text));
     _client.Send(packet.ToByteArray());
 }
コード例 #28
0
ファイル: Packet.cs プロジェクト: pande88/votchina
        public static Packet ToPacket(byte[] data)
        {
            using (MemoryStream ms = new MemoryStream(data))
            {
                BinaryReader br = new BinaryReader(ms);
                Packet message = new Packet
                                      {
                                          Type = (PacketType) br.ReadByte(),
                                          Direction = (PacketDirection) br.ReadByte()
                                      };
                br.ReadBytes(2);
                message.Id = new Guid(br.ReadBytes(16));
                Int32 dataLength = br.ReadInt32();
                byte[] paramsData = br.ReadBytes(dataLength);

                if (dataLength > 0)
                {
                    using (MemoryStream msParams = new MemoryStream(paramsData))
                    {
                        BinaryReader brParams = new BinaryReader(msParams);

                        while (brParams.PeekChar() != -1)
                        {
                            byte[] par = ReadParameter(brParams);
                            message.AddParameter(par);
                        }
                    }
                }

                return message;
            }
        }
コード例 #29
0
ファイル: Resources.aspx.cs プロジェクト: alexkasp/monitor
 private void CreateVm(String etalonName, String newName, Int32 type, Int32 system, Int32 userId)
 {
     VmManager.AddVm(newName, type, system, userId);
     UpdateTable();
     Packet packet = new Packet { Type = PacketType.VM_CREATE, Direction = PacketDirection.REQUEST };
     packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
     packet.AddParameter(Encoding.UTF8.GetBytes(newName));
     SendPacket(packet.ToByteArray());
 }